Blog Entries

30. 09. 2021 Damiano Chini Development, NetEye

Tornado: Tracing

How can we allow a Tornado administrator to successfully track down the flow of an event through Filters, Rules and Actions of Tornado, if Tornado is processing thousands of events per second? Tornado administrators can have a hard time reading Tornado logs to understand why for example an action error comes from. Take this log…

Read More
24. 09. 2021 Alessandro Valentini Bug Fixes, NetEye

Bug Fixes for NetEye 4.19

We fixed a bug which prevents nats-server to automatically start after reboot on NetEye Satellites. For NetEye 4.19 we updated the following packages: nats-server and nats-server-autosetup to version2.5.0_neteye1.12.3-1

Read More
23. 09. 2021 Massimo Giaimo Exposure Assessment, SEC4U

Exposure Assessment: straight to the point!

In this second post on the Exposure Assessment topic we start from the end! We have just put into production, within our OSINT & Cyber Threat Intelligence SATAYO platform, an internal search engine that aims to simplify the research of evidences within the platform itself. This is a development that has been particularly requested by…

Read More
21. 09. 2021 Alessandro Valentini Bug Fixes, NetEye

Bug Fixes for NetEye 4.19

We fixed multiple bugfixes related to telegraf and nats-server: A security issue related to the nats-user telegraf, now the user has been replaced with two different users telegraf_ro and telegraf_wo in order to improve security An issue that restricts telegraf consumers to write metrics from the master subject to INFLUX A new telegraf consumer which…

Read More
20. 09. 2021 Thomas Forrer ctf-writeups, SEC4U

RomHack CTF 2021: table of contents writeup

In Wuerth Phoenix, we recently introduced a security focused guild, and decided to attend our first security CTF (Capture The Flag) challenge: RomHack CTF 2021. After panicking initially (there were really difficult challenges!) we stayed calm, and managed to solve the table of contents challenge in the ‘pwn’ category, that made our team finish at…

Read More
19. 09. 2021 Rocco Pezzani ITOA, NetEye, Unified Monitoring

Understanding Instability in a Monitored Environment

Whenever a new monitoring project gets underway, a consultant discusses with the customer about almost any related topic: what needs to be monitored, how to monitor it, when to implement it, how to represent performance data, etc. Based on customer needs and desires, any sort of implementation strategy can be planned, but almost all of…

Read More
17. 09. 2021 Attilio Broglio NetEye, Unified Monitoring

Monitor Cisco APIC (Application Policy Infrastructure Controller) in NetEye4

Introduction The Cisco APIC is the main architectural component of Cisco ACI. It’s the unified point of automation and management for the Cisco ACI fabric, policy enforcement, and health monitoring, and it optimizes performance and agility. In this article we’ll integrate this solution into the NetEye platform using a simple and customizable approach Solution The…

Read More
14. 09. 2021 Dominik Gramegna Development, Icinga Web 2, NetEye, PHP

Personal Impressions on Creating Custom Icinga Web 2 Modules

In my second and last blog I want to talk about the procedure for writing Icinga Web 2 modules (icingaweb2-modules) for NetEye. This will be my last blog because as of today, I will sadly leave this company. In my short time here I’ve had the occasion to learn the art of making own Icinga…

Read More
14. 09. 2021 Damiano Chini Bug Fixes, NetEye

Bug Fixes for NetEye 4.19

We fixed a bug that caused the yum groups “neteye” and “neteye-tools” to not being marked as installed on some NetEye instances. For NetEye 4.19 we updated the following packages: neteye-setup to version 1.75.1-1

Read More
10. 09. 2021 Mattia Codato Bug Fixes, NetEye

Bug Fixes for NetEye 4.19

We fixed a bug that caused the ES_CLUSTER_INITIAL_MASTER variable to be overwritten when a new Elastic-only node was added to the cluster. For NetEye 4.19 we updated the following packages: apm-server, apm-server-autosetup, apm-server-neteye-config, elasticsearch, elasticsearch-autosetup, elasticsearch-neteye-config, elasticsearch-xpack-license, filebeat, filebeat-autosetup, filebeat-neteye-config, kibana, kibana-autosetup, kibana-neteye-config, logstash, logstash-autosetup, logstash-neteye-config, logstash-neteye-config-autosetup to version 7.12.1_neteye3.30.3-1

Read More
09. 09. 2021 Bharat Bisht Bug Fixes, NetEye

Bug Fixes for NetEye 4.19

We fixed a bug in the Analytics Module that sometimes failed to render a custom dashboard correctly. We fixed also a bug in the ntopng SSO that didn’t allow the users with the “.” (dot) contained in the username to log in correctly. For NetEye 4.19 we updated the following packages: icingaweb2-module-analytics, icingaweb2-module-analytics-autosetup to version…

Read More
07. 09. 2021 Alessandro Valentini Bug Fixes, Log-SIEM, NetEye

Bug Fixes for NetEye 4.19

We fixed two bugs in Logstash: an issue related to corrupted jvm.options configuration files, which prevents Logstash from starting properly a pipeline bug will cause Logstash to index every time in the same index which will grow up infinitely if a proper rollover template is not defined For NetEye 4.19 we updated the following packages:…

Read More
07. 09. 2021 Gianluca Piccolo Bug Fixes, NetEye

Bug Fixes for NetEye 4.19

We fix a userguide bug about the procedure to migrate the Nats Server to a supported configuration. For NetEye 4.19 we updated the following packages: nats-server and nats-server-autosetup to version 2.1.7_neteye1.12.1-1

Read More
03. 09. 2021 Valentina Da Rold Bug Fixes, NetEye

Bug Fixes for NetEye 4.19

We updated Icingaweb2 to the latest bugfix. For icingaweb2 module tornado we fixed a wrong validation of the rule WHERE clause, we fixed some errors that appeared with viewer users, and finally we fixed the event type label in the test event window. For NetEye 4.19 we updated the following packages: icingacli, icingaweb2, icingaweb2-autosetup, icingaweb2-common,…

Read More
02. 09. 2021 Massimo Giaimo Exposure Assessment, SEC4U

Exposure Assessment: Know the Attack Surface

This is the first in a series of articles that aims to technically describe the various objects collected within our Exposure Assessment activity, based on our OSINT & Cyber Threat Intelligence SATAYO platform. Its functionalities and the elements make it a fundamental tool for all organizations wishing to continuously monitor their exposure within public domain…

Read More

Archive