Blog Entries

29. 12. 2024 Andrea Mariani Log-SIEM, NetEye

How to Configure Kibana to Use a Proxy Server with a Certificate via the NODE_EXTRA_CA_CERTS Variable

When using Kibana in environments that require a proxy to reach external services, you might encounter issues with unrecognized SSL certificates. Specifically, if the proxy is exposed with its own certificate and acts as an SSL terminator, requests made by Kibana to external URLs can fail with HTTP status code errors. In this blog post,…

Read More
27. 12. 2024 Damiano Chini APM, Development, Log-SIEM, NetEye

Elastic Universal Profiling – Profiling native code

In a previous post we went through the configuration of Elastic Universal Profiling in NetEye, seeing how we can profile applications written in programming languages that do not compile to native code (for example Python, PHP, Perl, etc.) But what happens if the application is written for example in C, Go or Rust? Let’s take…

Read More
23. 12. 2024 Damiano Chini APM, Development, Log-SIEM, NetEye

Continuous Profiling with NetEye – Elastic Universal Profiling

Elastic 8.16, which comes with NetEye 4.39, made Elastic Universal Profiling generally available for self-hosted installations. This means that NetEye SIEM installations will now be able to take advantage of the continuous profiling solution by Elastic. In this blog post we’ll explain what you can achieve with continuous profiling, and how you can configure it…

Read More
20. 12. 2024 Giuseppe Di Garbo Atlassian, NetEye, Service Management

Managing Alerts with JSM: Focus on Incident Management (Part 2)

In the first part of this series, we explored how Jira Service Management (JSM) helps streamline Incident Management, aligning with ITIL v4 best practices. Incident Management aims to restore normal service operation as quickly as possible after a disruption, ensuring minimal impact on business operations. Events – changes in the system’s state – can trigger…

Read More
20. 12. 2024 Davide Sbetti Automation, Development, NetEye

When Less is More: NetEye Update and Upgrade Checkpoints

Hello everyone! Today, I’d like to briefly discuss an improvement to the update and upgrade procedures that we’ve started to adopt with NetEye 4.39! What we wanted to improve One aspect that made quite an impact was that whenever the update or upgrade procedure stopped, even for legitimate reasons such as rpmnew or rpmsave files,…

Read More
19. 12. 2024 Gabriele Bocchi Automation, Development, NetEye

NetEye Install and Upgrades: Moving to a Parallel Architecture

Hello everyone! Today, I’d like to share an exciting improvement we’ve made to the installation and upgrade procedures in NetEye, introducing a faster and more efficient parallel architecture! Why Modernize the Installation and Upgrade Processes? At Würth Phoenix, we strive to make NetEye not only powerful but also highly efficient and reliable for our users….

Read More
12. 12. 2024 Reinhold Trocker Log Management, Log-SIEM

Sample osquery Investigations for a Security Incident

osquery

Note: This description of a security analyst’s daily routine is fictitious. However, the osquery examples have been tested and can therefore be used as a template for your own research. 1. Alarm Detection Today started with a high-severity alarm from our Elastic Security system. The alert indicated suspicious activity on host HOST-1234, suggesting potential malware execution. The…

Read More
04. 12. 2024 Andrea Mariani Business Service Monitoring, NetEye, Unified Monitoring

Correlate Services without a Business Process

In today’s episode of “Fantastic Checks and Where to Find Them”, I’ll share how I managed to correlate two or more services on a single host, or even across different hosts. This story begins with a recent customer request. Initially, I considered using the Business Process module that’s already integrated in NetEye. However, after analyzing…

Read More
03. 12. 2024 Alessandro Romboli ITOA, NetEye

Grafana 11 Compatibility

Scenario NetEye 4 provides a graphical engine to represent time series monitoring data stored in an Influx database: the Grafana engine accessible through the ITOA menu on the left hand side. Grafana is very powerful: it consists of a dashboard built up of multiple individual panels. A lot of them are native to Grafana, but…

Read More
22. 11. 2024 Giuseppe Di Garbo Atlassian, Service Management

Managing Alerts with JSM: Focus on Incident Management (Part 1)

Alerts are critical signals that demand immediate attention to minimize disruptions and maintain smooth operations. Proactively managing alerts throughout their lifecycle is key to effective event-driven workflows, incident response, and business continuity. By leveraging alerting tools within Jira Service Management (JSM), teams can detect and resolve incidents faster, improve collaboration, and enhance service reliability. In…

Read More
06. 11. 2024 Davide Sbetti AI, Log-SIEM, Machine Learning, NetEye

The New NetEye User Guide Search: From POC to Production

Hello everyone! As you may remember, a topic I like to discuss a lot on this blog is the Proof of Concept (POC) about how we could enhance search within our online NetEye User Guide. Well, we’re happy to share with you how we’ve further developed the POC, specifically the process outlined in the first…

Read More
24. 10. 2024 Reinhold Trocker Log Management, Log-SIEM

Categories of documents – create more namespaces within an agent’s environment

In the ever-evolving landscape of IT monitoring and management, the ability to efficiently handle multi-dimensional namespaces is crucial. Within NetEye, Log-SIEM (Elastic), provides a comprehensive solution for managing the single namespace dimension with the namespace of a data_stream. This blog post deals with multi-dimensional namespaces and how NetEye’s Log-SIEM solution simplifies their management. Understanding Multidimensional…

Read More
02. 10. 2024 Davide Sbetti Log Management, Log-SIEM, Machine Learning, NetEye

Perform KNN Classification Using Elasticsearch

Hey everyone! We played around a bit last time with our radar data to build a model that we could train outside Elasticsearch, loading it through Eland and then applying it using an ingest pipeline. But since our data is in the form of vectors, could we actually exploit Elasticsearch vector database functionality and perform…

Read More
11. 09. 2024 Davide Gallo Contribution, Development, DevOps

Ansible Development, Part 1: Building an Execution Environment

Right now, at Würth Phoenix, we are investing in automating most of our operations using Ansible. You’re probably already familiar with what Ansible does, but to summarize, Ansible is an open-source, command-line IT automation application written in Python. I’ve talked about it here: One challenge we faced while developing our automation scripts was that we…

Read More
12. 08. 2024 Csaba Remenar ITOA, NetEye

How to Integrate Metrics Collected in OpenShift into NetEye/Grafana

OpenShift already has a built-in monitoring suite with Prometheus, Grafana, and Alertmanager. This is all well and good, but what if organizations want to monitor their entire infrastructure, integrating all monitoring results under one umbrella? In this case, it’s necessary to send the metrics somehow from OpenShift to NetEye. In this tutorial, I’ll show you…

Read More

Archive