01. 02. 2024 Mattia Codato Downloads / Release Notes, NetEye, Unified Monitoring

NetEye 4.34 Release Notes

Welcome to version 4.34 of our NetEye v4 Unified Monitoring Solution.

Spring is slowly approaching and the first plants awake from their winter slumber and peek through the snow. One of the earliest to bloom is the Crocus from the family of the Iridaceae. It’s native to Europe, North Africa, and Central Asia up to China. One of the most famous members of this group is the crocus sativa, widely known as saffron spice. But be careful, most croci are poisonous and easily confused for their harmless siblings.

General

Network Requirements

In order to clarify the distribution of the Network Ports Requirements between the Corporate and Private networks, the TCP and UDP Ports Requirements section was updated accordingly.

Monitoring

Icingaweb2 Module Director update to 1.11.0

The Icingaweb2 Module Director has been upgraded from version 1.10.2 to 1.11.0. From a large list of improvements and fixes, we would like to highlight that it is now possible to let Notification rules pick User and/or User Groups from Host and Service custom variables.

Various little Import and Sync issues have been addressed, and automated Service
Template import has been fixed. In addition to some minor Property modifier
improvements, they can now be applied in a conditional way.

The complete changelog is available in the official repository.

Reporting

In multitenancy environments users belonging to a tenant are to see only the reports associated with their tenant.
Hence, starting from NetEye 4.34 the list of reports in the reporting module is filtered based on the tenant a logged-in user belongs to. To learn more about the filtering principles and how to configure them, please take a look at the related user guide.

Tornado UX improvements

Improving the test panel User Experience means also allowing to copy and paste a whole event from a log/archive into the test event panel of Tornado. From the NetEye release 4.34, the test event panel can automatically extract the event type, and the creation time and fill the form, starting from the event pasted in the JSON editor.

In addition, to make it easier to consult the processing tree in complex installations, a new compact view has been introduced. This new view is active by default but can be changed to the previous view at the user’s preference

SIEM – Log Management

Sign Elastic Agent logs with El Proxy

The new NetEye version allows you to guarantee the integrity and inalterability of the logs collected via Elastic Agents, thanks to the El Proxy signing of these logs. This was previously possible only for logs collected via Beats agents.

Moreover, in order to sign only security-relevant logs, it is now also possible to configure which logs should be signed or not based on the typology of the log.

In particular, a new pipeline dedicated to Elastic Agents has been introduced in Logstash and takes care of parsing incoming Elastic Agent logs and deciding whether they should be signed or not, based on the configuration you chose in the Icinga Director.

To learn more on this new functionality please refer to the dedicated section in the NetEye User Guide.

Upgrade to Elastic 8.11

To take advantage of the latest features brought by Elastic, NetEye 4.34 upgrades the Elastic Stack components from version 8.10.2 to 8.11.3.

To see the most relevant news of the new version you can have a look at this blog post.

For the full set of improvements and bug fixes, please refer instead to the official release notes of Elasticsearch, Kibana, Logstash, and Beats.

Automatic update of Logstash plugins

Until now, if you installed any additional Logstash plugin, you needed to reinstall them manually after each update of Logstash, leading to additional work for the NetEye administrator and also to possible downtimes of Logstash between the update and the manual reinstallation of the plugins.

Starting from the upgrade to version 4.34, NetEye will instead automatically take care of updating any additional Logstash plugin installed by the user, so that downtimes and manual work will be avoided.

NetEye User Guide

Tornado Actions

In order to improve the usability of the Tornado UG and guide the users in the process of defining Actions for Tornado Rules, Tornado Executors section was refactored to focus on the Action types instead of the Executors standing behind them.