As you’ve probably read in a previous blog by my colleague Jürgen Vigna, we use GlusterFS for particular requirements in our NetEye 4 cluster environments. After we completed the migration from the operating system CentOS 7 to RedHat 8, a few small things have changed or been updated. For all those who are new to…
Read MoreAs you probably all know, a new NetEye version is released every two months. For this reason I’d like to emphasize that we recommend regular updating of your NetEye system. In particular with version 4.23 we released a major update of the operating system from CentOS 7 to RedHat 8. Since we’re doing a lot…
Read MoreIn NetEye 4.23 we shifted our base containers from CentOS to RedHat Enterprise Linux. Within our NetEye image and container we ship packages that come from RedHat Enterprise Linux’s private repositories and are thus subject to subscription, hence we need a way to be able to use our subscription when building NetEye containers. RedHat allows…
Read MoreSometimes you just need to temporarily grant access to a user to copy some files to your server. But no user should have access to the shell. For sftp this is quite simple (see below), but for scp it’s not that trivial. Also, you probably want to set the user up in a directory with…
Read MoreFor our use case, we need to be able to deploy Azure machines using Ansible from developer’s laptops and from our own CI/CD infrastructure both on Jenkins and OpenShift. The easiest way to ship a working and easy-to-use environment for our use case is to create a Docker instance: we based our Docker on rockylinux…
Read MoreSynopsis Important: grafana-panel-renderer security update Type/Severity Security Advisory: Important Topic An update for the package grafana-panel-renderer is now available for NetEye 4. NetEye Product Security has rated this update as having a security impact of High. Common Vulnerability Scoring System (CVSS) base scores provide additional guidance about a vulnerability and give a detailed severity rating….
Read MoreWhen upgrading NetEye 4 from version 4.22 to version 4.23, the main focus is the upgrade/change of the operating system from CentOS 7 to the new RHEL 8 operating system. Normally you can proceed as explained in the Upgrade section of the user guide since NetEye 4 uses the “normal” BIOS boot sector with grub….
Read MoreIn my previous blog post, we modified the boot parameters to enable cgroups v2 and the user namespace in CRI-O. In this second part I’ll show you how to run a sample container with systemd and check that the modifications we made actually worked. Setting up a Test Docker To test the new config, let’s…
Read MoreFor our ongoing transition from Jenkins to OpenShift, we’re currently working on porting our testing infrastructure to OpenShift. Our tests involve installing and running our product, NetEye, in a container. The installation requires a working systemd environment inside the container, and systemd needs to run with PID 1 and as root user (UID 0). Until…
Read MoreSynopsis Important: Multiple Security updates for NetEye 4 Type/Severity Security Advisory: Critical Topic Wuerth Phoenix has released some Critical Patches (CPs) for NetEye 4. These CPs resolve multiple vulnerabilities related to SQL injections, Cross Site Scripting and an unauthenticated remote command execution (RCE) exploit. Description GLPI was affected by: [Critical] RCE using a third-party library script…
Read MoreIn our migration journey from multiple VMs to OpenShift, one mandatory step is the integration with our company’s Active Directory. This is the default IdP for our services like Jenkins, NetEye, etc., and we want to centralize authentication and permissions as much as possible. Integration with OpenShift is less straightforward than it is with other…
Read MoreIn August I had the opportunity to assist an experienced consultant who was upgrading a NetEye cluster. Now, I’m a software developer, and while I know the consultants here who work with clients, I’ve always worked at the Würth Phoenix offices. I’ve never actually gone out in the field. So my goal was to try…
Read MoreSynopsis Important: Multiple Security updates for NetEye 4 Type/Severity Security Advisory: Important Topic Wuerth Phoenix has released some Critical Patches (CPs) for NetEye 4. These CPs resolve multiple vulnerabilities related to Privilege Escalation and authenticated remote command execution (RCE) exploits. Description GLPI was affected by an SSRF vulnerability in the External Calendars feature of the GLPI…
Read MoreWe fixed a bug that during the upgrade to NetEye 4.24 caused the RedHat version to update incorrectly. For NetEye 4.23 we updated the following packages: neteye-upgrade-manager to version 0.31.1-1
Read MoreWelcome to version 4.25 of our NetEye v4 Unified Monitoring Solution. In this release, NetEye goes to the alpine pastures to meet one of the more than 130,000 cows in South Tyrol. Ample space, pure air and environment are just some of the advantages that the South Tyrolean land offers to grazing animals. During the…
Read More