The current Elasticsearch license bundled with NetEye will expire this January 31st. To continue enjoying all the SIEM functionalities you must update to the new license. An automatic update has been released for the most recent NetEye version. Older NetEye releases however, can be updated manually. In the case the health-check light/01004_elastic_license_check.sh is preventing you…
Read MoreWith the introduction of the Composable Index Templates in Elastic, we at NetEye had to redesign the way index settings and mappings are applied to the indices generated by El Proxy. In this post I’ll explain: The solution explained in the remainder of the post was designed for El Proxy, but it may apply also…
Read MoreEl Proxy helps in compliance with GDPR regulations, which, besides the rest, imposes guarantees on the integrity of data and ensures that the data is kept for no longer than a predefined period of time. El Proxy ensures the integrity of the data by saving the data in El Proxy blockchains. The guarantee that data…
Read MoreBefore deploying El Proxy in production we, the R&D Team, carried out numerous benchmarks and reproduced real life scenarios to ensure that the real-time log signing performed by El Proxy would not represent a bottleneck in environments where logs that must respect the Italian “Garante Privacy” regulations are generated with data rates of around 2,000…
Read MoreIn a previous post we showed how Distributed Tracing and Elastic APM can help Tornado administrators track down events from their generation on Tornado Collectors to the Actions they trigger in Tornado. This blog post will be more technical and will give you an insight on how we managed to implement Distributed Tracing in Tornado…
Read MoreSynopsis Important: Multiple Security updates for NetEye 4 Type/Severity Security Advisory: Important Topic Wuerth Phoenix has released some Critical Patches (CPs) for NetEye 4. These CPs resolve multiple vulnerabilities related to Privilege Escalation and authenticated remote command execution (RCE) exploits. Description GLPI was affected by an SSRF vulnerability in the External Calendars feature of the GLPI…
Read MoreWe fixed a race condition in El Proxy for which sometimes Logstash was failing to recognize whether an incoming log should be signed by El Proxy or not. We fixed a bug in El Proxy, which caused the verify command to report corruptions in the blockchain if newly signed documents were still waiting to be…
Read MoreWe fixed a bug for which the El Proxy blockchain verification command was taking a long time to complete. To speed up the verification, El Proxy now verifies batches of the blockchain in parallel and further optimizations were introduced inside the verify command itself. The verification is now 100% faster by default and fine-tuning the…
Read MoreWe fixed a bug for which the El Proxy blockchain verification command was taking a long time to complete. To speed up the verification, El Proxy now verifies batches of the blockchain in parallel and further optimizations were introduced inside the verify command itself. The verification is now 100% faster by default and fine-tuning the…
Read MoreWe fixed a bug for which the El Proxy blockchain verification command was taking a long time to complete. To speed up the verification, El Proxy now verifies batches of the blockchain in parallel and further optimizations were introduced inside the verify command itself. The verification is now 100% faster by default and fine-tuning the…
Read MoreWe fixed a bug which could cause Icinga 2 to not behave correctly when the Smart Director was enabled. This bug was occurring when Icinga 2 started before the DRBD of Icinga Web 2 was started. For NetEye 4.22 we updated the following packages: icinga2, icinga2-autosetup, icinga2-bin, icinga2-ido-mysql, icinga2-neteye-config, icinga2-resources, icinga2-common, icinga2-selinux to version 2.11.9_neteye1.48.3-1
Read MoreWe fixed a bug which could cause Icinga 2 to not behave correctly when the Smart Director was enabled. This bug was occurring when Icinga 2 started before the DRBD of Icinga Web 2 was started. For NetEye 4.23 we updated the following packages: icinga2, icinga2-autosetup, icinga2-bin, icinga2-ido-mysql, icinga2-neteye-config, icinga2-resources, icinga2-common, icinga2-selinux to version 2.11.9_neteye1.48.3-1
Read MoreIn Tornado we lowered the default values for the retries of the Smart Monitoring action. The previous default values was leading to a too long waiting time during the block of Smart Monitoring actions performed before the Icinga 2 restarts and Icinga Director deployments. The icinga-director.service systemd watchdog timeout was raised from 10 seconds to…
Read MoreIn Tornado we lowered the default values for the retries of the Smart Monitoring action. The previous default values was leading to a too long waiting time during the block of Smart Monitoring actions performed before the Icinga 2 restarts and Icinga Director deployments. The icinga-director.service systemd watchdog timeout was raised from 10 seconds to…
Read MoreWe fixed a bug in Tornado that caused Smart Monitoring Actions to fail to correctly set statuses on Icinga 2 objects during a restart of Icinga 2 and during Icinga Director deployments, due to a race condition in Icinga 2. We also fixed a bug in the Tornado Smart Monitoring Actions that could cause to…
Read More