Say you want to monitor logs coming into your Elasticsearch instance, and have it send data to your Monitoring Dashboard. I’ll show you how to do this with a practical example, in particular for an event coming from the Active Directory where a user is locked out, and the associated Domain Controller sends the event…
Read MoreFirst of all, I’ll briefly explain what the “Tornado” in NetEye actually is. Tornado is a Complex Event Processor that receives reports of events from data sources such as monitoring, email, and SNMP Traps, matches them against rules you’ve configured, and executes the actions associated with those rules, which can include sending notifications, logging to…
Read MoreWelcome to version 4.34 of our NetEye v4 Unified Monitoring Solution. Spring is slowly approaching and the first plants awake from their winter slumber and peek through the snow. One of the earliest to bloom is the Crocus from the family of the Iridaceae. It’s native to Europe, North Africa, and Central Asia up to…
Read MoreToday I want to present an Icinga 2-based monitoring use case where concepts of the powerful Icinga 2 DSL functional language come into play. The use case is based on mapping the status of a Host/Service Object via passive check results only. For this kind of use case, any accidental active status check could potentially…
Read MoreIndex Lifecycle Management (ILM) policies constitute a fundamental component in Elasticsearch index management. They enable users to define the life stages of an index, determining when and how specific actions, such as transitioning from a “hot” to a “cold” state or deleting obsolete indices, should occur. ILM policies empower users to ensure the optimal distribution…
Read MoreAs you may know, NetEye Cloud is our multi-tenant SaaS solution for monitoring your infrastructure. It’s crucial to us for keeping every tenant aligned with the latest configurations and patches. We’ve managed to automate and align the agents via Desired State Configuration (DSC) and Ansible, but we still had to manually check those agents’ configurations….
Read MoreDo you have a SIEM installation based on Elasticsearch (like the NetEye 4 SIEM Module) and are you sending data to it from your hosts? Then you’ll surely want to know whether your host is actually sending data, or if nothing is coming out at all. For this I made available a simple icinga/nagios plugin…
Read MoreI don’t really know the reason behind it, maybe because the typical scenario for notifications is just “send all events to this mailing list”, or as we say: set it and forget it. But we shouldn’t use this as an excuse: monitoring projects now consist of tens of thousands of objects (hosts plus services), and…
Read MoreScenario NetEye 4 is a comprehensive monitoring platform which natively supports Business Processes. A Business Process is an abstract view of a customer’s Business from the Application point of view. Usually, it’s a collection of Icinga2 checks aggregated by “AND, OR, At Least” logics in order to monitor if a Business Application is really available…
Read MoreThe popular open source software suite GLPI, an acronym for Gestionnaire Libre de Parc Informatique, has been part of the NetEye ecosystem since its beginnings, more than 15 years ago. GLPI includes a comprehensive, pre-configured IT Asset management database, an ITIL-compliant service desk (ticketing) and feature-packed inventory agents. Within the scope of NetEye, GLPI is…
Read MoreWelcome to version 4.33 of our NetEye v4 Unified Monitoring Solution. With this release, NetEye welcomes Winter with a spectacular view of St. Jakob Church. It is located in Ortisei (or St. Ulrich in German), a small village in Val Gardena (Gröden in German) perfect to stroll about in, discover new things, and fall in…
Read MoreSay you’re using the SIEM Module in NetEye and are deploying the Elasticsearch Agent to your clients. You’d surely like to know if those agents are still sending data and are still connected to the Elastic Fleet server. I had this problem recently and came up with a new monitoring plugin that uses the Kibana-API…
Read MoreSome years ago, one of my colleagues wrote an article about how to “Avoid Tornado Rules Repetition with a Map Post-modifier”. He presented an interesting and very useful way for creating Tornado rules without rewriting them. The core of his approach was based on the Mapping modifier, a functionality in the previous Tornado GUI that…
Read More
At the OSMC 2023 conference, we embarked on an exciting journey into the world of open-source monitoring. It was an event filled with inspiration, insights, and innovation.
Read MoreAfter my last ntopng trainings, which I taught as an instructor, I noticed that many ntopng users were not familiar with the display of multiple time series charts overlapping in one graphic. Since I believe that this is one of the most important display options, I’ll use this blog post to show you how to…
Read More