Bug Fixes for NetEye 4.21
We fixed a bug in Neteye 4.21 that made the neteye secure install restart the httpd service also on passive nodes of a cluster. For NetEye 4.21 we updated the following packages: lampod to version 1.1.1-1
Read More
Blog Entries
Bug Fixes for NetEye 4.21
We fixed a bug, where renames of files through an Icinga 2 service would write extra lines to the Plugin Output. For NetEye 4.21 we updated the following packages: libhookrename to version 1.0.1-1
Read MoreNew Year – New NetEye Training
Calendar 2022 NetEye Fundamental WPN4-FUNGet an introduction to the fundamentals of our monitoring platform. Learn to handle its main features, distinguish between basic and core concepts, and to choose the proper monitoring configuration design. NetEye Advanced WPN4-ADVLearn advanced NetEye concepts and how to deal with the tool. Master different NetEye functionalities to face particular situations…
Read MoreAn Evaluation of Elastic EDR with APT Simulator
We decided to carry out an evaluation of Elastic’s EDR using the APT Simulator (https://github.com/NextronSystems/APTSimulator) tool. This tool is widely used within the cyber security community and is highly reputed, as it was developed by Florian Roth, who also created the Sigma Rule project. APT Simulator is a Windows Batch script that uses a set…
Read MoreSigma Rule Crawler Project
Within our Attacker Centric Security Operation Center, we look for the best detection rules every day to help you detect attack scenarios. One of the most important projects that we use as a source in this area is without doubt that of Sigma Rule (https://github.com/SigmaHQ/sigma). The project, founded by Florian Roth (https://www.linkedin.com/in/floroth/), has almost 300…
Read MoreBugfixes for NetEye 4.21, 4.20, 4.19: Elasticsearch License Renewal
The current Elasticsearch license bundled with NetEye will expire this January 31st. To continue enjoy all the SIEM functionalities you must update to the new license. An automatic update has been released for the most recent NetEye version. Older NetEye releases however, can be updated manually. In the case the health-check light/01004_elastic_license_check.sh is preventing you…
Read MoreBug Fixes for NetEye 4.21
We fixed three bugs in NetEye 4.21: a bug that prevented the user to import Saved Object using Kibana GUI a bug that prevented the user to enrich the logs going through El Proxy with Elasticsearch Ingest Pipelines a bug in documentation which makes unclear in certain situation whether to execute command on the standby…
Read MoreNetwork Maps with NeDi and draw.io
In this article I’ll show you how to use information from NeDi to build network maps using draw.io. Getting Data from NeDi NeDi is an open source software tool which discovers, maps and inventories your network devices and tracks connected end nodes. In the NeDI database there are three tables that provide the data needed…
Read MoreReal Time Log Signing on Fleet-managed Elastic Agents – A Preliminary Investigation
The R&D Team is currently working on the integration of the new Elastic Fleet management tool in NetEye 4. Once Elastic Fleet is fully integrated in NetEye 4, all of the Log Management features currently supported will also need to work with the Elastic Fleet. In particular, the integration of Elastic Fleet with the Log…
Read MoreTornado Monitoring and Statistics
When I’m running a service which processes a lot of data, sooner or later I start to wonder: what is the service doing? What data is it processing? This also applies to our event processor Tornado. For the Tornado Engine, the administrator may wonder for example how many events Tornado is receiving, how many actions…
Read MoreClockwork Automated Timesheet Free
As I promised you some time ago I want to tell you about a free App in the Atlassian Marketplace which for me is a must-have. The app is called Clockwork Automated Timesheet Free and it can be found on the Atlassian Marketplace. The numbers speak for themselves: More than 4,700 downloads at the end…
Read MoreAuto-Instrumented Real User Monitoring in NetEye
In this post, I’ll describe a little Proof of Concept (PoC) that I developed to better understand Elasticsearch’s APM-Tracing and Real User Monitoring (RUM). We’ll see how we can use this technology to keep track of interactions between frontend and backend service(s), collect error logs centrally, and see where the bottlenecks are. I’ll put the…
Read MoreServiceNow Monitoring Pages
ServiceNow ServiceNow is a digitalization and workflow management platform that provides ITSM (Information Technology Service Management) solutions and, more recently, ITOM (IT Operations Management), ITBM (IT Business Management) and other types of solutions related to the IT world. In large companies this type of software obviously has a strategic value. They have a complex architecture,…
Read MoreBusiness Processes and Dashboards
The Business Process module is one of the most useful modules in NetEye, but it’s often underestimated. A Business Process offers a way to model relations between monitored objects by NetEye (host and services), allowing you to model applications or infrastructures. They also allow you to drill down into the details, from high-level services to…
Read MoreNetEye Satellites: a Process-Growth Opportunity
During 2021 we decided to officially support Satellites as part of NetEye. Satellites were already widely used by our customers, in particular as part of the Icinga 2 monitoring infrastructure, but a complex manual configuration was required to install them. The development team faced a difficult challenge in fully supporting Satellites: providing an easy-to-use solution…
Read More