13. 03. 2020 Luca Franzoi Bug Fixes, Log Management, Log-SIEM, NetEye, Unified Monitoring

Bug discovered on NetEye module logmanagement and SIEM

A bug has been discovered on NetEye modules logmanagement and SIEM.
If affected, rsyslog directories on system might be created with wrong permissions causing Logstash to be unable to load log lines of some hosts inside Elasticsearch. Users might also receive an error message trying to check signatures for some hosts inside Logmanager Log Check.
All NetEye systems with neteye-logmanagement or netey-siem modules installed might be affected .

To check your system run following command:

find /neteye/shared/rsyslog/data/ -not -perm 770 -type d -exec ls -lad {} \; | grep "dr-------T."

If the provided command returns some results your system is affected.
Please apply the following workaround to fix it until an official bug-fix is provided:

  1. Run command: crontab –e
  2. Add following line:
    30 00 * * * /usr/bin/find /neteye/shared/rsyslog/data/ -not -perm 770 -a -not -perm 750 -type d -exec /usr/bin/chmod 770 {} \; > /dev/null
  3. Save the file

Previous steps must be executed on every NetEye node.

If you need further information, or experience some problem applying the fix, feel free to contact our support team using one of the following options:

Luca Franzoi

Luca Franzoi

Service & Support Engineer at Würth Phoenix

Author

Luca Franzoi

Latest posts by Luca Franzoi

05. 05. 2025 Unified Monitoring
How to Reduce Icinga 2 Log Verbosity, and Regularly Clean Them from Event Viewer
05. 02. 2025 AI, Uncategorized
Will AI Take Over the World?
14. 12. 2021 Bug Fixes, NetEye
NetEye 3 Logstash and Elasticsearch – Security Advisory
14. 01. 2020 NetEye, Unified Monitoring
Using Nmap as an Import Source for NetEye 4
10. 12. 2019 Downloads / Release Notes, ITOA, NetEye, Unified Monitoring
Grafana User Management Deprecation in NetEye 4.10
See All

Related Content

Tags: , , , , , ,

08. 10. 2025 Bug Fixes, NetEye

NetEye 4 – Security Advisory (Elastic Stack)

Important: Elastic Stack security update Type/Severity NetEye Product Security has rated this update as having a High security impact. Topic An update for the elasticsearch and kibana packages is now available for NetEye 4. Security Fix for NetEye 4.44 9.0.8_neteye3.85.1-1 CVEs CVE-2025-25009: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N Read More
30. 09. 2025 NetEye, Unified Monitoring

Business Process Automation on NetEye

In NetEye, 'business processes' is a module used to model and monitor the business process hierarchy to obtain a high-level view of the status of critical applications. In short, they allow monitoring controls of individual components to be aggregated into Read More
30. 09. 2025 APM, Development, NetEye, Unified Monitoring

Segregating APM Data in Elastic: A Practical Guide to a Not-So-Obvious Challenge

If you've worked with Elastic APM, you're probably familiar with the APM Server: a component that collects telemetry data from APM Agents deployed across your infrastructure. But what happens when you need to segregate that data by tenant, especially in Read More
23. 09. 2025 Bug Fixes, NetEye

Bug Fixes for NetEye 4.43

Satellite config creation in HA mode using zone names with whitespaces We've addressed an issue where running the neteye satellite config create for a satellite configured in HA mode having whitespaces in the Zone name prevented the procedure to successfully Read More
19. 09. 2025 NetEye

Native Monitoring of the Logstash Dead Letter Queue

When working with Logstash in production, one of the often-overlooked areas is the Dead Letter Queue (DLQ). This queue stores events that Logstash cannot process, usually due to parsing errors, mapping conflicts, or pipeline misconfigurations. While the DLQ is useful Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

Search by technology

Contact

Contact us
Serviceportal

Archive