Blog Entries

19. 01. 2022 Camilla Biamino Events, Log-SIEM, NetEye, Service Management, Training

New Year – New NetEye Training

Calendar 2022 NetEye Fundamental WPN4-FUNGet an introduction to the fundamentals of our monitoring platform. Learn to handle its main features, distinguish between basic and core concepts, and to choose the proper monitoring configuration design. NetEye Advanced WPN4-ADVLearn advanced NetEye concepts and how to deal with the tool. Master different NetEye functionalities to face particular situations…

Read More
13. 01. 2022 Alessandro Valentini Bug Fixes, Log-SIEM, NetEye

Bugfixes for NetEye 4.21, 4.20, 4.19: Elasticsearch License Renewal

The current Elasticsearch license bundled with NetEye will expire this January 31st. To continue enjoy all the SIEM functionalities you must update to the new license. An automatic update has been released for the most recent NetEye version. Older NetEye releases however, can be updated manually. In the case the health-check light/01004_elastic_license_check.sh is preventing you…

Read More
31. 12. 2021 Damiano Chini Development, Log Management, Log-SIEM, NetEye

Real Time Log Signing on Fleet-managed Elastic Agents – A Preliminary Investigation

The R&D Team is currently working on the integration of the new Elastic Fleet management tool in NetEye 4. Once Elastic Fleet is fully integrated in NetEye 4, all of the Log Management features currently supported will also need to work with the Elastic Fleet. In particular, the integration of Elastic Fleet with the Log…

Read More
24. 12. 2021 Enrico Alberti Log Management, NetEye

Log Management through NetEye Satellites

In the enormous world of Log Collection, quite often customers need to collect logs from various systems in remote locations, like from an office in another country. For Icinga we know that the latest NetEye 4.20 release fully supports distributed monitoring, but what about the Log Manager and SIEM modules? Is it possible to use…

Read More
28. 10. 2021 Alessandro Valentini Bug Fixes, Log-SIEM, NetEye

Bug Fixes for NetEye 4.20

We fixed a bug which prevents the activation of log signature via Icinga Director for hosts with hostname different than FQDN. Another bug we fixed was causing neteye_secure_install to fail in the cluster environment when influxdb was restarted. In addition, we fixed the background of the quick navigation that was transparent in some conditions. For…

Read More
07. 09. 2021 Alessandro Valentini Bug Fixes, Log-SIEM, NetEye

Bug Fixes for NetEye 4.19

We fixed two bugs in Logstash: an issue related to corrupted jvm.options configuration files, which prevents Logstash from starting properly a pipeline bug will cause Logstash to index every time in the same index which will grow up infinitely if a proper rollover template is not defined For NetEye 4.19 we updated the following packages:…

Read More
18. 08. 2021 Alessandro Valentini Bug Fixes, Log-SIEM, NetEye

Bug Fixes for NetEye 4.19

We fixed a bug in Logstash pipelines which causes, in some cases, logs to be written on the day before invalidating the logmanager blockchain. For NetEye 4.19 we updated the following packages: elasticsearch elasticsearch-autosetup elasticsearch-neteye-config elasticsearch-xpack-license elastic-stack-userguide filebeat filebeat-autosetup filebeat-neteye-config kibana kibana-autosetup kibana-neteye-config logstash logstash-autosetup logstash-neteye-config logstash-neteye-config-autosetup to version 7.12.1_neteye3.30.1-1

Read More
12. 08. 2021 Franco Federico Log Management, NetEye

GDPR and AS400: Collecting Administrator Logs

We have several customers using IBM AS400 whom we’ve helped in the past collect logs of system administrators under NetEye 3. Now with NetEye 4 we’ve improved log collection, making it compliant with the ECS standard and configuring a special internal port (5514) for NetEye to process these logs and syslog logs in general. Let’s…

Read More
01. 07. 2021 Damiano Chini Log Management, Log-SIEM, NetEye

El Proxy – Error Handling

Beginning with NetEye 4.17, the NetEye Log Management module has been able to rely on the new Real Time Log Signing architecture, which aims to overcome some weaknesses in the previous Log Management implementation based on rsyslog. One of the core components of the new architecture is the new El Proxy daemon, whose tasks are…

Read More
10. 05. 2021 TobiasGoller Log-SIEM, NetEye

Installing Elastiflow on NetEye SIEM

First of all, I’d like to explain in simple terms what Elastiflow is all about. ElastiFlow is a NetFlow analyzer that works with the Elastic Stack. The Elastiflow Analyzer can collect various network flows, such as netflow or sflow, and write them to Elastic, taking into account the ECS format. In addition, the Elastiflow Analyzer…

Read More
07. 05. 2021 Franco Federico Log Management, Log-SIEM, NetEye

Collecting Network and DNS Logs on Your Infrastructure

Several customers have asked us how they can collect DNS logs. In our solution, we proposed a Packetbeat Agent that allows you to collect data and send them to our centralized NetEye SIEM directly, or via a NetEye satellite. The Domain Name System (DNS) provides a hierarchy of names for computers and services on the…

Read More
29. 04. 2021 Alessandro Valentini Bug Fixes, Log-SIEM, NetEye

Bug Fixes for NetEye 4.17

We fixed a bug in the SIEM Module, which prevented Kibana Canvas to work properly. For NetEye 4.17 we updated the following packages: icingaweb2-module-kibana and icingaweb2-module-kibana-autosetup to version 1.17.1-1

Read More
22. 04. 2021 Alessandro Valentini Bug Fixes, Log-SIEM, NetEye

Bug Fixes for NetEye 4.17

SIEM Module We fixed a bug in SIEM Module which prevents Kibana to generate reports. For NetEye 4.17 we updated the following packages: elasticsearch elasticsearch-autosetup elasticsearch-neteye-config elasticsearch-xpack-license filebeat filebeat-autosetup filebeat-neteye-config kibana kibana-autosetup kibana-neteye-config logstash logstash-autosetup logstash-neteye-config logstash-neteye-config-autosetup to version 7.10.1_neteye3.22.1-1. Tornado Module We fixed a bug in Tornado which prevented, in cluster installations, the configuration…

Read More
21. 04. 2021 Mirko Bez Log Management, NetEye, Unified Monitoring

Automatically Detecting Tornado Anomalies through its Logs

Tornado is an event-driven engine that substitutes the previous engine called Eventhandler. Its use in NetEye is becoming ubiquitous, and this is just the start! One of its main uses in the NetEye ecosystem is to trigger status changes within Icinga (this in turn will usually send emails to stakeholders). However, understanding exactly what is…

Read More
01. 04. 2021 Damiano Chini Development, Log Management, Log-SIEM, NetEye

Log Management – Real Time Log Signing

Meeting the highest security standards is an absolute priority in NetEye. For this reason, in the continuous process of improving security in NetEye 4, we brought an important architectural improvement in the Log Manager module in the NetEye 4.17 release. The new architecture takes the name of Real Time Log Signing and its main focus…

Read More

Archive