Blog Entries

28. 10. 2022 Enrico Alberti Log Management, Log-SIEM, NetEye

Syslog Collection with Elastic under Distributed NetEye Monitoring

Anyone who has joined the beautiful world of logging has collided, sooner or later, with the collection via syslog protocol. More than 40 years have passed since syslog was invented, and in that time there have been several attempts by the IETF to create a standard around this world (RFC 3164 and RFC 5424). Even…

Read More
21. 02. 2020 Tobias Goller Log Management, NetEye

Tornado Use Case with Elastic

Before I tell you about one of my latest customer requirements, I would like to briefly explain what our NetEye Tornado module is. In our user guide you will see it written that Tornado is the successor to NetEye’s Event Handler. It is a plugin-based, stateless, scalable rule matching engine written in Rust, based on…

Read More
25. 09. 2018 Gianluca Piccolo Log Management, Log-SIEM, NetEye

NetEye 4 Log Management: Rsyslog and the Elastic Stack

When you need to manage and collect large amounts of data, there can be a lot of hard tasks to do.  So we decided to take some of the best Open Source tools to help us do it in the best possible way.  Let me introduce you to Rsyslog and the Elastic Stack implementation for…

Read More
07. 03. 2018 Juergen Vigna Log Management, NetEye

Analyze your OpenLDAP Logs

Suppose you have an OpenLDAP Server and you want to analyze what it does.  A good way to do this is to send the logs to NetEye’s LogServer.  Some elements you will see include: – Returned Entries! (ENTRY) – Search Operations! (SEARCH) – Total Connections! (BIND) To do this you need to add a new…

Read More
31. 10. 2017 Juergen Vigna Log Management, Log-SIEM, NetEye

Sending Cisco Syslogs to Elasticsearch: A simple guide

Do you use Cisco’s network infrastructure? Would you like to view its logs through the syslog protocol in an Elasticsearch database? Find out below about the filters and templates needed for the Logstash setup. As you probably already know, you need a Logstash instance in order to get indexed data into the Elasticsearch database. Cisco…

Read More
06. 12. 2013 MarinovMihail Log Management, NetEye

Windows process tracking with Safed

As well known, the Safed agent for Windows can collect events from the event log, filters them and forward the matched records to a centralized syslog server. There are some preconfigured set of events concerning basic activities that have to be tracked. The first one, and probably the most famous due to existing law conformity…

Read More
28. 08. 2012 Tobias Goller NetEye

File access monitor

Many companies use shared directories or files to allow different users to access the information and if necessary modify them. When I am on customer site implementing new NetEye projects, it happens very often that there is the need to monitor the accesses on these shared files. To satisfy this requirement it is necessary  to…

Read More
01. 04. 2011 Patrick Zambelli Downloads / Release Notes, Log Management

Neteye SyslogView 1.7

Changelog 1.7.6 – Signature check module: Parse of signature creation date fix. Adaptation to month string case leading to misinterpretation of signature creation date – Update of included database dump to vers. 1.7.6 Changelog 1.7.5 – restartSafed(): Get method header bux fix – fix:log recovery tolerance setting included also for logCheck section – fix: setup.sh…

Read More
03. 01. 2011 Patrick Zambelli Log Management

Log flow integration of multiple IP sources

This new feature has been introduced for the auditing of Cluster installations and hosts with multiple IP addresses. The concept behind the aggregation of flows from different sources resides on the integration of log flows from load balanced hosts or hosts in failover configuration within a single host definition. This allows also the registration of…

Read More
26. 10. 2010 Patrick Zambelli Log Management

Centralized syslog agent configuration for SAFED

Today’s blog article will highlight the latest news from the Syslog Server development area. The focus lays on the integration of the distributed syslog agents into the SyslogView module of the NetEye server. The motivation for this strategic implementation is the acceleration of the installation – only a single MSI executable without user iteration has…

Read More
18. 08. 2010 NetEye Blog Admin Log Management, NetEye

Garante sulla Privacy: per saperne di piú

Molti di voi ne saranno giá a conoscenza, ma abbiamo comunque ritenuto opportuno raccogliere le nuove direttive del Garante sulla Privacy sotto forma di FAQS (domande e risposte).

Read More
17. 08. 2009 Patrick Zambelli Log Management, NetEye

Log auditing with NetEye

In passato sono già state anticipate notizie sulla nuova legge che riguarda la protezione dei dati personali all’interno di reti IT. Con questo articolo vorrei illustrare le funzionalità richieste da questa normativa e spiegare l’implementazione di essi dentro il modulo di login auditing di NetEye. Come da introduzione al testo della normativa di questo articolo,…

Read More

Archive