In a standard MySQL setup, the logging of user logins/logouts is done by enabling the “general_log” logfile, which forces the MySQL process to log EVERYTHING. This can clearly produce bad performances under heavy load. To avoid such performance restrictions we added a new MySQL Audit Plugin to the Syslog View of NetEye.
Read MoreYou probably already heard about Elasticsearch and its potential. Elasticsearch is a full-text search engine based on Lucene. It provides a RESTful web interface and schema-free JSON documents. To be able to better display logs collected by NetEye, we integrated three open source projects: Logstash, Elasticsearch and Kibana. Logstash parses logs and submits them to Elasticsearch, which saves them…
Read MoreFor the current NetEye 3.4 release, has been released an update of SyslogView. This version comes with these new features: Version 2.1.7: Add of new option -T to check_neteye_logManager.sh. This option check the TCP Socket 514 to be available on the local Rsyslog server For now it is better to make use of -T and…
Read MoreAs well known, the Safed agent for Windows can collect events from the event log, filters them and forward the matched records to a centralized syslog server. There are some preconfigured set of events concerning basic activities that have to be tracked. The first one, and probably the most famous due to existing law conformity…
Read MoreThe new version of Safed 1.6.7 comes with a new system administrator discovery executable based on .Net. This version is compatible with old version configurations ( < 1.6.5). Pay attention, the 1.6.6 version that came few days ago had had the same feature but when upgrading an old installation, the system admnistrator discovery configuration of…
Read MoreThe SyslogView module is the log and events collector for activities on remote hosts. Log messages or Eventlog entries of a Microsoft server are collected with this tool and stored for later auditing or search. A recent customer request was to make these incoming events more transparent for monitoring. What if the remote SAFED agent…
Read More– Added additional Syslog Agent definition for every supported operating system. Each additional definition is customizable and provides compatibility towards older versions of SAFED before 1.6 and possible custom port and communication settings. – FIX: The Syslog Search Statistic: ( configuration -> search ) is not showing the indexing statistic. – FIX: Syslog Search Statistic:…
Read MoreThis release contains a minor fix in case the Rsyslog Server creates a log file without any content. This very uncommon situation was leading in the syslog – parser process to a warning – notified via email – that a zero division occurred since there are no rows of logs to parse. Details of the…
Read MoreA new SyslogView FIX version has been released to correct the centralized SAFED configuration parameter “number of cache files”.
Read MoreFix release announcement for NetEye SyslogView and the SyslogView Search engine. SyslogView specific fixes: – Add a new SAFED nagios monitoring template. This can be used for an alternative SAFED configuration together with the main monitoring definition – Fix some JS DOM ID registrations – Add statistics regex to match “Eventlog corruption” SyslogView Search specific:…
Read MoreFix release announcement for NetEye SyslogView and the SyslogView Search engine. SyslogView specific fixes: – FIX: Syslog Statistics: Regex filter selection box not shown in interface – FIX: Syslog Statistics: The statistic regex filters where not applied correctly on the row count of matching lines at the creation of statistics other than “general” – FIX: SyslogStore…
Read MoreThis Fix version of Syslog Server View is another release to support the comunication compatibility towards the new Safed agent 1.6 family. Due to some specification changes it is required to activate this version of SyslogView to be able to use the centralized configuration utility sending the configuration towards the agent and applying it there…
Read MoreChangelog 1.0.3 – Fixed issue with date generation – now parser stops execution (with error) if no date is correctly generated.
Read MoreThe version 1.4.3 of the Safed agent has been released. The fix solves a race condition problem that, under certain circumstances, can lead to the creation of multiple http server processes. It is recommended to update to this version of Safed.
Read MoreChangelog 1.7.6 – Signature check module: Parse of signature creation date fix. Adaptation to month string case leading to misinterpretation of signature creation date – Update of included database dump to vers. 1.7.6 Changelog 1.7.5 – restartSafed(): Get method header bux fix – fix:log recovery tolerance setting included also for logCheck section – fix: setup.sh…
Read More