Blog Entries

31. 12. 2023 Damiano Chini Development, DevOps, NetEye

Speeding up the NetEye CI Testing Phase

Over the course of the last few years, we’ve introduced more and more features in NetEye 4. This fact has had a side effect that’s not directly visible to customers, namely that we keep adding more and more tests to the testing phase of the NetEye 4 Continuous Integration pipelines. While this ensures that regression…

Read More
29. 12. 2023 Damiano Chini Development, NetEye

Reusing Code Logic between NetEye and Alyvix

In the last few weeks the NetEye development team and the Alyvix development team have been collaborating to achieve support for Time Periods in Alyvix. In this blog post, we’d like to share some interesting challenges that this feature has brought to the developers. Disclaimer: as of the 28th of December, 2023 the Alyvix Time…

Read More
24. 12. 2023 Damiano Chini Development, DevOps, NetEye

How We Want to Avoid Breaking the NetEye User Guide (Again)

A few months ago while navigating through our NetEye User Guide we noticed that it had a small bug that caused some words in the right-side menu to be slightly truncated in the particular case where that menu contained some monospace characters. Well, since this was quite annoying, we fixed it on the fly with…

Read More
24. 12. 2023 Damiano Chini Development, DevOps, Log-SIEM, NetEye

Making ELK Updates Smoother with Configurators and Ansible

Recently (in September 2023) NetEye integrated version 8.8 of the Elastic Stack, which is just one of many Elastic updates brought into NetEye 4. Since this Elastic update there was a major upgrade (from version 7.17) coming with many breaking changes, so we, as the NetEye R&D team, wanted to make this important upgrade as…

Read More
09. 10. 2023 Damiano Chini Bug Fixes, NetEye

Bug Fixes for NetEye 4.32

We fixed a bug in the El Proxy for which in case of NetEye node failure (e.g. loss of power), the El Proxy service may lose the content of the file containing the blockchain key. In this case El Proxy would fail to sign new logs upon restart. Updated packages For NetEye 4.32 we updated…

Read More
05. 09. 2023 Damiano Chini Bug Fixes, NetEye

Bug Fixes for NetEye 4.31

We fixed a bug in El Proxy that caused the verification result sent to the Monitoring to be filled with logs and difficult to read. Now a simplified report with only important information is sent by El Proxy to the Monitoring. Updated packages For NetEye 4.31 we updated the following packages: To correctly apply the…

Read More
17. 07. 2023 Damiano Chini Bug Fixes, NetEye

Bug Fixes for NetEye 4.30

We updated the Elastic Stack to the latest bugfix version 7.17.11. In particular this version fixes a problem in Kibana, which was not properly handling some particular DSL queries. For more information on the fixes provided with this version, please refer to the official Elastic Stack website. In case you have any Elasticsearch plugin installed…

Read More
22. 06. 2023 Damiano Chini Bug Fixes, NetEye

Bug Fixes for NetEye 4.30

We fixed several deprecations in the NetEye SIEM module, which allow NetEye installations to be compliant with the directives of Elastic Stack and to be prepared for future upgrade of the Elastic Stack. Updated packages For NetEye 4.30 we updated the following packages:

Read More
03. 04. 2023 Damiano Chini Log Management, Log-SIEM, NetEye

Introducing Observability in El Proxy

If you’re familiar with the NetEye SIEM module you probably also know El Proxy, the solution integrated into NetEye to ensure the integrity and inalterability of the logs produced by the SIEM module. Since its introduction in NetEye, the only way to understand what El Proxy was doing was to inspect its logs, but as…

Read More
26. 01. 2023 Damiano Chini Bug Fixes, Log-SIEM, NetEye

Bugfixes for NetEye 4.27, 4.26, 4.25: Elasticsearch License Renewal

The current Elasticsearch license bundled with NetEye will expire this January 31st. To continue enjoying all the SIEM functionalities you must update to the new license. An automatic update has been released for the most recent NetEye version. Older NetEye releases however, can be updated manually. In the case the health-check light/01004_elastic_license_check.sh is preventing you…

Read More
27. 12. 2022 Damiano Chini Development, Log Management, Log-SIEM, NetEye

Adding Settings to Beats Agents’ Templates Based on the Index Name

With the introduction of the Composable Index Templates in Elastic, we at NetEye had to redesign the way index settings and mappings are applied to the indices generated by El Proxy. In this post I’ll explain: The solution explained in the remainder of the post was designed for El Proxy, but it may apply also…

Read More
21. 12. 2022 Damiano Chini Log Management, Log-SIEM, NetEye

How We Verify the Integrity of El Proxy Blockchains Altered by a Retention

El Proxy helps in compliance with GDPR regulations, which, besides the rest, imposes guarantees on the integrity of data and ensures that the data is kept for no longer than a predefined period of time. El Proxy ensures the integrity of the data by saving the data in El Proxy blockchains. The guarantee that data…

Read More
13. 12. 2022 Damiano Chini Development, Log Management, Log-SIEM, NetEye

How We Sped up El Proxy Verification

Before deploying El Proxy in production we, the R&D Team, carried out numerous benchmarks and reproduced real life scenarios to ensure that the real-time log signing performed by El Proxy would not represent a bottleneck in environments where logs that must respect the Italian “Garante Privacy” regulations are generated with data rates of around 2,000…

Read More
02. 10. 2022 Damiano Chini APM, Development, NetEye

Implementation of Distributed Tracing in Tornado with OpenTelemetry

In a previous post we showed how Distributed Tracing and Elastic APM can help Tornado administrators track down events from their generation on Tornado Collectors to the Actions they trigger in Tornado. This blog post will be more technical and will give you an insight on how we managed to implement Distributed Tracing in Tornado…

Read More
07. 09. 2022 Damiano Chini Bug Fixes, NetEye

NetEye 4 Core, Asset and SLM – Security Advisory – Multiple Vulnerabilities

Synopsis Important: Multiple Security updates for NetEye 4 Type/Severity Security Advisory: Important Topic Wuerth Phoenix has released some Critical Patches (CPs) for NetEye 4. These CPs resolve multiple vulnerabilities related to Privilege Escalation and authenticated remote command execution (RCE) exploits. Description GLPI was affected by an SSRF vulnerability in the External Calendars feature of the GLPI…

Read More

Archive