Welcome to version 4.8 of our NetEye v4 Unified Monitoring Solution. Following version 4.7, the new and updated features in this version focus mainly on a new Event Adjustments feature for Service Level Management, a system-level Health Check, a development SDK for NetEye modules, improvements to Tornado and SLM, a major update to Elastic Stack 7.3, and updated Appliance specifications.
Product: NetEye
Release Number: 4.8
Release Date: September 30, 2019
Release Type: Minor
Previous Release: 4.7
Upgrade Requirements: A NetEye 4.7 installation
These release notes for NetEye 4.8 describe new features and improvements compared to version 4.7. The complete change log, which includes all fixed issues, can be generated on demand by following the instructions in the updated NetEye documentation (see the section “Starting your Upgrade” below).
SLM Event Adjustment
The Event Adjustment feature for Service Level Management allows administrators with the appropriate privileges to retroactively add events to the monitoring event history. This can be useful for example in situations where scheduled downtime was not entered in advance by accident. Event adjustments affect the availability calculations for hosts and services, and potentially affect whether the service provider is or is not satisfying the target SLA specified in the customer contract. They provide a transparent mechanism for making corrections that is visible to all stakeholders. For further details, see User Guide > Service Level Management > SLM Event Adjustment
NetEye Health Check
NetEye now has the ability to verify its own health via a dedicated health
command. There are both deep and light checks which will, respectively, verify the deep consistency of NetEye deployments while sacrificing resources, and offer a quick verification of the general state of a NetEye deployment. Furthermore from this release on, NetEye will use the light check to monitor itself right out of the box. For more information, see User Guide > System Configuration > The NetEye Health Check.
Along with this new feature, the Elasticsearch cluster status will no longer be incorrectly reported as yellow on single instances, as the shards replica number will be correctly set to 0 on all existing Logstash indices and the Logstash Elasticsearch template.
Development SDK
With this release we will begin shipping an SDK for developing NetEye 4 modules, which will help our partners and customers create their own custom extensions. Modules created using this SDK will have access to GUI elements in the standard NetEye 4 style and will appear in the menu, but will not immediately have access to all system functions and data until a later release. In the future we plan on holding training sessions detailing how to develop custom extensions for NetEye 4. If you are interested in being an early adopter, please contact your sales representative.
Tornado
We have extended Tornado’s rule syntax such that a rule can retrieve and use values computed by previous rules in the same rule set. With this change you will be able to build more expressive rule sets, as well as improve their performance and readability. You can find additional information regarding this feature at this blog post.
We have given the Tornado CLI configuration and debugging experience a major makeover, including standardizing the verbosity level and output format across all Tornado collectors. The default info log level is now tuned for performance on high throughput systems, whereas the debug level can be used to follow single events passing through the system. Also, to improve the troubleshooting experience, the formatting of events in the logs has been modified so that you can directly copy & paste them back into the Tornado CLI.
Finally, we improved the Tornado graphical user interface so that you can now explore the full Processing Tree by progressively expanding layers of lower-level filter nodes, eventually arriving at one or more Rules views each of which show the content of a single rule set.
Service Level Management Enhancements
This release includes multiple improvements to the SLM module. A beautiful new report layout and style is paired with significant performance gains. Input validation has been improved to eliminate data entry errors.
You are now able to preview exactly which objects will be included in a filter without having to generate a report. The module is also now fully integrated with NetEye’s Audit Log.
Standalone Updates to the User Guide
In addition to documentation for the issues listed above, the user guide has been updated to include the following new content:
We have updated the hardware specifications for NetEye appliances that will be in effect starting with this release, and added a new Sbs+ appliance. These changes can be found at User Guide > Hardware Specifications > NetEye Appliance Specifications.
The following software has been updated:
Elastic Stack Upgrade to 7.3.1
As part of this release, the Elastic Stack will be updated from version 6.8.2 to version 7.3.1, providing all the new features introduced in that version. Descriptions of the breaking changes and features can be found in the official Elastic 7.3 documentation. We recommend you check all changelogs beginning from version 7.0.0 in order to ensure changes made by Elastic will not negatively affect you.
In the Log Management module we will ship the open source version of ELK 7.3 based on the Apache 2 License (https://github.com/elastic/elasticsearch/blob/master/LICENSE.txt). With the SIEM feature Module we will ship the Elastic Stack Features thanks to our OEM agreement with Elastic so that all our customers can enjoy its additional features, especially the new SIEM App.
To guarantee compatibility, Search Guard will be upgraded to version 36.1, and Kibana Plugin to version 36.0. Breaking changes and new features can be found in the official documentation.
We merged all Logstash output filters into a single output filter which provides the same functionalities as before while dropping deprecated filters. We also adjusted the Elasticsearch .yml file to support the new Search Guard roles for the default admin user, changing from searchguard.restapi.roles_enabled: [“sg_all_access”] to searchguard.restapi.roles_enabled: [“SGS_ALL_ACCESS”].
To begin the upgrade, please follow the instructions in your current NetEye version at User Guide > Upgrading and Updating. For the Log Manager module, it is especially important to start the upgrade from a fully updated NetEye 4.7.