Choosing the right backup solution is critical for system administrators and IT professionals. The upcoming NetEye 4.41 version will bring an update to MariaDB, moving from version 10.3 to 10.11. This makes it especially timely to explore the opportunities offered by the Mariabackup tool in order to be fully prepared for the changes ahead. This…
Read MoreIn NetEye environments we use Tornado to collect events, elaborate on them, and send notifications based on them from a lot of sources (syslog, email, SNMP traps and so on). In this article I’d like to suggest a different use case: how to use Tornado to monitor your cron jobs. In our example we want…
Read MoreAs technology continually evolves, keeping our software stack up to date is essential for performance, security, and access to new functionalities. In this post, I want to share how we upgraded MariaDB from version 10.3 to 10.11 as part of the NetEye 4.41 release. This upgrade was not only a technical necessity, but a strategic…
Read MoreIn some test or development environments, you may need to simulate the presence of GSM modems without having an actual physical device. This can be useful for example when testing monitoring checks, SMS management systems, or creating new notification rules. In this post I’ll show you how I created a serial modem emulation service. The…
Read MoreJust like last year, we had the wonderful opportunity to attend FOSDEM, the most important open source conference in Europe. This year was no exception, and among the many exciting talks, one that particularly caught my attention was Alex Stefanini’s presentation on Podman Quadlet. Integrated with Podman since version 4.4, Quadlet has emerged as a…
Read MoreWhen designing an Elasticsearch architecture, choosing the right storage is crucial. While NFS might seem like a convenient and flexible option, it comes with several pitfalls when used for hosting live Elasticsearch data (hot, warm, cold, and frozen nodes). However, NFS proves to be an excellent choice for storing snapshots and searchable snapshots. Here’s why….
Read MoreWhen using Kibana in environments that require a proxy to reach external services, you might encounter issues with unrecognized SSL certificates. Specifically, if the proxy is exposed with its own certificate and acts as an SSL terminator, requests made by Kibana to external URLs can fail with HTTP status code errors. In this blog post,…
Read MoreIn a previous post we went through the configuration of Elastic Universal Profiling in NetEye, seeing how we can profile applications written in programming languages that do not compile to native code (for example Python, PHP, Perl, etc.) But what happens if the application is written for example in C, Go or Rust? Let’s take…
Read MoreElastic 8.16, which comes with NetEye 4.39, made Elastic Universal Profiling generally available for self-hosted installations. This means that NetEye SIEM installations will now be able to take advantage of the continuous profiling solution by Elastic. In this blog post we’ll explain what you can achieve with continuous profiling, and how you can configure it…
Read MoreIn the first part of this series, we explored how Jira Service Management (JSM) helps streamline Incident Management, aligning with ITIL v4 best practices. Incident Management aims to restore normal service operation as quickly as possible after a disruption, ensuring minimal impact on business operations. Events – changes in the system’s state – can trigger…
Read More
Hello everyone! Today, I’d like to briefly discuss an improvement to the update and upgrade procedures that we’ve started to adopt with NetEye 4.39! What we wanted to improve One aspect that made quite an impact was that whenever the update or upgrade procedure stopped, even for legitimate reasons such as rpmnew or rpmsave files,…
Read MoreHello everyone! Today, I’d like to share an exciting improvement we’ve made to the installation and upgrade procedures in NetEye, introducing a faster and more efficient parallel architecture! Why Modernize the Installation and Upgrade Processes? At Würth Phoenix, we strive to make NetEye not only powerful but also highly efficient and reliable for our users….
Read More
Note: This description of a security analyst’s daily routine is fictitious. However, the osquery examples have been tested and can therefore be used as a template for your own research. 1. Alarm Detection Today started with a high-severity alarm from our Elastic Security system. The alert indicated suspicious activity on host HOST-1234, suggesting potential malware execution. The…
Read MoreIn today’s episode of “Fantastic Checks and Where to Find Them”, I’ll share how I managed to correlate two or more services on a single host, or even across different hosts. This story begins with a recent customer request. Initially, I considered using the Business Process module that’s already integrated in NetEye. However, after analyzing…
Read MoreScenario NetEye 4 provides a graphical engine to represent time series monitoring data stored in an Influx database: the Grafana engine accessible through the ITOA menu on the left hand side. Grafana is very powerful: it consists of a dashboard built up of multiple individual panels. A lot of them are native to Grafana, but…
Read More