Blog Entries

22. 10. 2021 Franco Federico NetEye, Unified Monitoring

Monitoring Dynamic Folders with Icinga DSL

We were recently asked how to dynamically monitor folders with Icinga. Several of our clients monitor folders whose names change from day to day. For example, suppose every day I want to see if there is a file named with the date of that particular day, or I’d like to see if there is a…

Read More
12. 08. 2021 Franco Federico Log Management, NetEye

GDPR and AS400: Collecting Administrator Logs

We have several customers using IBM AS400 whom we’ve helped in the past collect logs of system administrators under NetEye 3. Now with NetEye 4 we’ve improved log collection, making it compliant with the ECS standard and configuring a special internal port (5514) for NetEye to process these logs and syslog logs in general. Let’s…

Read More
08. 07. 2021 Franco Federico Unified Monitoring

How to Monitor a Complex Veeam-based Backup System

Veeam is a widely used and well-known backup system. A customer recently asked me if he could check on the operation of his Veeam-based backup system by verifying the Windows event log, since the standard checks used within the community did not provide him with the current status of his Veeam infrastructure. This use case…

Read More
07. 05. 2021 Franco Federico Log Management, Log-SIEM, NetEye

Collecting Network and DNS Logs on Your Infrastructure

Several customers have asked us how they can collect DNS logs. In our solution, we proposed a Packetbeat Agent that allows you to collect data and send them to our centralized NetEye SIEM directly, or via a NetEye satellite. The Domain Name System (DNS) provides a hierarchy of names for computers and services on the…

Read More
26. 02. 2021 Franco Federico Log-SIEM, NetEye

What’s Happening Right Now in My Active Directory?

We recently integrated two dashboards into NetEye SIEM to check what is happening within Active Directory, a component that is present in the vast majority of our customer environments. These two dashboards start from the collection of security events that are gathered across the various Windows servers that make up the infrastructure, and are then…

Read More
15. 12. 2020 Franco Federico NetEye, Visual Synthetic Monitoring

Integrating Alyvix 3 into NetEye 4

On one hand we have Alyvix 3, our visual monitoring tool for continuously tracking the user experience. We’ve also just released Alyvix 3 Server, which lets us easily schedule and administer our test cases. And we also have our NetEye monitoring system. In this blog, I’d like to show you how we can integrate all…

Read More
09. 11. 2020 Franco Federico Log-SIEM, NetEye

CVE – Common Vulnerabilities and Exposures in NetEye

The Common Vulnerabilities and Exposures (CVE) system provides a reference method for publicly known information security vulnerabilities and exposures. The National Cybersecurity FFRDC, operated by the MITRE Corporation, maintains the system with funding from the National Cyber Security Division of the United States Department of Homeland Security. The system was officially launched for the public…

Read More
18. 08. 2020 Franco Federico Log-SIEM

Why NetEye SIEM?

As the number of cybercrime events, incidents of identity theft, theft of intellectual property, and cyberattacks continue to rise, there is an increasing need to provide adequate network security to defend against these types of threats to organizations. Defending against these types of threats is very difficult for an organization, and the attacker will always…

Read More
16. 04. 2020 Franco Federico NetEye, Visual Synthetic Monitoring

Monitoring Users’ Online Experience when Ordering during the COVID-19 Emergency

After the government recently passed a law asking everyone to limit travel and gatherings, I decided to only shop online. I’m not alone in this – many other people decided to do this too, bringing the sites that provide these services down to their knees, since a large number of users were all trying to…

Read More
10. 03. 2020 Franco Federico Log-SIEM, NetEye

Monitoring COVID-19 with NetEye – An Italian Use Case

The use case of this blog is about monitoring COVID-19 in Italy. The data used is public, and the source is the Protezione Civile (Italian Civil Protection Office), which updates the data every day after 18:00 on GitHub at the following link: https://github.com/pcm-dpc/COVID-19/tree/master/ I found the data in various formats and I chose to analyze…

Read More
02. 03. 2020 Franco Federico Log-SIEM, NetEye

Preventing a Brute Force Attack with NetEye SIEM

I have several clients who’ve asked me how they can prevent a brute force attack inside their Windows Infrastructure. This is the use case for this blog post, a solution for which I’ve been studying using NetEye together with its SIEM module. I’ve used a Windows client here, but it’s the same for any server…

Read More
30. 12. 2019 Franco Federico Log-SIEM, NetEye

Graph in NetEye with Elastic Stack

In the past I’ve written in this blog post about Elastic Stack and its features. Here I’d like to show you more in depth the functionality of Graph analytics. The Graph analytics features enable you to discover how items in an Elasticsearch index are related. It’s possible to explore the connections between indexed terms and…

Read More
30. 09. 2019 Franco Federico Log-SIEM

Filebeat and Log UI in NetEye

In a previous blog I explored beats such as Icingabeat and presented an overview of the new features present in NetEye since version 4.6. I’d like to explore the following use case: collect some logs from Elasticsearch, Logstash, the operating system that hosts NetEye, and MySQL using beats (Filebeat), all in order to show the…

Read More
24. 07. 2019 Franco Federico Anomaly Detection, Log-SIEM, NetEye

Welcoming Elastic Stack X-Pack to NetEye 4

On June 13, we announced a new OEM Partnership with Elastic, and Elastic updated its relationship with OEM, MSP and CSP partners, with the result that in NetEye 4 we now have some new features. Starting with NetEye 4.6, you can now activate the X-Pack feature. After I activate X-Pack and open NetEye, I see:…

Read More
30. 05. 2019 Franco Federico Log-SIEM

Beats and NetEye 4

NetEye 4 is composed of various modules, such as the NetEye 4 Log Manager that houses Elastic Stack with Search Guard. Our vision for the future of the NetEye 4 Log Manager is shown in the following diagram: Here you can see the various modules and technologies. For instance, you can see that we have…

Read More

Archive