Blog Entries

11. 01. 2021 Nicolae Caragia NetEye, Unified Monitoring

Microsoft Icinga2 Agent Deployment Automation with Tornado and NATS

As a NetEye user I might want to install a Remote Host Agent that belongs to a Zone that can’t communicate directly with the Master. So to be able to do this, we decided to use Tornado and NATS. Linking with Patrick’s article in this article I’ll explain how to configure them. What we want…

Read More
11. 01. 2021 Enrico Alberti Log-SIEM, NetEye

Alerting on NetEye SIEM: Tornado Webhooks and Smart Monitoring (part 2)

In my previous post I showed you how to make your own alerts on NetEye SIEM by using the Elastic Watcher and Alerts and Actions features. But if we work in production environments, what we really need is an alert that can go directly to NetEye’s Monitoring Overview. How can we manage SIEM alerts and…

Read More
30. 12. 2020 Damiano Chini NetEye

VMD – Tornado Integration

We introduced an interesting new feature into NetEye starting in version 4.13 that permits integrating vSphereDB with Tornado. By being able to process vSphereDB Events and Alarms with Tornado rules and actions, you can for example use vSphereDB to dynamically monitor Virtual Machines and Hosts. Architecture Finding a way to send Alarms and Events stored…

Read More
23. 12. 2020 Patrick Zambelli NetEye

Tornado – Getting in Action with Sample Rules

The new complex event processing engine Tornado has been evolving quite quickly during the last few NetEye releases. As you might imagine after reading the latest Neteye 4.15 release notes, Tornado Editor is becoming very powerful and users will find a comfortable UI for configuring Tornado filters and rules. For me, interacting with Tornado had…

Read More
10. 12. 2020 Patrick Zambelli NetEye, Unified Monitoring

Microsoft Icinga2 Agent Deployment Automation with Tornado

When implementing monitoring with Icinga2 you will soon reach the point where you will have to install Agents in order to monitor your infrastructure in-depth. Here the Icinga2 Agent provides concepts to access information about and the properties of an operating system over a secure remote connection. In an enterprise environment consisting of thousands of…

Read More
02. 11. 2020 TobiasGoller Unified Monitoring

Tornado Use Case: Receiving Traps

During one of my last customer assignments, I migrated the NetEye Event Handler Trap rules to Tornado. Since many customers use the event handler in a similar way, I’d like to explain here the creation of these rules in Tornado. In the following I’ll briefly explain the following use case: Passive service checks have been…

Read More
22. 10. 2020 Alessandro Valentini NetEye, Unified Monitoring

Kentix MultiSensor-LAN: Integration with NetEye4

Kentix MultiSensor is a device which includes many sensors for use in monitoring server and IT rooms. The sensor only needs to be connected to your network (PoE is required) and to have SNMP configured through its web interface. The LAN version we used in this test monitors: Temperature Humidity Dewpoint Fire (carbon monoxide) Motion…

Read More
21. 08. 2020 Nicola Degara NetEye, Service Management, SLM, Unified Monitoring

The NetEye and Jira Cloud Ecosystem Is Even More Integrated

Between one trial run and another, in these summer days I’ve also taken my time to deepen the theme on the interaction between NetEye 4 and ticketing systems. For my tests I chose the Jira Service Desk Cloud, and I must honestly say that the result achieved was satisfactory 🙂 As a method of integration…

Read More
02. 04. 2020 Damiano Chini NetEye

Tornado Communication over NATS

Until the NetEye 4.10 release, the Tornado module inside NetEye handled communications between its components (the Tornado Collectors and the Tornado Engine) via direct, clear-text TCP connections. On local systems, this configuration does not represent a limitation, since in this case there is no requirement to verify the identity of the peer (it is always…

Read More
31. 03. 2020 Mirko Bez Log-SIEM, Unified Monitoring

Real-Time Event Monitoring With Tornado

In this blog post I will describe a potential use of Tornado to monitor events in near real-time, while keeping historical information about the received events. Use Case Often as a user I want to collect data from different sources, e.g. Windows events, and then according to some simple rules set the status of some…

Read More
21. 02. 2020 TobiasGoller Log Management, NetEye

Tornado Use Case with Elastic

Before I tell you about one of my latest customer requirements, I would like to briefly explain what our NetEye Tornado module is. In our user guide you will see it written that Tornado is the successor to NetEye’s Event Handler. It is a plugin-based, stateless, scalable rule matching engine written in Rust, based on…

Read More
27. 09. 2019 Benjamin Gröber NetEye

Tornado – The Processing Tree

Tornado is the spiritual successor of the NetEye EventHandler. As such, we took inspiration from its limitations, picking the most interesting ones, and trying to optimize for these scenarios. One example of this is the Processing Tree. In the past, all rules had to be placed in one of four predetermined groups, and events ran…

Read More
17. 09. 2019 Angelo Rosace Log-SIEM, NetEye

How To: Using the Elastic Watcher Feature to React to Failed Login Attempts (Part 2)

Our continued development of the Tornado event processing module has led to a new set of functionalities and capabilities. Among these is the possibility of altering host and service statuses as the result of a certain event. Let’s look at a typical use case for this feature. Suppose you want to trigger a webhook that…

Read More
30. 07. 2019 Angelo Rosace Log-SIEM, NetEye, Unified Monitoring

How To: Using the Elastic Watcher Feature to React to Failed Logon Attempts (Part 1)

The introduction of the new Elastic Features (formerly, X-Pack packages) for the Elastic Stack added many new functionalities to the previous implementation in Net-Eye. One of them is the Watcher feature. Let’s discuss a use case based on this feature. Imagine you as a user want to somehow trigger a webhook alert every time something…

Read More