Blog Entries

09. 11. 2020 Franco Federico Log-SIEM, NetEye

CVE – Common Vulnerabilities and Exposures in NetEye

The Common Vulnerabilities and Exposures (CVE) system provides a reference method for publicly known information security vulnerabilities and exposures. The National Cybersecurity FFRDC, operated by the MITRE Corporation, maintains the system with funding from the National Cyber Security Division of the United States Department of Homeland Security. The system was officially launched for the public…

Read More
18. 08. 2020 Franco Federico Log-SIEM

Why NetEye SIEM?

As the number of cybercrime events, incidents of identity theft, theft of intellectual property, and cyberattacks continue to rise, there is an increasing need to provide adequate network security to defend against these types of threats to organizations. Defending against these types of threats is very difficult for an organization, and the attacker will always…

Read More
16. 04. 2020 Franco Federico NetEye, Visual Synthetic Monitoring

Monitoring Users’ Online Experience when Ordering during the COVID-19 Emergency

After the government recently passed a law asking everyone to limit travel and gatherings, I decided to only shop online. I’m not alone in this – many other people decided to do this too, bringing the sites that provide these services down to their knees, since a large number of users were all trying to…

Read More
10. 03. 2020 Franco Federico Log-SIEM, NetEye

Monitoring COVID-19 with NetEye – An Italian Use Case

The use case of this blog is about monitoring COVID-19 in Italy. The data used is public, and the source is the Protezione Civile (Italian Civil Protection Office), which updates the data every day after 18:00 on GitHub at the following link: https://github.com/pcm-dpc/COVID-19/tree/master/ I found the data in various formats and I chose to analyze…

Read More
02. 03. 2020 Franco Federico Log-SIEM, NetEye

Preventing a Brute Force Attack with NetEye SIEM

I have several clients who’ve asked me how they can prevent a brute force attack inside their Windows Infrastructure. This is the use case for this blog post, a solution for which I’ve been studying using NetEye together with its SIEM module. I’ve used a Windows client here, but it’s the same for any server…

Read More
30. 12. 2019 Franco Federico Log-SIEM, NetEye

Graph in NetEye with Elastic Stack

In the past I’ve written in this blog post about Elastic Stack and its features. Here I’d like to show you more in depth the functionality of Graph analytics. The Graph analytics features enable you to discover how items in an Elasticsearch index are related. It’s possible to explore the connections between indexed terms and…

Read More
30. 09. 2019 Franco Federico Log-SIEM

Filebeat and Log UI in NetEye

In a previous blog I explored beats such as Icingabeat and presented an overview of the new features present in NetEye since version 4.6. I’d like to explore the following use case: collect some logs from Elasticsearch, Logstash, the operating system that hosts NetEye, and MySQL using beats (Filebeat), all in order to show the…

Read More
24. 07. 2019 Franco Federico Anomaly Detection, Log-SIEM, NetEye

Welcoming Elastic Stack X-Pack to NetEye 4

On June 13, we announced a new OEM Partnership with Elastic, and Elastic updated its relationship with OEM, MSP and CSP partners, with the result that in NetEye 4 we now have some new features. Starting with NetEye 4.6, you can now activate the X-Pack feature. After I activate X-Pack and open NetEye, I see:…

Read More
30. 05. 2019 Franco Federico Log-SIEM

Beats and NetEye 4

NetEye 4 is composed of various modules, such as the NetEye 4 Log Manager that houses Elastic Stack with Search Guard. Our vision for the future of the NetEye 4 Log Manager is shown in the following diagram: Here you can see the various modules and technologies. For instance, you can see that we have…

Read More
21. 03. 2019 Franco Federico Log-SIEM, NetEye

Field Anonymization with NetEye 4 for GDPR

The regulations of the GDPR in many cases require that some user data is not always present, and / and or that they are anonymized.  So I would like to show you now how NetEye 4 responds to this new requirement. NetEye 4 is composed of various modules. In the NetEye 4 Log Manager, we have Elastic…

Read More
21. 12. 2018 Franco Federico Icinga News, NetEye

How to Monitor Icinga 2 Itself with Icingabeat

NetEye 4 is based on Icinga 2. How can we monitor it? There are several options available; here I choose Icingabeat and test it. Icingabeat is an Elastic Beat that fetches data from the Icinga 2 API and sends it directly to either Elasticsearch or Logstash. In my case, I wanted to send the information…

Read More
28. 09. 2018 Franco Federico Asset Management, NetEye

How to Change the Default Language in OCS Inventory

OCS Inventory is part of our Asset Management module integrated into NetEye. Open Computer and Software Inventory Next Generation (OCS Inventory NG) is free software that enables users to inventory IT assets. OCS-NG collects information about the hardware and software of networked machines from the machines themselves running the OCS client program (“OCS Inventory Agent”)….

Read More

Archive