Keeping an offline copy of your logs does not only provide better visibility from the system management point of view, but also turns out to be extremely precious in case of a security incident during which your local copies have been affected. As many of you might know, the Log Management module of NetEye offers…
Read MoreDuring my last projects I noticed that the implementation of a „Security Operations Center“ (in short SOC) is becoming increasingly important, especially for our enterprise customers. Mainly for big companies that are of public interest like banks, energy providers, assurances etc. the topic of cyber threats is getting more actual and requires special attention. This…
Read MoreSome time ago I published an article about how to store the NetEye SMS Protocol log into an ELK environment. Now, after using it some times, I discovered that it was not completely correct as the time/date functions for the Logstash filters are a bit more complicated. In particular, it was that the date was…
Read MoreSometimes it is not so visible how many SMS are sent by a NetEye Server and to whom. So it could be a good idea to give the sms-send-protocol file to the Log Management and to include it into the Elasticsearch Index. Then you may create a Dashboard in Kibana to show the usage of your…
Read MoreAs you already know, from version 3.6 we’ve integrated the Elastic Stack (consisting of Elasticsearch, Logstash and Kibana) to the NetEye Log Management. This integration provides a lot of additional possibilities for log analysis, log correlation, dashboard creations, etc. Furthermore, it allows to store the collected logs for different periods, which wasn’t possible on prior…
Read MoreThanks to the integration of the Elastic Stack to our NetEye Log Management, we established a professional relationship to Elasticsearch BV. Today we are very proud to announce that the history behind our NetEye Log Management was published on the official Elastic blog. Our business unit manager Georg Kostner, describes the market requirements, which led us to the development…
Read MoreThe new Würth Phoenix training calendar 2016 is now available. The training contents have been enriched to deepen your technical and professional skills.
Read MoreEffective log auditing, meaningful reports and better integration of the single modules The new version NetEye 3.6 provides some substantial improvements, to respond to specific customer needs, as well as to satisfy the continuously growing requirements in the complex world of IT monitoring. Major investments were made in the fields of reporting and SLA measurement….
Read MoreSometimes it is required to trace login/logoff activities of the administrator in order to be compliant with legal guidelines or simply for security reasons (see also our article “What to do with all those logs“). The Safed agent for Windows can be easily configured to collect administrator’s login/logoff. The agent is deployed with some administrator discovery commands,…
Read MoreThe Italian Data Protection Authority requires the management and storage of millions of logs, but also outside Italy, a good log management strategy can provide several advantages. Some years ago, the Italian Data Protection Authority defined that the companies must register and store all data related to the system accesses performed by the administrators. This…
Read MoreTo avoid a similar problem the next time change from winter to summer time ( i.e. CET to CEST ) a fix release has been published, backported for NetEye release 3.4. Update for NetEye 3.4 will be neteye-syslogview 2.1.9 Users of NetEye 3.5 will apply this fix together with other UI improvements and a better…
Read MoreTo keep the number of open TCP connections of the Log Auditing server under control, the SyslogView version 2.1.8 contains a control in the daily archiviation script, to check the number of currently open connections. This issue could be found in particular situations, where SAFED or other Audit agents might send across a routing device …
Read MoreIn a standard MySQL setup, the logging of user logins/logouts is done by enabling the “general_log” logfile, which forces the MySQL process to log EVERYTHING. This can clearly produce bad performances under heavy load. To avoid such performance restrictions we added a new MySQL Audit Plugin to the Syslog View of NetEye.
Read MoreYou probably already heard about Elasticsearch and its potential. Elasticsearch is a full-text search engine based on Lucene. It provides a RESTful web interface and schema-free JSON documents. To be able to better display logs collected by NetEye, we integrated three open source projects: Logstash, Elasticsearch and Kibana. Logstash parses logs and submits them to Elasticsearch, which saves them…
Read More