Hello everyone! As you may remember, a topic I like to discuss a lot on this blog is the Proof of Concept (POC) about how we could enhance search within our online NetEye User Guide. Well, we’re happy to share with you how we’ve further developed the POC, specifically the process outlined in the first…
Read MoreWe all know that NetEye Upgrades are boring activities. Upgrading is important and useful because it brings you bug fixes and new features, but nonetheless it’s extremely expensive in terms of time. The most boring, tiring and lengthy part is when you restart NetEye Services; if you have the SIEM Module installed, the time spent…
Read MoreIn today’s digital landscape, cybersecurity is paramount. As a technical consultant, I’ve seen firsthand how organizations struggle to keep up with evolving threats. One tool that’s consistently stood out in the fight against cyber threats is Elastic Defend. In this blog post, I’ll delve into what Elastic Defend is, its key features, and how it…
Read MoreIn the ever-evolving landscape of IT monitoring and management, the ability to efficiently handle multi-dimensional namespaces is crucial. Within NetEye, Log-SIEM (Elastic), provides a comprehensive solution for managing the single namespace dimension with the namespace of a data_stream. This blog post deals with multi-dimensional namespaces and how NetEye’s Log-SIEM solution simplifies their management. Understanding Multidimensional…
Read MoreIn high-demand environments, efficiency isn’t just an advantage – it’s essential. One of the biggest hurdles we encountered was the overwhelming strain placed on NetEye’s (Elastic) master nodes during the data enrichment process. As data volumes skyrocket, so do the complexity and the need for a smarter approach. Enter our game-changing solution: offloading data enrichment…
Read MoreHey everyone! We played around a bit last time with our radar data to build a model that we could train outside Elasticsearch, loading it through Eland and then applying it using an ingest pipeline. But since our data is in the form of vectors, could we actually exploit Elasticsearch vector database functionality and perform…
Read MoreHi all, it’s been a while. I’m deeply sorry not to have sent out some blog posts lately, so now I’ll try to get back your trust by providing some useful information. Not only that, I’ll even go out of my comfort zone: instead of NetEye Core and monitoring strategies, I’ll talk about NetEye SIEM…
Read MoreElasticsearch limits the number of open shards per node with the max_shards_per_node cluster setting, which defaults to 1000. The limit on the total number of shards is then calculated from this setting with this formula: total_max_number_of_shards = cluster.max_shards_per_node * number of non-frozen data nodes If the total number of shards is reached either by a…
Read MoreAt the beginning of the month we released NetEye version 4.37 that contains Elastic Stack 8.14.3. Every version update of Elastic has both improvements and additions. To see all available integrations in NetEye, click on the screenshot here: As you can see the changes range from cloud integration, to ticketing, to not forgetting security, networking,…
Read MoreHey everyone! As you may remember, we took a look in the past at how it’s possible to use a model (trained directly in Elasticsearch) to perform some real time classification by using an ingest pipeline. But… what if we wanted to use our own externally trained model? Well the good news is that, under…
Read MoreIntroduction: Unveiling Elastic APM in Containerized Environments In today’s dynamic digital landscape, where every interaction matters, understanding the intricacies of application performance has become paramount. Elastic APM is a powerful toolset within the Elastic Stack included in the NetEye SIEM Module, and designed to provide unparalleled insights into the performance of your applications. As organizations…
Read MoreSay you want to monitor logs coming into your Elasticsearch instance, and have it send data to your Monitoring Dashboard. I’ll show you how to do this with a practical example, in particular for an event coming from the Active Directory where a user is locked out, and the associated Domain Controller sends the event…
Read MoreIn this article, we’ll explore how to configure the “Agent Binary Download” setting and set up your own artifact registry for binary downloads within a NetEye cluster. Prerequisites Before we begin, ensure you have the following prerequisites in place: Configuring the “Agent Binary Download” Setting Hosting Your Own Artifact Registry If routing traffic through a proxy server…
Read MoreWith the latest version of NetEye 4.33, the Fleet Server and ElasticAgent officially join the NetEye Elastic Stack (see NetEye 4.33 Release Notes ) Related to this new big feature, within the NetEye Extension Packs project we have provided new monitoring checks that can help customers and consultants who use NetEye to keep these new…
Read More
You weren’t expecting a part three of this series, right? Well honestly, me neither. But after working together with you on the POC where we firstly crawled the NetEye Guide and applied ELSER to the resulting documents, and then we exploited its semantic search capabilities in the NetEye Guide search, we asked ourselves, what if…
Read More