Blog Entries

31. 12. 2024 Alessandro Valentini DevOps

GitOps: Pull-based vs Push-based Approaches

When approaching a GitOps workflow you’ll soon have to choose between push- and pull-based approaches. In this blog post I’ll explain the high-level differences of each approach with pros and cons. What is GitOps? GitOps stands for Git Operation: in this workflow all the infrastructure configurations are stored in a Git repository, which represents the…

Read More
31. 12. 2024 Rocco Pezzani Business Service Monitoring, ITOA, NetEye, SLM, Unified Monitoring

Display a Service’s Availability with ITOA

This is that Time of the Year when you begin preparing all your SLA Reports to help you understand how your important services behaved during the year itself. It’s like the end of a horse race, when the bets are settled and you realize whether the bets you placed were right or not. And since…

Read More
31. 12. 2024 Gabriele Cecco Atlassian, Service Management

How to Use the New ‘Request Type Groups’ Feature in Jira Service Management

Have you always found Portal Groups in Jira Service Management (JSM) to be useful for organizing and triaging requests, but noticed they couldn’t be used to filter issues? Atlassian has addressed this limitation with a new categorization feature called “Request Type Groups,” which now enables grouping and filtering requests by these groups. This feature may…

Read More
30. 12. 2024 Alessandro Taufer DevOps, Log-SIEM

Configure Kubernetes Index Lifecycle Policies in Elastic Stack

If you’re monitoring an OpenShift or a Kubernetes cluster with Elastic Stack, you might’ve noticed that the Kubernetes integration uses the default Index Lifecycle Policy. It means that those logs and metrics have an unlimited retention. If the volume of logs is high – and for Kubernetes clusters it usually is – it won’t be…

Read More
30. 12. 2024 Damiano Chini APM, Development, NetEye

Supporting HTTP/2 and gRPC in nginx

Since its introduction the HTTP/2 protocol has been adopted more and more in servers and clients applications thanks to its improved performance compared to its ancestor HTTP/1.1. This poses an issue to services exposed via nginx, since some specific configurations are needed on nginx in order to allow clients and servers to fully use the…

Read More
30. 12. 2024 Gabriele Cecco Atlassian, Service Management

How to Schedule Issues with the New Calendar View in Jira Service Management

Jira Service Management now includes a new feature that lets you easily schedule your activities. What? You haven’t activated it yet? No worries, you’re in the right place! Here’s a quick guide to how to enable it and make the most out of it in just a few clicks. How to Enable the Calendar View If…

Read More
30. 12. 2024 Beatrice Dall'Omo Red Team, SEC4U

Exploring Authenticated Scans in Greenbone

While traditional vulnerability scanning techniques provide valuable insights from the outside, authenticated scans offer a deeper, more comprehensive understanding of system security by providing more vulnerability details on the scanned system from an internal perspective.  By leveraging valid system credentials, Greenbone’s authenticated scans provide critical insights about system configurations, software versions, and potential internal weaknesses…

Read More
30. 12. 2024 Alessandro Taufer DevOps, Log-SIEM

Optimizing Log Collection in Kubernetes/OpenShift with Elastic Stack

When monitoring Kubernetes clusters using Elastic Stack, the volume of logs can be overwhelming, often reaching gigabytes per minute. This is particularly true for OpenShift clusters, where significant traffic originates from system namespaces you might not be familiar with. Optimizing log collection becomes crucial for maintaining system efficiency and resource utilization. Success in this endeavor…

Read More
30. 12. 2024 Beatrice Dall'Omo Blue Team, Red Team, SEC4U

Red and Blue Team Cooperation: Attack to Improve

Nowadays attacks evolve over time and threat actors are following different ways to reach the same objectives. This could represent a problem on the defensive side. How can you always be up-to-date and ready to detect, but then when a vulnerability is exploited be able to act in several ways depending on the threat actor?…

Read More
29. 12. 2024 Fabrizio Dovesi Atlassian, Service Management

Let’s Repopulate the Community of “Pandas 🐼” Who are Happy with How Their Company Handles Documentation

This post offers a simple and pragmatic way to manage your company’s knowledge base with an SaaS product like Confluence. Why are we always here talking about the documentation problem? The title of this post references the Panda, an endangered animal that has become a symbol of the WWF since its founding in 1961.The panda…

Read More
29. 12. 2024 Andrea Mariani Log-SIEM, NetEye

How to Configure Kibana to Use a Proxy Server with a Certificate via the NODE_EXTRA_CA_CERTS Variable

When using Kibana in environments that require a proxy to reach external services, you might encounter issues with unrecognized SSL certificates. Specifically, if the proxy is exposed with its own certificate and acts as an SSL terminator, requests made by Kibana to external URLs can fail with HTTP status code errors. In this blog post,…

Read More
27. 12. 2024 Damiano Chini APM, Development, Log-SIEM, NetEye

Elastic Universal Profiling – Profiling native code

In a previous post we went through the configuration of Elastic Universal Profiling in NetEye, seeing how we can profile applications written in programming languages that do not compile to native code (for example Python, PHP, Perl, etc.) But what happens if the application is written for example in C, Go or Rust? Let’s take…

Read More
23. 12. 2024 Beatrice Dall'Omo Red Team, SEC4U

Developing Integrations for Greater Efficiency: Jira and Invicti

In today’s digital landscape where cyber threats are constantly evolving, recurring vulnerability scanning is not only a best practice, but a strategic imperative with the aim of minimizing exposure to potential risks. Regular vulnerability scanning helps identify weaknesses in systems, applications and infrastructures, allowing them to be addressed in a timely and strategic way before…

Read More
23. 12. 2024 Damiano Chini APM, Development, Log-SIEM, NetEye

Continuous Profiling with NetEye – Elastic Universal Profiling

Elastic 8.16, which comes with NetEye 4.39, made Elastic Universal Profiling generally available for self-hosted installations. This means that NetEye SIEM installations will now be able to take advantage of the continuous profiling solution by Elastic. In this blog post we’ll explain what you can achieve with continuous profiling, and how you can configure it…

Read More
23. 12. 2024 Mirko Morandini Asset Management, Service Management

GUI-based Setup of GLPI Network Inventory: The Agent Toolbox

GLPI agents have various additional functionalities, from network discovery to remote inventory and ESX inventory. These can be controlled either directly from the command line (see my colleague’s blog https://www.neteye-blog.com/2024/07/glpi-device-discovery/ for some practical examples) or in a centralized way from the server, via the GLPI Inventory plugin (https://www.neteye-blog.com/2024/12/gui-based-glpi-network-inventory-setup-with-the-glpi-inventory-plugin/). There’s also another handy way to configure…

Read More

Archive