Release Date: May 31, 2020
Welcome to version 4.12 of our NetEye v4 Unified Monitoring Solution.
Summer is coming and NetEye changes look accordingly: you’ll be greeted by a relaxing image of one of the most characteristic perspectives of South Tyrol, the lago di Carezza/Karersee with the Latemar reflecting in its crystal clear waters.
The complete changelog, which includes all fixed issues, can be generated on demand by following the instructions in the updated NetEye documentation.
To begin the upgrade, please follow the instructions in your current NetEye version at User Guide > Upgrading and Updating.
While analyzing an SLM Availability Report, from now on, the events which have directly impacted the availability are shown with precision in the monitoring “Event Overview” by clicking on the availability percentage.
From this release on, the new NetEye ntopng subscription is available. ntopng is a powerful tool to monitor network traffic usage in your network and supports now Cybersecurity scripts for alerting. Additionally, you will be able to receive flows (NetFlow, sFlow, JFlow, IPFIX), from network devices or other nProbe instances (e.g. nboxes) already present in your network to get all monitoring data centralized in NetEye for future correlations.
In this version, the Tornado GUI will allow you to change the Tornado configuration right from the Graphical User Interface. Users with the new “Edit” permission will be able to edit the Nodes of the Processing Tree, and Rules of RuleSets. To do this we introduced configuration “Drafts” which are created based on the current Tornado configuration, and are bound to the user that created them.
The Draft concept allows the Tornado Configuration to be edited without affecting the current “live” configuration of Tornado, until they are either discarded or deployed as new “live” configuration, which happens as “hot” deployment, without the need to restart Tornado.
It shall not end here, we will continue to improve the Tornado GUI with each NetEye release to bring you the best possible User Experience.
To achieve a smooth and successful NetEye release upgrade, the evaluation of the mandatory pre-requisites is fundamental.
With the new NetEye version 4.12, we provided the first building blocks of an automated upgrade procedure. To help the user during the NetEye upgrade, health checks, cluster statuses, and latest installed bug fixes are automatically controlled before configuring the yum repositories of the new release. Detailed information is provided in the specific upgrade documentation from 4.11 to 4.12 in the User Guide > Upgrading and Updating.
The SLM module now offers the ability to support multi-tenancy by restricting the SLM configuration view based on user role. To achieve this, we have implemented the role level restriction in SLM module, so a user can only access the SLM Customers/Contracts (both availability and resource) and configure a monitoring object in the availability contract, based on the role assigned to the user. The only exception is a user with the Administrative Access, who can access everything.
With the new NetEye version 4.12, it is possible to filter and re-order alphabetically all the roles visible in the Configuration > Authentication > Roles section of NetEye.
The check command name is now passed as a parameter in the Performance Graph link; with this new data, it becomes easier for a user to create and display a custom dashboard based on the command name.
From this release it will be easier to associate each displayed host with its properties.
Each row in the detailed information table now represents a host with all its properties shown next to it.
Tornado now supports the following new operators, which make Tornados Rules and Filters more powerful.
The NOT operator can be used to negate the result of another operator, allowing you to elegantly match events by stating a condition that must match and negating it.
ne operator allows to match an event where a field is not equal to a single value. This is a convenience function for the combination of the the
NOT and the
Instead, in scenarios where you expect any text content to be present in an event, but you can not know if the text will be in uppercase or lowercase, the new operators
containsIgnoreCase will permit you to match text regardless of the letter case.
The installation of the preview software has been restructured and simplified. In fact, both Lampo and Tornado can now be installed as groups of packages as it is normally done for the NetEye feature modules.
Additional information can be found under User Guide > Initial Configuration > Install Additional Modules.
We added a preview of the feature that allows the users to filter the monitored objects or to avoid to see the soft state in the Problems View. The filter rule can be set by a specific user role. The installation of this preview must be done accordingly to the consulting or to the support teams.
In this release we introduced the support for a secure, TLS-based, multi-tenancy.
It is thus possible to create self-contained, isolated communications from multiple clients to a single server, that will then process independently all data streams.
Each satellite can forward data to a centralized server thanks to a NATS leaf node, configured to add authentication, and a security layer to the data to prevent any third-party interception.
We upgraded Telegraf to version 1.14.1, which supports secured NATS connections.
Some configuration options are changed or deprecated:
http_listenerinput plugin has been renamed to
uptime_formatfield in the system input has been deprecated, use the
elasticsearch_indicesmeasurement into the new
prometheus_clientoutput have a new mapping to
metric_version = 2.
sqlserver_azurestatsmeasurement has been
dateprocessor now uses the UTC timezone when creating its tag.
With this release, NetEye users can now use the full feature set of Elastic Platinum Subscription. Now also Canvas, Beat central management, and other platinum features are fully available.
The migration to the new Elastic X-Pack Security permissions will completely remove any Search Guard configuration. Search Guard configurations, however, will be backed up to avoid any potential migration problem.
To upgrade a NetEye 4.11 SIEM and Log Manager installation to NetEye 4.12, a full Elasticsearch cluster restart is required and therefore downtime may occur. Please refer to the User Guide > Upgrading and Updating for further information and for the complete Upgrade procedure.
After the introduction of Elastic X-Pack Security, we updated the Single Sign-On feature of the icingaweb2-module-kibana in order to make it compatible with the new Elastic authentication and authorization methods. The users’ Kibana Roles are configurable in a centralized manner, by mapping them to one or more Roles in the NetEye User Management.
User Guide now includes Elastic Stack performance tuning tips to improve the performance and the responsiveness of your NetEye 4 SIEM.
Additional information can be found under User Guide > Log Manager and SIEM > Log Analytics (Elastic Stack) Performance Tuning.
We also added some tips in the User Guide > NetEye – Core libraries and customizations > Resource Tuning section which will help to manage the performance of the Icingaweb2 Graphical User Interface in high load environments to improve.
We updated the NetEye base OS packages from CentOS minor version 7.7.1908 to 7.8.2003, which are now available for all NetEye 4 Versions.
In the NetEye 4.12 release, Icinga2 has been upgraded to version 2.11.3. In this new version, Zones created within the Icinga Director are not supported anymore and need to be migrated to a file-based configuration. Please refer to the official Icinga documentation for directions on how to save your configuration into files.
Elastic Stack from 7.5.1 to 7.6.2, which brings many interesting features like:
Refer to the Elasticsearch Release Note for more information on the new improvements
Icingaweb2 Module vSphereDB from 1.0.3 to 1.1.0