Bug Fixes for NetEye 4.36
We fixed a bug in the NetEye IDOReports module related to its installation process and in particular with an update of its database. We updated the following packages:
Read More
Blog Entries
Bug Fixes for NetEye 4.35
We fixed a bug in the NetEye IDOReports module related to its installation process and in particular with an update of its database. We updated the following packages:
Read MoreAutomating the Full NetEye Release Procedure
One of the first issues we added more than 2 years ago to our DevOps backlog was automating the infrastructure preparation and release of NetEye, but we postponed it for a long time because it was too big to do. A bit of background Every 2 months we release a new NetEye version: this basically…
Read MoreThe Right Monitoring Tool: Elastic Synthetic Browser Monitor vs. Alyvix
In today’s digital landscape, ensuring optimal performance and availability of applications is critical. Monitoring tools like Elastic Synthetics Journey Monitor and Alyvix offer unique capabilities tailored to diverse needs. Understanding where each tool excels can help you choose the best solution for your requirements. Elastic Synthetic Browser Monitor: Strengths and Use Cases Elastic Synthetic Browser…
Read MoreBug Fixes for NetEye 4.36
We fixed a bug in the NetEye Alyvix module where an error was thrown when the super-admin would create a Test Case in a Tenant associated with a Time Period present in a different Tenant. We updated the following packages:
Read MoreAn XPerience: Discussing the Role of AI in the Agile World
Between the 4th and 7th of June this year, Bolzano had the opportunity to host XP 2024, the 25th edition of the premier international conference on Agile software development. The scenario was NOI Techpark and, as Würth Phoenix, we were there and had the chance to participate in the conference with two talks about SecDevOps…
Read MoreBug Fixes for NetEye 4.36
We fixed a bug that causes the kill of unrelated processes during the cluster resource relocation. Important: the NetEye update procedure in this case, in order to fix the existing configuration, will restart most of the PCS cluster resources and will cause a temporary service downtime. We updated the following packages:
Read MoreBug Fixes for NetEye 4.35
El Proxy We fixed a bug in El Proxy related to the retry strategy for sending signed logs to Elasticsearch. Previously, after a document has been rejected from the Elasticsearch ingest pipeline, all non-signed logs were deleted during the retry phase including the mandatory “timestamp” field. Our solution now ensures that all mandatory fields remain…
Read MoreBug Fixes for NetEye 4.36
SIEM – Log Management JVM Configurations We fixed some bugs related to the Elastic JVM configurations, that was duplicating log files in the default directory. The JVM configurations are now up to date and the organization of configuration files has been improved. El Proxy We fixed a bug in El Proxy related to the retry…
Read MoreAkira Ransomware: How to Make an Efficient Detection Rule
In this article, we’re going to explore an example of the process used to perform the initial steps of creating ad hoc detection rules based on specific events that mark the world of cyber security. Specifically, starting from a real case, we’ll see the study and analysis carried out to create a rule to monitor…
Read MoreNetEye 4.36 Release Notes
Welcome to version 4.36 of our NetEye v4 Unified Monitoring Solution. Merano/Meran is welcoming you with its promenades and palms, gardens and parklands, castles and palaces, noble villas, and unique urbanscape. Always fascinating, Merano is a historical spa town where hospitality and tourism reside in its soul. Merano is about taking a morning walk through…
Read MoreCheck the Version of Your NetEye Cluster with Satellites
Whenever I upgrade a NetEye Cluster with all its Satellites, it’s important that no host is forgotten, and that all packages are installed (which can happen because an upgrade error occurred, for example if one forgot to call neteye_finalize_installation). So I thought it would be handy to have a script/plugin that shows the current version…
Read MoreHow To Detect a Chromium Browser Stealer With Elastic
In this blog, I’ll propose and describe a solution for detecting potential infostealers targeting Chromium-based browsers, taking a cue from the research exposed by Google’s Chrome Security Team (Detecting browser data theft using Windows Event Logs). Obviously a solution using Elastic 🙂 ! What is an Infostealer (in a nutshell) ? In the realm of…
Read MoreOpenShift: How to Check and Reset Ceph Storage in Warning State
Every so often it may happen (in particular after a cluster update or hardware issues) that you see your storage in a warning state on OpenShift. The first thing to do is to check what’s wrong with your cluster: sometimes you may have a real issue, in other cases it may just be a temporary…
Read MoreSOC News | May 24 – Patch This Veeam Critical Vulnerability Now
On May 21, Veeam published details about four different vulnerabilities detected in their product Veeam Backup Enterprise Manager (VBEM). One of them is critical and allows an unauthenticated attacker to log in to the Veeam Backup Enterprise Manager web interface as any user. CVE Number CVSS Score EPSS Score CVE-2024-29849 9.8 (Critical) 0.04% (Low) CVE-2024-29850…
Read More