Creating hosts in NetEye’s Director module can sometimes be time-consuming and a repetitious, tiring and boring job. Especially if you have to populate Director with a large number of hosts for setting up a test environment, for example. One solution is to create a script consisting of nothing but icingacli commands. Each command line instruction…
Read MoreThe Safed agent keeps track of the events it receives from the Eventlog by keeping the LastEventID in registry. At start time the agent tries to retrieve all events from Windows Eventlog since starting from the LastEventID. When the amount of events since LastEventID is too large or the LastEventID has been removed from the…
Read MoreThe regulations of the GDPR in many cases require that some user data is not always present, and / and or that they are anonymized. So I would like to show you now how NetEye 4 responds to this new requirement. NetEye 4 is composed of various modules. In the NetEye 4 Log Manager, we have Elastic…
Read More– Retrieved events from eventlog (win 2008 +) starts from bookmark but should not be older than defined cache days
Read MoreIn many circumstances, monitoring systems need to be extended to locations where we have no direct control. We can think for instance of a company that provides monitoring services to various customers: each with its own firewalls and each with its own security rules. The deployment of firewall rules from the central monitoring node to…
Read MoreThe Safed agent can be configured via https and send its collected logs to the log collector though a TLS connection. The latest released version – 1.9.1 – supports TLS 1.2 (at a minimum) and TLS 1.3. The first step is to upload the private key, the local certificate and the CA certificate to the…
Read MoreWith the release of NetEye 4, we have also redesigned the Log Management module. In this blog post I would like to briefly discuss the main innovations and improvements in NetEye 4 Log Management. First, the management and configuration interface of NetEye 4 Log Manager appears in the unified NetEye 4 layout. Basically, it has…
Read MoreThis blog post describes the basic architecture of an Elasticsearch cluster. The deployment of a cluster is needed to provide high-availability and, whenever possible, to increase performance. NetEye 4’s clustering service is based on RedHat 7’s High Availability Clustering technologies: Corosync: Provides group communication between a set of nodes, application restart upon failure, and a quorum…
Read MoreWhen you need to manage and collect large amounts of data, there can be a lot of hard tasks to do. So we decided to take some of the best Open Source tools to help us do it in the best possible way. Let me introduce you to Rsyslog and the Elastic Stack implementation for…
Read MoreOur rapidly changing digital world is demanding new monitoring strategies for managing your IT infrastructure and adapting business transformations in real time. IoT, mobility and Hybrid Clouds offer opportunities as well as potential risks and challenges. How can you succeed in shifting your security posture from reactive to active, and your IT service monitoring from…
Read MoreReady to take your IT process skills beyond the traditional? Our new training offerings will help you acquire, maintain and improve your knowledge and skills around our solutions. This year’s training program contains courses for NetEye, EriZone or Alyvix customers and partners, each lasting between 2 and 4 working days. The main focus will be…
Read MoreSuppose you have an OpenLDAP Server and you want to analyze what it does. A good way to do this is to send the logs to NetEye’s LogServer. Some elements you will see include: – Returned Entries! (ENTRY) – Search Operations! (SEARCH) – Total Connections! (BIND) To do this you need to add a new…
Read MoreIf you have an Elasticsearch Database like the one in the NetEye Elastic Stack Module then you are surely interested in integrating this information into your Monitoring environment. To do this, use this new plugin: check_elasticsearch_query # /data/neteye/usr/lib/nagios/plugins/local/check_elasticsearch_query –help Check a count of number of events fount in elasticsearch over a query and timeframe Usage:…
Read MoreNow that your company has invested time and resources in gathering information about your entire installed base of software and equipment, how can we analyze and measure its level of security protection? Can we identify the vulnerabilities in your company’s software? Can we create a scoring function that measures security and how it changes over…
Read MoreGrok is a plug-in installed by default in Logstash, which is supplied with the Elastic package (the ELK – Elasticsearch, Logstash and Kibana), one of the integrated modules in our NetEye Unified Monitoring solution.What is this plug-in for? First of all, Grok is an English neologism that means “to understand profoundly, intuitively or by empathy,…
Read More