ScenarioIn a Microsoft Remote Desktop environment, it’s a common need to force the logoff of a hanged user session. The NetEye Command Orchestrator (CMDO) can help us perform this task by executing remote commands through the Icinga2 agent API. There’s a security limitation built into the Command Orchestrator which allows only numeric parameters for executed…
Read MoreThe Monitoring Plugins have been updated to version 2.3.1 and released in beta.Please have a look at the official documentation for the full list of improvements. Before running the update it is necessary to execute the following command to see if there are any previously modified files: rpm -qV monitoring-plugins Output example:S.5….T. d /usr/lib64/neteye/monitoring/plugins/check_time If…
Read MoreWe fixed a bug in Neteye 4.21 that didn’t allow the cmdorchestrator module to edit a command group without changing the name. For NetEye 4.21 we updated the following packages: icingaweb2-module-cmdorchestrator and icingaweb2-module-cmdorchestrator-autosetup to version 0.11.1-1
Read MoreWe fixed a bug in Neteye 4.21 that made the JWT authentication fail on the first try in case an existing backend, different from the standard one provided by Neteye and placed before it in the authentication ini file, failed. For NetEye 4.21 we updated the following packages: icingaweb2-module-neteye and icingaweb2-module-neteye-autosetup to version 1.103.3-1
Read MoreWelcome to version 4.22 of our NetEye v4 Unified Monitoring Solution. NetEye welcomes the new year and its new release with what is probably the most famous church tower in South Tyrol: the half-submerged steeple of the Resia Lake. The Lake Reschen, “Reschensee” in German and “Lago di Resia” in Italian, is located at the…
Read MoreWe fixed a bug in Neteye 4.21 that made the neteye secure install restart the httpd service also on passive nodes of a cluster. For NetEye 4.21 we updated the following packages: lampod to version 1.1.1-1
Read MoreWe fixed a bug, where renames of files through an Icinga 2 service would write extra lines to the Plugin Output. For NetEye 4.21 we updated the following packages: libhookrename to version 1.0.1-1
Read More
Calendar 2022 NetEye Fundamental WPN4-FUNGet an introduction to the fundamentals of our monitoring platform. Learn to handle its main features, distinguish between basic and core concepts, and to choose the proper monitoring configuration design. NetEye Advanced WPN4-ADVLearn advanced NetEye concepts and how to deal with the tool. Master different NetEye functionalities to face particular situations…
Read MoreWe decided to carry out an evaluation of Elastic’s EDR using the APT Simulator (https://github.com/NextronSystems/APTSimulator) tool. This tool is widely used within the cyber security community and is highly reputed, as it was developed by Florian Roth, who also created the Sigma Rule project. APT Simulator is a Windows Batch script that uses a set…
Read MoreWithin our Attacker Centric Security Operation Center, we look for the best detection rules every day to help you detect attack scenarios. One of the most important projects that we use as a source in this area is without doubt that of Sigma Rule (https://github.com/SigmaHQ/sigma). The project, founded by Florian Roth (https://www.linkedin.com/in/floroth/), has almost 300…
Read MoreThe current Elasticsearch license bundled with NetEye will expire this January 31st. To continue enjoy all the SIEM functionalities you must update to the new license. An automatic update has been released for the most recent NetEye version. Older NetEye releases however, can be updated manually. In the case the health-check light/01004_elastic_license_check.sh is preventing you…
Read MoreWe fixed three bugs in NetEye 4.21: a bug that prevented the user to import Saved Object using Kibana GUI a bug that prevented the user to enrich the logs going through El Proxy with Elasticsearch Ingest Pipelines a bug in documentation which makes unclear in certain situation whether to execute command on the standby…
Read More