Blog Entries

27. 04. 2022 Ajay Sharma Bug Fixes, NetEye

Bug Fixes for NetEye 4.22

We fixed a bug in Tornado which cause skipping of the default master tenant filter if no satellite is configured. For NetEye 4.22 we updated the following packages: tornado, tornado-autosetup, tornado-common, tornado-neteye-config, tornado-dto, tornado-rsyslog-collector to version 1.18.5-1

Read More
27. 04. 2022 Ajay Sharma Bug Fixes, NetEye

Bug Fixes for NetEye 4.23

We fixed a bug in Tornado which cause skipping of the default master tenant filter if no satellite is configured. For NetEye 4.23 we updated the following packages: tornado, tornado-autosetup, tornado-common, tornado-neteye-config, tornado-dto, tornado-rsyslog-collector to version 1.19.3-1

Read More
22. 03. 2022 TobiasGoller Icinga Web 2, Machine Learning, NetEye

Performance Metrics Collection from NetEye to Elastic

Today my objective is to collect the performance metrics from various NetEye Icinga checks and write them out to Elasticsearch so I can apply Machine Learning (ML) algorithms to identify potential anomalies. This is a task that’s not possible with the open-source version of InfluxDB installed in NetEye. Moreover, this data in Elastic is used…

Read More
11. 03. 2022 Enrico Alberti Log-SIEM, NetEye

NetEye for Data Protection Officers

With NetEye 4.22 we released a feature awaited for years: the ability to reach the Elasticsearch API externally, thanks to our NGINX proxy under NetEye. This new feature brings with it a lot of use cases, but what was turning over and over in my head was the automatic process for verification of the blockchains…

Read More
02. 03. 2022 Damiano Chini APM, Log-SIEM, NetEye

Observing Events in Tornado with Elastic APM

Sometimes you’d just really like to have an overview of what happens to the Events that flow through Tornado. Where do they come from? Did they get stuck somewhere in the Collectors or in Tornado? Which Tornado Actions did they trigger? Gathering all this information from hundreds of log lines across different services (i.e., Tornado…

Read More
31. 12. 2021 Damiano Chini Development, NetEye

Tornado Monitoring and Statistics

When I’m running a service which processes a lot of data, sooner or later I start to wonder: what is the service doing? What data is it processing? This also applies to our event processor Tornado. For the Tornado Engine, the administrator may wonder for example how many events Tornado is receiving, how many actions…

Read More
29. 11. 2021 Attilio Broglio NetEye

Dynamically Manage Traps from a PowerMe UPS in NetEye’s Tornado

UPSs are critical devices that need particular attention when you’re monitoring them. Most of them are not very performant with respect to SMNP requests you send them. For this reason, passive monitoring via SNMP traps is the best solution. In this way, monitoring doesn’t burden the hardware with useless requests. In this session we’ll look…

Read More
12. 11. 2021 Ajay Sharma Bug Fixes, NetEye

Bug Fixes for NetEye 4.20

We fixed a bug in NetEye 4.20 where the tornado rsyslog collector fills the disk with logs. For NetEye 4.20 we updated the following packages: tornado, tornado-autosetup, tornado-common, tornado-dto, tornado-neteye-config, tornado-rsyslog-collector-logmanager to version 1.10.1-1

Read More
18. 10. 2021 Mirko Bez NetEye, Unified Monitoring

Avoid Tornado Rules Repetition with a Map Post-modifier

In this post I’ll describe a concrete use case of the Tornado Map Modifier that will enable us to cover in a single rule many cases in both a user-friendly and performance-friendly way. This feature of Tornado allows us to avoid a common anti-pattern: the repetition of rules with minimal differences. This anti-pattern creates a…

Read More
30. 09. 2021 Damiano Chini Development, NetEye

Tornado: Tracing

How can we allow a Tornado administrator to successfully track down the flow of an event through Filters, Rules and Actions of Tornado, when Tornado is processing thousands of events per second? Tornado administrators can have a hard time reading Tornado logs to understand where for example an action error comes from. Take this log…

Read More
22. 04. 2021 Alessandro Valentini Bug Fixes, Log-SIEM, NetEye

Bug Fixes for NetEye 4.17

SIEM Module We fixed a bug in SIEM Module which prevents Kibana to generate reports. For NetEye 4.17 we updated the following packages: elasticsearch elasticsearch-autosetup elasticsearch-neteye-config elasticsearch-xpack-license filebeat filebeat-autosetup filebeat-neteye-config kibana kibana-autosetup kibana-neteye-config logstash logstash-autosetup logstash-neteye-config logstash-neteye-config-autosetup to version 7.10.1_neteye3.22.1-1. Tornado Module We fixed a bug in Tornado which prevented, in cluster installations, the configuration…

Read More
21. 04. 2021 Mirko Bez Log Management, NetEye, Unified Monitoring

Automatically Detecting Tornado Anomalies through its Logs

Tornado is an event-driven engine that substitutes the previous engine called Eventhandler. Its use in NetEye is becoming ubiquitous, and this is just the start! One of its main uses in the NetEye ecosystem is to trigger status changes within Icinga (this in turn will usually send emails to stakeholders). However, understanding exactly what is…

Read More
11. 01. 2021 Nicolae Caragia NetEye, Unified Monitoring

Microsoft Icinga2 Agent Deployment Automation with Tornado and NATS

As a NetEye user I might want to install a Remote Host Agent that belongs to a Zone that can’t communicate directly with the Master. So to be able to do this, we decided to use Tornado and NATS. Linking with Patrick’s article in this article I’ll explain how to configure them. What we want…

Read More
11. 01. 2021 Enrico Alberti Log-SIEM, NetEye

Alerting on NetEye SIEM: Tornado Webhooks and Smart Monitoring (part 2)

In my previous post I showed you how to make your own alerts on NetEye SIEM by using the Elastic Watcher and Alerts and Actions features. But if we work in production environments, what we really need is an alert that can go directly to NetEye’s Monitoring Overview. How can we manage SIEM alerts and…

Read More
30. 12. 2020 Damiano Chini NetEye

VMD – Tornado Integration

We introduced an interesting new feature into NetEye starting in version 4.13 that permits integrating vSphereDB with Tornado. By being able to process vSphereDB Events and Alarms with Tornado rules and actions, you can for example use vSphereDB to dynamically monitor Virtual Machines and Hosts. Architecture Finding a way to send Alarms and Events stored…

Read More

Archive