Blog Entries

16. 10. 2019 Michele Santuari NetEye, NetEye Updates

Bug Fixes for NetEye 4.8

We fixed a bug where the Elasticsearch exists query does not properly work because a Search Guard role applies restricted access to one or more fields. For NetEye 4.8 we updated: searchguard-plugin-common searchguard-plugin-common-autosetup elasticsearch-plugin-searchguard elasticsearch-plugin-searchguard-autosetup elasticsearch-plugin-searchguard kibana-plugin-searchguard kibana-plugin-searchguard-autosetup kibana-plugin-searchguard updated to version: 8.0.2-1

Read More
15. 10. 2019 Michele Santuari NetEye, NetEye Updates

Bug Fixes for NetEye 4.8

We fixed the Logstash configurations to allow a template to be applied to Elasticsearch during Logstash’s startup. Moreover, we created a Logstash template to configure the Logstash replica that applies to both single instances and clusters. The new indices matching the pattern logstash-* will automatically configure the replica with the range 0-1 using the index.auto_expand_replicas setting. For NetEye 4.8 we updated: elasticsearch, elasticsearch-autosetup,…

Read More
02. 10. 2019 Michele Santuari Log Management, NetEye

How to Solve a Full Elasticsearch Disk

In a previous Blog, I described some basic steps to debug problems with the Elastic Stack. In this blog post, I want to highlight another behavior that might occur when your Elastic Stack cluster is in a green state, but it is not able to write new logs. This situation usually happens when there is…

Read More
30. 09. 2019 Michele Santuari Log Management, NetEye, NetEye Updates

NetEye 4.7 Log Manager: Elastic 6.8.2 Update

Elastic 7.3 is coming to NetEye 4.8. In order to prepare for this significant change, you must first update Log Manager on NetEye 4.7 to receive the Elastic 6.8.2 update that will set up the necessary migrations for updating Elasticsearch, Logstash and Kibana. In addition to the ELK stack, SearchGuard will also be updated to…

Read More
09. 08. 2019 Michele Santuari NetEye, NetEye Updates

Bug Fixes for NetEye 4.7

Allow overriding the Elasticsearch quorum (e.g., minimum_master_nodes). Documentation can be found in User Guide -> Log Manager -> Elasticsearch Clusters. For NetEye 4.7 we updated: icingaweb2-module-logmanager to version: 0.26.3-1 elasticsearch-neteye-config to version: 1.7.4-1

Read More
28. 06. 2019 Michele Santuari Log Management, NetEye

How to Debug NetEye Log Management

In a previous blog post I presented how the Log Management architecture fits in a NetEye cluster, and now I want to summarize my recent experiences to help you diagnose Elasticsearch health issues. Elasticsearch provides a set of APIs which help to identify and debug a number of potential causes. But NetEye Log Management is…

Read More
05. 04. 2019 Michele Santuari NetEye Updates

Bug fixes for NetEye 4.4

The Elasticsearch searchguard.nodes_dn configuration was incorrect for cluster environments.For NetEye 4.4 we updated: elasticsearch-neteye-config to version 1.5.1-1 elasticsearch-plugin-searchguard to version and elasticsearch-plugin-searchguard-autosetup to version 6.5.4_24.0_neteye0.5.2-1 searchguard-plugin-common and searchguard-plugin-common-autosetup to version 0.6.1-1 neteye-setup to version 1.7.3-1

Read More
03. 04. 2019 Michele Santuari Log Auditing, NetEye

How to Manage Permissions in Log Analytics with NetEye 4

NetEye 4 Log Manager, as already presented in this blog post, allows you to easily manage the collection, navigation, visualization and analysis of large numbers of logs. For many reasons, I as a user may want to limit log access to a subset of users. For example a network administrator should only see the logs…

Read More
27. 12. 2018 Michele Santuari Development, NetEye

Research & Development – Poker Planning (Part 3)

I described in a prior blog post the so-called Backlog which is used not only by the Research & Development team but also by the other teams in the System Integration unit. The Backlog Refinement meeting is focused on the prioritization and re-ordering of tasks, and this activity cannot be achieved without properly estimating effort. In this…

Read More
05. 12. 2018 Michele Santuari Development, NetEye

Research & Development – Backlog (Part 2)

We described in a prior blog post how the Research & Development team has adopted a full Agile approach.  Although the basic principles remain unchanged and all team members have embraced a mindset of self-organization and team collaboration, in recent years new challenges have arisen that require continuous improvements in our methodologies. In particular, in this blog post we…

Read More
04. 12. 2018 Michele Santuari NetEye Updates

Updated icingaweb2 and icingaweb2-module-update for NetEye 4.3

Updated icingaweb2 to version 2.6.1_neteye1.20.2-1 and icingaweb2-module-update to version 0.4.2-1 for NetEye 4.3: Fixed: Missing instructions in the “Additional Modules” user guide page.

Read More
03. 12. 2018 Michele Santuari NetEye Updates

Updated icinga2, icingaweb2, neteye, neteye-setup, elasticsearch-neteye-config, elasticsearch-plugin-searchguard, searchguard-plugin-common for NetEye 4.3

Updated icinga2 to version 2.10.1_neteye1.4.8-1, icingaweb2 to version 2.6.1_neteye1.20.1-1, neteye to version 4.3.0-8, and neteye-setup to version1:1.0.0-1 for NetEye 4.3: Fixed:  A cluster’s external and internal hostnames must be configurable (NET4-100) Updated elasticsearch-neteye-config to version 1.3.2-1, elasticsearch-plugin-searchguard to version 0.3.1-1, and searchguard-plugin-common to version 0.3.1-1 for NetEye 4.3: Fixed: Adapt the configuration to use the internal hostname…

Read More
21. 11. 2018 Michele Santuari NetEye Updates

Updated elasticsearch-neteye-config and icingaweb2-module-update for NetEye 4.3

Updated elasticsearch-neteye-config to version 1.3.1-1 for Neteye 4.3: Fixed: Config file is recreated and Elasticsearch is restarted during each execution of the neteye_secure_install script in a cluster environment. Updated icingaweb2-module-update to version 0.4.1-1 for Neteye 4.3: Fixed: Notification for the update is present in brand new installations.

Read More
05. 10. 2018 Michele Santuari Log Auditing, NetEye

How an Elasticsearch Cluster Fits in with a NetEye Cluster

This blog post describes the basic architecture of an Elasticsearch cluster.  The deployment of a cluster is needed to provide high-availability and, whenever possible, to increase performance. NetEye 4’s clustering service is based on RedHat 7’s High Availability Clustering technologies: Corosync:  Provides group communication between a set of nodes, application restart upon failure, and a quorum…

Read More
29. 06. 2018 Michele Santuari NetEye Updates

Updated neteye-monarch to 4.7.6-1 for NetEye 3.13

Fixed: Export to InfluxDB does not consider InfluxDB retention policies (NMONARCH-141)

Read More

Archive