Blog Entries

28. 10. 2022 Enrico Alberti Log Management, Log-SIEM, NetEye

Syslog Collection with Elastic under Distributed NetEye Monitoring

Anyone who has joined the beautiful world of logging has collided, sooner or later, with the collection via syslog protocol. More than 40 years have passed since syslog was invented, and in that time there have been several attempts by the IETF to create a standard around this world (RFC 3164 and RFC 5424). Even…

Read More
24. 12. 2021 Enrico Alberti Log Management, NetEye

Log Management through NetEye Satellites

In the enormous world of Log Collection, quite often customers need to collect logs from various systems in remote locations, like from an office in another country. For Icinga we know that the latest NetEye 4.20 release fully supports distributed monitoring, but what about the Log Manager and SIEM modules? Is it possible to use…

Read More
18. 12. 2020 Juergen Vigna Log Management, Log-SIEM, NetEye

Monitor Microsoft Exchange Logs Using NetEye 4 Log Management

So you have a Microsoft Exchange mail server infrastructure and want full control over it using the NetEye 4 Log Management module? Yes, you can do that. An Exchange server writes out various log files: MessageTracking Imap4/Pop3 Smtp IIS logs To be able to send these logs to NetEye you have to install the Filebeat…

Read More
06. 08. 2020 Mirko Bez Log Management

Firewall Log Collection: An Elastic Stack Performance Tuning Fairy Tale

In this blog post I will describe my experience with ingesting logs from a Fortinet firewall at a customer site. During this process I exploited the brand new Filebeat 7.8.0 Fortinet module. In particular, I will describe how I went from 3K events per second (eps) to 32K eps, more than a 10x improvement.

Read More

Archive