With NetEye 4.22 we released a feature awaited for years: the ability to reach the Elasticsearch API externally, thanks to our NGINX proxy under NetEye. This new feature brings with it a lot of use cases, but what was turning over and over in my head was the automatic process for verification of the blockchains…
Read MoreSometimes you’d just really like to have an overview of what happens to the Events that flow through Tornado. Where do they come from? Did they get stuck somewhere in the Collectors or in Tornado? Which Tornado Actions did they trigger? Gathering all this information from hundreds of log lines across different services (i.e., Tornado…
Read MoreWe fixed a bug in El Proxy, which caused the El Proxy service to not being able to sign new logs after a restart, in the particular case that the last signed log of the blockchain was put in the Dead Letter Queue. For NetEye 4.22 we updated the following packages: elastic-blockchain-proxy, elastic-blockchain-proxy-autosetup to version…
Read MoreSynopsis High impact: Grafana security update Type/Severity Security Advisory: High impact Topic An update for grafana is now available for NetEye 4.22. NetEye Product Security has rated this update as having a security impact of High. Common Vulnerability Scoring System (CVSS) base scores provide additional guidance about a vulnerability and give a detailed severity rating….
Read MoreWe fixed a bug in Tornado which caused rules to not match if the ${item} of the ForEach action was interpolated with other strings. For NetEye 4.22 we updated the following packages: tornado, tornado-autosetup, tornado-common, tornado-neteye-config, tornado-dto, tornado-rsyslog-collector to version 1.18.3-1
Read MoreWe fixed a bug in Tornado which caused Elastic APM to be unable to relate the traces coming from the Tornado Collectors to the traces of the Tornado Engine. For NetEye 4.22 we updated the following packages: tornado, tornado-autosetup, tornado-common, tornado-neteye-config, tornado-dto, tornado-rsyslog-collector to version 1.18.2-2 icingaweb2-module-tornado, icingaweb2-module-tornado-autosetup to version 1.5.0-3 icingaweb2-module-tornadocarbon, icingaweb2-module-tornadocarbon-autosetup to version…
Read MoreScenarioIn a Microsoft Remote Desktop environment, it’s a common need to force the logoff of a hanged user session. The NetEye Command Orchestrator (CMDO) can help us perform this task by executing remote commands through the Icinga2 agent API. There’s a security limitation built into the Command Orchestrator which allows only numeric parameters for executed…
Read MoreThe Monitoring Plugins have been updated to version 2.3.1 and released in beta.Please have a look at the official documentation for the full list of improvements. Before running the update it is necessary to execute the following command to see if there are any previously modified files: rpm -qV monitoring-plugins Output example:S.5….T. d /usr/lib64/neteye/monitoring/plugins/check_time If…
Read MoreWe fixed a bug in Neteye 4.21 that didn’t allow the cmdorchestrator module to edit a command group without changing the name. For NetEye 4.21 we updated the following packages: icingaweb2-module-cmdorchestrator and icingaweb2-module-cmdorchestrator-autosetup to version 0.11.1-1
Read MoreWe fixed a bug in Neteye 4.21 that made the JWT authentication fail on the first try in case an existing backend, different from the standard one provided by Neteye and placed before it in the authentication ini file, failed. For NetEye 4.21 we updated the following packages: icingaweb2-module-neteye and icingaweb2-module-neteye-autosetup to version 1.103.3-1
Read MoreWelcome to version 4.22 of our NetEye v4 Unified Monitoring Solution. NetEye welcomes the new year and its new release with what is probably the most famous church tower in South Tyrol: the half-submerged steeple of the Resia Lake. The Lake Reschen, “Reschensee” in German and “Lago di Resia” in Italian, is located at the…
Read MoreWe fixed a bug in Neteye 4.21 that made the neteye secure install restart the httpd service also on passive nodes of a cluster. For NetEye 4.21 we updated the following packages: lampod to version 1.1.1-1
Read MoreWe fixed a bug, where renames of files through an Icinga 2 service would write extra lines to the Plugin Output. For NetEye 4.21 we updated the following packages: libhookrename to version 1.0.1-1
Read More
Calendar 2022 NetEye Fundamental WPN4-FUNGet an introduction to the fundamentals of our monitoring platform. Learn to handle its main features, distinguish between basic and core concepts, and to choose the proper monitoring configuration design. NetEye Advanced WPN4-ADVLearn advanced NetEye concepts and how to deal with the tool. Master different NetEye functionalities to face particular situations…
Read MoreWe decided to carry out an evaluation of Elastic’s EDR using the APT Simulator (https://github.com/NextronSystems/APTSimulator) tool. This tool is widely used within the cyber security community and is highly reputed, as it was developed by Florian Roth, who also created the Sigma Rule project. APT Simulator is a Windows Batch script that uses a set…
Read More