With SIEM we ensure maximum security in the management of sensitive data Even the safest bulwarks require permeable zones. The same applies to the security systems we use to protect our data from unauthorized access. But every system, no matter how meticulously monitored, contains security gaps. When these become known, it is the task of…
Read MoreIn the previous blog post in our #devops series, we discussed how to automatically provision a NetEye cluster with virtually zero hassle. Thanks to Ansible, in fact, we dramatically reduced the amount of manual effort needed to generate a fully working cluster. This, in turn, opened up an opportunity to boost our cluster testing infrastructure…
Read MoreA common issue in cluster environment is the split brain condition. A split brain occurs when some nodes of the cluster are not able to communicate properly, but instead continue to work like two separate, distinct clusters leading to data or service inconsistency. To prevent this situation a common solution is to introduce the concept…
Read MoreUse case : I want to send a PDF with services problems by email. Let’s suppose a client wants to receive an email containing a file with a list of all service problems. Unfortunately, the SLM module doesn’t have the ability to specify the filter service_state on the object field, so I modified the export_csv_export.php…
Read MoreFor the SLM module, we fixed a bug that didn’t correctly clean up Monitored Object related “Event Adjustments” once a host or service has been deleted. For the module GLPI Plugin OCSInventoryNG, we fix an auto-setup script that blocked the neteye_secure_install execution during a clean installation of the neteye-asset group in a cluster environment. For…
Read MoreFor the module SLM, we fixed a bug that didn’t allow users to save SLA Type form without including “downtimes” and Contract form without considering “Event Adjustments”. For NetEye 4.10 we updated: icingaweb2-module-slm, icingaweb2-module-slm to version 2.16.1-1
Read MoreUse case: I want to deploy different dashboards for different Group Users or specific Users in NetEye4. At the following URL you can find the script: https://github.com/caragian/dashboard/tree/master/dashboard_configurator This script allows you to deploy a template dashboard to: A list of users All members of a specific AD group (LDAP) The requirements are: Python3 A user…
Read MoreLast week I had to implement monitoring checks for a customer’s host running an IBM iSeries server. As the monitoring for that is a bit particular, I’d like to share what I did, and also share with you an Icinga2 Basket containing the monitoring structure. Where to Find the Necessary Files You may download the…
Read MoreFixed a bug which overrides logstash certificates when neteye_secure_install is executed preventing external beats to connect to logstash. For NetEye 4.10 we updated: elasticsearch, elasticsearch-autosetup, elasticsearch-neteye-config, elasticsearch-xpack, elasticsearch-xpack-autosetup, kibana, kibana-autosetup, kibana-neteye-config, kibana-xpack, kibana-xpack-autosetup, logstash, logstash-neteye-config, logstash-neteye-config-autosetup, logstash-xpack, logstash-xpack-autosetup to version 7.4.0_neteye2.7.2-1
Read MoreA bug has been discovered on NetEye modules logmanagement and SIEM. If affected, rsyslog directories on system might be created with wrong permissions causing Logstash to be unable to load log lines of some hosts inside Elasticsearch. Users might also receive an error message trying to check signatures for some hosts inside Logmanager Log Check….
Read MoreThe use case of this blog is about monitoring COVID-19 in Italy. The data used is public, and the source is the Protezione Civile (Italian Civil Protection Office), which updates the data every day after 18:00 on GitHub at the following link: https://github.com/pcm-dpc/COVID-19/tree/master/ I found the data in various formats and I chose to analyze…
Read MoreKeeping historical data around for analysis is extremely useful but often avoided due to the financial cost of archiving massive amounts of data. Retention periods are thus driven by financial realities rather than by the usefulness of extensive historical data. The Elastic Stack data rollup features provide a means to summarize and store historical data…
Read MoreA missing information in the userguide was added. For NetEye 4.10 we updated: icingaweb2* to version 2.7.3_neteye1.64.1-1
Read MoreI have several clients who’ve asked me how they can prevent a brute force attack inside their Windows Infrastructure. This is the use case for this blog post, a solution for which I’ve been studying using NetEye together with its SIEM module. I’ve used a Windows client here, but it’s the same for any server…
Read MoreBefore I tell you about one of my latest customer requirements, I would like to briefly explain what our NetEye Tornado module is. In our user guide you will see it written that Tornado is the successor to NetEye’s Event Handler. It is a plugin-based, stateless, scalable rule matching engine written in Rust, based on…
Read More