We fixed some bugs related to the Elastic JVM configurations, that was duplicating log files in the default directory. The JVM configurations are now up to date and the organization of configuration files has been improved.
El Proxy
We fixed a bug in El Proxy related to the retry strategy for sending signed logs to Elasticsearch. Previously, after a document has been rejected from the Elasticsearch ingest pipeline, all non-signed logs were deleted during the retry phase including the mandatory “timestamp” field. Our solution now ensures that all mandatory fields remain intact during the retry strategy. Additionally, we enhanced the logging of El Proxy errors in the DLQ logs for easier debugging.
Logstash Elastic Agent input port
We fixed a bug for which the port, used by Logstash to listen from events coming from Elastic Agent, was not opened on the firewall of some of the Operative Nodes.
NetEye Setup
During new cluster installations, the /etc/neteye-cluster configuration file was missing a field indicating the creation timestamp of the cluster. We fixed this bug by reintroducing the missing field in new cluster installations.
Upgrade Manager
We fixed a bug in the upgrade procedure related to fencing. The procedure now, whenever an update of pacemaker or corosync is present, ensures fencing is disabled to prevent possible issues when nodes are put in standby.
Furthermore, we fixed an issue related with the check of missing updates, which may have given an error in case a change of RedHat Release.
Updated packages
We updated the following packages:
elastic-agent, elastic-agent-neteye-config, elastic-stack-configurator, elasticsearch, elasticsearch-neteye-config, elasticsearch-xpack-license, filebeat, filebeat-neteye-config, kibana, kibana-neteye-config, logstash, logstash-neteye-config to version 8.11.3_neteye3.63.5-1
neteye-setup, neteye-setup-configurator to version 1.127.1-1
elastic-blockchain-proxy, elastic-blockchain-proxy-autosetup, elastic-blockchain-proxy-configurator to version 1.2.5-1
Removed input in Elastic Agent Fleet System integration With the release of Elastic Agent Fleet version 2.0.0, the "System" integration has been updated and now removes support for a deprecated log collection input method that relied on httpjson. This input Read More
Important: Grafana security update Type/Severity NetEye Product Security has rated this update as having a security impact of High Topic An update for the package grafana is now available for NetEye 4. Security Fix for NetEye 4.41 11.6.1_neteye3.27.1-1 For details on how Read More
Fix rpmnew handling in Keycloak upgrade procedure We fixed an issue in Keycloak's update procedure to improve the handling of an rpnew generated during the update. First installation for SIEM clusters without voting-only node We fixed an issue related with Read More
Fix Tornado filter WHERE condition We fixed an issue in Tornado UI in which the WHERE condition of a filter were not being displayed correctly for some conditions not created through the API. List of updated packages To solve the Read More
Fix Tornado filter WHERE condition We fixed an issue in Tornado UI that did not allow deleting the WHERE condition of a filter in some conditions. List of updated packages To solve the issue, the following packages have been updated Read More