Since its introduction the HTTP/2 protocol has been adopted more and more in servers and clients applications thanks to its improved performance compared to its ancestor HTTP/1.1. This poses an issue to services exposed via nginx, since some specific configurations are needed on nginx in order to allow clients and servers to fully use the…
Read MoreJira Service Management now includes a new feature that lets you easily schedule your activities. What? You haven’t activated it yet? No worries, you’re in the right place! Here’s a quick guide to how to enable it and make the most out of it in just a few clicks. How to Enable the Calendar View If…
Read MoreWhile traditional vulnerability scanning techniques provide valuable insights from the outside, authenticated scans offer a deeper, more comprehensive understanding of system security by providing more vulnerability details on the scanned system from an internal perspective. By leveraging valid system credentials, Greenbone’s authenticated scans provide critical insights about system configurations, software versions, and potential internal weaknesses…
Read MoreWhen monitoring Kubernetes clusters using Elastic Stack, the volume of logs can be overwhelming, often reaching gigabytes per minute. This is particularly true for OpenShift clusters, where significant traffic originates from system namespaces you might not be familiar with. Optimizing log collection becomes crucial for maintaining system efficiency and resource utilization. Success in this endeavor…
Read MoreNowadays attacks evolve over time and threat actors are following different ways to reach the same objectives. This could represent a problem on the defensive side. How can you always be up-to-date and ready to detect, but then when a vulnerability is exploited be able to act in several ways depending on the threat actor?…
Read MoreThis post offers a simple and pragmatic way to manage your company’s knowledge base with an SaaS product like Confluence. Why are we always here talking about the documentation problem? The title of this post references the Panda, an endangered animal that has become a symbol of the WWF since its founding in 1961.The panda…
Read MoreWhen using Kibana in environments that require a proxy to reach external services, you might encounter issues with unrecognized SSL certificates. Specifically, if the proxy is exposed with its own certificate and acts as an SSL terminator, requests made by Kibana to external URLs can fail with HTTP status code errors. In this blog post,…
Read MoreIn a previous post we went through the configuration of Elastic Universal Profiling in NetEye, seeing how we can profile applications written in programming languages that do not compile to native code (for example Python, PHP, Perl, etc.) But what happens if the application is written for example in C, Go or Rust? Let’s take…
Read MoreIn today’s digital landscape where cyber threats are constantly evolving, recurring vulnerability scanning is not only a best practice, but a strategic imperative with the aim of minimizing exposure to potential risks. Regular vulnerability scanning helps identify weaknesses in systems, applications and infrastructures, allowing them to be addressed in a timely and strategic way before…
Read MoreElastic 8.16, which comes with NetEye 4.39, made Elastic Universal Profiling generally available for self-hosted installations. This means that NetEye SIEM installations will now be able to take advantage of the continuous profiling solution by Elastic. In this blog post we’ll explain what you can achieve with continuous profiling, and how you can configure it…
Read MoreGLPI agents have various additional functionalities, from network discovery to remote inventory and ESX inventory. These can be controlled either directly from the command line (see my colleague’s blog https://www.neteye-blog.com/2024/07/glpi-device-discovery/ for some practical examples) or in a centralized way from the server, via the GLPI Inventory plugin (https://www.neteye-blog.com/2024/12/gui-based-glpi-network-inventory-setup-with-the-glpi-inventory-plugin/). There’s also another handy way to configure…
Read MoreNagVis, which in NetEye 4 is called the “Maps” Application, is a visualization add-on for the well-known network management system Nagios® and Icinga. NagVis can visualize monitoring status data as objects overlaid on maps to display them in different layouts: So in general, NagVis (Maps) is a presentation tool for information gathered in NetEye by…
Read MoreLogs should be centralized, easily accessible, and independent from the monitored objects. Therefore, it’s advisable not to rely solely on the built-in monitoring system of OpenShift; instead, consider using an additional external monitoring solution. In this article, we’ll explore how to monitor an OpenShift cluster using Elastic Stack. Installing the Integration Since OpenShift is entirely…
Read MoreIn the first part of this series, we explored how Jira Service Management (JSM) helps streamline Incident Management, aligning with ITIL v4 best practices. Incident Management aims to restore normal service operation as quickly as possible after a disruption, ensuring minimal impact on business operations. Events – changes in the system’s state – can trigger…
Read MoreWe fixed a bug which was causing the Elasticsearch upgrade procedure to fail in a race condition. In particular, after the upgrade of the Elasticsearch RPM and before the restart of the service, the running Elasticsearch service could possibly fail loading some libraries, hence breaking the upgrade procedure. We updated the following packages:
Read More