Blog Entries

26. 01. 2023 Damiano Chini Bug Fixes, Log-SIEM, NetEye

Bugfixes for NetEye 4.27, 4.26, 4.25: Elasticsearch License Renewal

The current Elasticsearch license bundled with NetEye will expire this January 31st. To continue enjoying all the SIEM functionalities you must update to the new license. An automatic update has been released for the most recent NetEye version. Older NetEye releases however, can be updated manually. In the case the health-check light/01004_elastic_license_check.sh is preventing you…

Read More
27. 12. 2022 Damiano Chini Development, Log Management, Log-SIEM, NetEye

Adding Settings to Beats Agents’ Templates Based on the Index Name

With the introduction of the Composable Index Templates in Elastic, we at NetEye had to redesign the way index settings and mappings are applied to the indices generated by El Proxy. In this post I’ll explain: The solution explained in the remainder of the post was designed for El Proxy, but it may apply also…

Read More
21. 12. 2022 Damiano Chini Log Management, Log-SIEM, NetEye

How We Verify the Integrity of El Proxy Blockchains Altered by a Retention

El Proxy helps in compliance with GDPR regulations, which, besides the rest, imposes guarantees on the integrity of data and ensures that the data is kept for no longer than a predefined period of time. El Proxy ensures the integrity of the data by saving the data in El Proxy blockchains. The guarantee that data…

Read More
13. 12. 2022 Davide Sbetti Log-SIEM, Machine Learning

Building a Dashboard in Kibana to Keep Track of Your Smart Ingest Pipeline

In a previous article, we used NetEye and Elasticsearch to train a machine learning model able to classify documents about some collected radar signals, separating them into two categories (good vs bad), starting from an existing dataset. Afterwards, we applied it to new incoming documents using an Ingest Pipeline and the Inference Processor. Taking as…

Read More
13. 12. 2022 Damiano Chini Development, Log Management, Log-SIEM, NetEye

How We Sped up El Proxy Verification

Before deploying El Proxy in production we, the R&D Team, carried out numerous benchmarks and reproduced real life scenarios to ensure that the real-time log signing performed by El Proxy would not represent a bottleneck in environments where logs that must respect the Italian “Garante Privacy” regulations are generated with data rates of around 2,000…

Read More
28. 10. 2022 Enrico Alberti Log Management, Log-SIEM, NetEye

Syslog Collection with Elastic under Distributed NetEye Monitoring

Anyone who has joined the beautiful world of logging has collided, sooner or later, with the collection via syslog protocol. More than 40 years have passed since syslog was invented, and in that time there have been several attempts by the IETF to create a standard around this world (RFC 3164 and RFC 5424). Even…

Read More
19. 09. 2022 Davide Sbetti Log-SIEM, Machine Learning

Elasticsearch ML Models and Inference: Real-Time Classification

In a previous article, we explored the Machine Learning capabilities of Elasticsearch, which allowed us to apply anomaly detection techniques to our data, and helped us discover some really interesting facts as a result of our analysis. But can we take that idea even further? For instance, could we use data we’ve already collected to…

Read More
21. 06. 2022 Davide Sbetti Log Management, Log-SIEM

Elastic Transformations: How to Aggregate and Enrich Your Data

In a previous article I analyzed how you can create effective visualizations in Kibana, and how to apply machine learning jobs with the goal of extracting as much information as possible from our data. However, you can also think of data as a raw material, which sometimes needs to be transformed and manipulated before allowing…

Read More
29. 03. 2022 Davide Sbetti Machine Learning, NetEye

Data Exploration in Kibana: from a Simple Visualization to Anomaly Detection

These days we live in a data-driven world, where the collection and analysis of data empowers not only companies but also individuals to plan future actions based on the information that is extracted. NetEye enables both the collection and analysis of an enormous amount of data using various platforms, such as Kibana, for data written…

Read More
22. 03. 2022 TobiasGoller Icinga Web 2, Machine Learning, NetEye

Performance Metrics Collection from NetEye to Elastic

Today my objective is to collect the performance metrics from various NetEye Icinga checks and write them out to Elasticsearch so I can apply Machine Learning (ML) algorithms to identify potential anomalies. This is a task that’s not possible with the open-source version of InfluxDB installed in NetEye. Moreover, this data in Elastic is used…

Read More
15. 03. 2022 Alessandro Valentini Bug Fixes, Log-SIEM, NetEye

Bug Fixes for NetEye 4.22

We fixed a wrong behaviour which causes neteye satellite config create to do not work when executed with –tenant parameter. For NetEye 4.22 we updated the following packages: elasticsearch, elasticsearch-autosetup, elasticsearch-neteye-config, filebeat, filebeat-autosetup, filebeat-neteye-config, apm-server, apm-server-autosetup, apm-server-neteye-config, kibana, kibana-autosetup, kibana-neteye-config, logstash, logstash-autosetup, logstash-neteye-config to version 7.15.0_neteye3.37.2-1

Read More
11. 03. 2022 Enrico Alberti Log-SIEM, NetEye

NetEye for Data Protection Officers

With NetEye 4.22 we released a feature awaited for years: the ability to reach the Elasticsearch API externally, thanks to our NGINX proxy under NetEye. This new feature brings with it a lot of use cases, but what was turning over and over in my head was the automatic process for verification of the blockchains…

Read More
02. 03. 2022 Damiano Chini APM, Log-SIEM, NetEye

Observing Events in Tornado with Elastic APM

Sometimes you’d just really like to have an overview of what happens to the Events that flow through Tornado. Where do they come from? Did they get stuck somewhere in the Collectors or in Tornado? Which Tornado Actions did they trigger? Gathering all this information from hundreds of log lines across different services (i.e., Tornado…

Read More
19. 01. 2022 Camilla Biamino Events, Log-SIEM, NetEye, Service Management, Training

New Year – New NetEye Training

Calendar 2022 NetEye Fundamental WPN4-FUNGet an introduction to the fundamentals of our monitoring platform. Learn to handle its main features, distinguish between basic and core concepts, and to choose the proper monitoring configuration design. NetEye Advanced WPN4-ADVLearn advanced NetEye concepts and how to deal with the tool. Master different NetEye functionalities to face particular situations…

Read More
13. 01. 2022 Alessandro Valentini Bug Fixes, Log-SIEM, NetEye

Bugfixes for NetEye 4.21, 4.20, 4.19: Elasticsearch License Renewal

The current Elasticsearch license bundled with NetEye will expire this January 31st. To continue enjoy all the SIEM functionalities you must update to the new license. An automatic update has been released for the most recent NetEye version. Older NetEye releases however, can be updated manually. In the case the health-check light/01004_elastic_license_check.sh is preventing you…

Read More

Archive