13. 03. 2020 Luca Franzoi Log Management, Log-SIEM, NetEye, Unified Monitoring

Bug discovered on NetEye module logmanagement and SIEM

A bug has been discovered on NetEye modules logmanagement and SIEM.
If affected, rsyslog directories on system might be created with wrong permissions causing Logstash to be unable to load log lines of some hosts inside Elasticsearch. Users might also receive an error message trying to check signatures for some hosts inside Logmanager Log Check.
All NetEye systems with neteye-logmanagement or netey-siem modules installed might be affected .

To check your system run following command:

find /neteye/shared/rsyslog/data/ -not -perm 770 -type d -exec ls -lad {} \; | grep "dr-------T."

If the provided command returns some results your system is affected.
Please apply the following workaround to fix it until an official bug-fix is provided:

  1. Run command: crontab –e
  2. Add following line:
    30 00 * * * /usr/bin/find /neteye/shared/rsyslog/data/ -not -perm 770 -a -not -perm 750 -type d -exec /usr/bin/chmod 770 {} \; > /dev/null
  3. Save the file

Previous steps must be executed on every NetEye node.

If you need further information, or experience some problem applying the fix, feel free to contact our support team using one of the following options:

Luca Franzoi

Luca Franzoi

Service & Support Engineer at Würth Phoenix

Author

Luca Franzoi

Latest posts by Luca Franzoi

14. 01. 2020 NetEye, Unified Monitoring
Using Nmap as an Import Source for NetEye 4
10. 12. 2019 Downloads / Release Notes, ITOA, NetEye, Unified Monitoring
Grafana User Management Deprecation in NetEye 4.10
03. 09. 2019 Downloads / Release Notes, NetEye
Security Fix for NetEye 3.17
27. 11. 2017 Uncategorized
EriZone – Security Advisory
27. 11. 2017 Downloads / Release Notes, Service Management
EriZone – Security Advisory
See All

Related Content

Tags: , , ,

01. 09. 2020 Icinga Web 2, NetEye

NetPye: how to use a RaspberryPi as NetEye Satellite

This article explains how to set up a NetEye4 satellite using a Raspberry Pi. This is not an official guide and this solution is not officially supported. As test-bed I used a Raspberry Pi 4B with 4GB of ram, 32GB Read More
20. 08. 2020 NetEye, Unified Monitoring

Understand Which Agents you Need to Upgrade

As you may already know, starting with version 4.12 NetEye 4 upgraded its Icinga 2 engine from version 2.10.5 to version 2.11.3. At every training session, I always emphasize this rule: Icinga 2 Master Instance version >= Icinga 2 Satellite Read More
19. 08. 2020 Icinga Web 2, NetEye

NetEye 4 Template Library (NTL) and Icinga Template Library

NetEye4 provides the Icinga Template Library and includes several plugins ready for use. The Icinga Template Library (ITL) implements standard templates and object definitions which allows for the very quick and effective use of plugins. These definitions are read-only and Read More
18. 08. 2020 Log-SIEM

Why NetEye SIEM?

As the number of cybercrime events, incidents of identity theft, theft of intellectual property, and cyberattacks continue to rise, there is an increasing need to provide adequate network security to defend against these types of threats to organizations. Defending against Read More
01. 07. 2020 NetEye

NetEye Agent: a New Daemon for Supervising the NetEye Installation

Beginning in NetEye 4.12 we introduced the neteye upgrade command, which enables NetEye users to automatically and safely perform a number of tasks needed to complete a NetEye upgrade, both in single instance environments as well as in cluster environments Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

Search by technology

Contact

Contact us
Serviceportal
net.support@wuerth-phoenix.com

Subscribe to Feed

Article     Comments
Insert your E-Mail address:

Archive