Elasticsearch limits the number of open shards per node with the max_shards_per_node cluster setting, which defaults to 1000. The limit on the total number of shards is then calculated from this setting with this formula: total_max_number_of_shards = cluster.max_shards_per_node * number of non-frozen data nodes If the total number of shards is reached either by a…
Read MoreA lot of people run regular tasks on their Windows Servers using the Windows Task Scheduler. Now it’s time to find out if these tasks run on time, within a limit, and complete successfully. This monitoring task is done over nscp.exe, so you should have NSClient++ installed along with your Icinga2 Agent. Take a look…
Read MoreWhenever I upgrade a NetEye Cluster with all its Satellites, it’s important that no host is forgotten, and that all packages are installed (which can happen because an upgrade error occurred, for example if one forgot to call neteye_finalize_installation). So I thought it would be handy to have a script/plugin that shows the current version…
Read MoreSay you want to monitor logs coming into your Elasticsearch instance, and have it send data to your Monitoring Dashboard. I’ll show you how to do this with a practical example, in particular for an event coming from the Active Directory where a user is locked out, and the associated Domain Controller sends the event…
Read MoreDo you have a SIEM installation based on Elasticsearch (like the NetEye 4 SIEM Module) and are you sending data to it from your hosts? Then you’ll surely want to know whether your host is actually sending data, or if nothing is coming out at all. For this I made available a simple icinga/nagios plugin…
Read MoreSay you’re using the SIEM Module in NetEye and are deploying the Elasticsearch Agent to your clients. You’d surely like to know if those agents are still sending data and are still connected to the Elastic Fleet server. I had this problem recently and came up with a new monitoring plugin that uses the Kibana-API…
Read MoreDo you ever need to reboot or do maintenance on your Windows Server? Then if the server is monitored by NetEye, you’ll surely want to mark it in downtime so as not to have notifications sent out for problems arising due to maintenance, and/or to be able to have the correct SLA marked for your…
Read MoreIf you have a NetEye with SIEM Module activated or own an Elasticsearch installation then you have surely activated the Elasticsearch Snapshots to make backups of all your indexes (or at least the important ones). However you have to take a regular look at your Snapshots Reports to check that everything is working correctly. I…
Read MoreWhen upgrading NetEye 4 from version 4.22 to version 4.23, the main focus is the upgrade/change of the operating system from CentOS 7 to the new RHEL 8 operating system. Normally you can proceed as explained in the Upgrade section of the user guide since NetEye 4 uses the “normal” BIOS boot sector with grub….
Read MoreSending an SMS requires time, between 5-7 seconds. This means that if you have to write a lot of SMS’s, you have to attach more than one SMS gateway to your server to be able to send them within a certain time frame. This is possible using the USB connection of the SMS gateway. As…
Read MoreLast time I wrote about how you can have incoming SMS messages sent to the Tornado Engine so that you can make Tornado Rules to process them. This time I’d like to show you a real use case where we check whether the SMS Gateway is really working or not by sending an SMS to…
Read MoreMost physical NetEye servers have an SMS Gateway attached in order to send CRITICAL notifications via an SMS message, since this will work even when the main network is down. However, sometimes you just want to send messages to your NetEye server’s SMS Gateway in order to effect certain actions, for example just to check…
Read MoreRecently a customer told me he would like to monitor and graph the values that his Fortigate Firewall was generating for his configured SLA Trackers. What are these SLA Trackers? I informed myself and found the following in a Fortigate Cookbook. Fortigate Performance SLA ─ Link Monitoring Performance SLA link monitoring measures the health of…
Read MoreHPE Nimble Storage is a data storage solution, created by Nimble Storage, which was bought by HPE in 2017. Recently I had to monitor such a storage service and for this I used the following plugin: check_nimble_health_api.py Nimble offers a REST Web API to query its status and that’s what this plugin uses. Unfortunately it’s…
Read MoreWe’ve already written a blog post about how to integrate Alyvix 3 and Alyvix Server into NetEye 4. Some time has passed and a few things have changed, so here are some new HOWTO’s that can make your life easier. HARD State/Soft State with the right notification sent out The first thing is that the…
Read More