01. 02. 2021 Thomas Forrer Downloads / Release Notes, NetEye, Unified Monitoring

NetEye 4.16 Release Notes

Welcome to version 4.16 of our NetEye v4 Unified Monitoring Solution.

A difficult and tough year for everyone has gone, leaving us with uncertainty, some thoughts, and lots of hope for the new year.
NetEye welcomes the new year and its new release with a snow-covered view of the Alpe di Siusi/Seiseralm, for a glimpse of serenity and peace in these grueling days.

General

Improvements

Voting Only Node

NetEye now supports out of the box an additional Voting Only Node, which acts as a tie-breaker in two-node (or any even number of nodes) cluster installations to avoid split brains, that can lead to data or service inconsistencies. For more info about the NetEye 4 Voting Only node you can read this article.

Furthermore, NGINX Elasticsearch load-balancing configuration is now aware of the presence of a voting-only node in the NetEye cluster.

Upgrade

In this release, we extended the NetEye automated upgrade procedure to support voting-only NetEye cluster nodes, thus reducing the manual steps required to upgrade this kind of node.

The neteye upgrade command now installs the RPMs of the new NetEye version also on voting-only nodes, and the NetEye agent and the NetEye health checks have been both extended to support voting-only nodes.

Detailed information is provided in the specific upgrade documentation from 4.15 to 4.16 in the User Guide > Upgrading and Updating [verify this location when releasing].

Module Updates

CentOS update to version 7.9.2009

We updated the NetEye base OS packages from CentOS minor version 7.8.2003 to 7.9.2009, which are now available for all NetEye 4 Versions.

Further information can be found at the following link: https://wiki.centos.org/Manuals/ReleaseNotes/CentOS7.2009

Monitoring – Detection

Improvements

Command Orchestrator

Icinga2 packages that allow using all the functionalities of NetEye 4 (such as Command Orchestrator and Shutdown Manager) are now available not only in form of RPM but also for different operating systems, like Debian derivatives or Windows. These packages are available in the NetEye repositories.

More information on the installation of the packages can be found in the User Guide > Initial Configuration > Icinga2 packages.

Event Overview

We updated Icingaweb to version 2-2.8.2_neteye1.81.0-1. We have modified the default filter of event overview to ‘timestamp>=-7 days&timestamp<=now’. This modification will filter the events list in the last 7 days.

ITOA – Telemetry

Improvements

Telegraf – Upgrade

We updated telegraf version 1.14.1 to 1.16.3. This update contains the most recent Telegraf Input, Output, Processor and Aggregator plugins as well the latest bug fixes and the new custom programmatic metric processing language Starlark (Full Changelog Here).

Visualization Improvements (Grafana)

ITOA based on Grafana is now shipped with a completely new theme based on Carbon Design System. The default ITOA theme for NetEye 4.16 will be the dark one. For an improved user experience, the ITOA module is now opening in a new tab, leading the user directly to a “wide screen” mode.

SIEM – Log Management

Module update

Elastic Stack upgrade to version 7.10

We upgrade Elastic Stack from 7.9.1 to 7.10.1, which brings:

  • Elasticsearch performance improvements and space improvements up to 10% using a new stored field compression, and also functional and usability enhancements.
  • Event Query Language (EQL) is included in Elasticsearch as a beta feature.
  • Kibana Lens is now generally available.
  • New connectors integration with Jira.
  • Better integration between maps and dashboards.

Refer to the Elastic Stack Release notes for additional information:

Deprecation

The Snapshot and Restore functionalities provided by Elasticsearch and Kibana are the best options to manage SIEM backup. As a consequence the Elasticsearch backup scripts (User Guide > System Configuration > Elasticsearch backup) provided in NetEye are deprecated, and they will be removed in the next release.

Thomas Forrer

Thomas Forrer

Team Leader Research & Development at Würth Phoenix
Hi folks! I began loving computer since 1994, it was still the time of windows 3.1. Immediately I learned starting DOS games from the command promt, and while typing some white text on black background I felt like some hackish dude in a hollywoodian movie. Later during the studies at the university, I discovered the magic world of opensource, and it was love at first sight. Finally I got rid of BSOD's =) I love everything that is connected to some network, especially in a security perspective. My motto is: "With motivation, nothing is impossibile. It only requires more time."

Author

Thomas Forrer

Hi folks! I began loving computer since 1994, it was still the time of windows 3.1. Immediately I learned starting DOS games from the command promt, and while typing some white text on black background I felt like some hackish dude in a hollywoodian movie. Later during the studies at the university, I discovered the magic world of opensource, and it was love at first sight. Finally I got rid of BSOD's =) I love everything that is connected to some network, especially in a security perspective. My motto is: "With motivation, nothing is impossibile. It only requires more time."

Leave a Reply

Your email address will not be published.

Archive