Blog Entries

28. 08. 2024 Fabrizio Dovesi Atlassian, Service Management

Automate the Clustering of Similar Cases for Effective Handling of a Significant Volume of Incoming Alerts

This guide will show you how to enable your team to handle multiple cases simultaneously, letting you manage them as if they were just one. In which scenarios would this solution offer users a valuable benefit? Have you ever had to discard a significant number of cases, requests, or emails because there were simply too…

Read More
15. 12. 2023 Rocco Pezzani NetEye, Unified Monitoring

Troubleshooting Icinga Notifications

I don’t really know the reason behind it, maybe because the typical scenario for notifications is just “send all events to this mailing list”, or as we say: set it and forget it. But we shouldn’t use this as an excuse: monitoring projects now consist of tens of thousands of objects (hosts plus services), and…

Read More
26. 10. 2023 Luca Zeni Blue Team, SEC4U

From Chaos to Case: How SLAs Make Life Better!

One of the primary responsibilities of a Security Operation Center (SOC) is to effectively manage issues related to monitoring the security perimeter. This involves the meticulous analysis of alerts, the creation of subsequent cases, and if necessary, the escalation of incidents to the client through ticketing systems or, in some cases, the closure of incidents…

Read More
27. 04. 2023 Tobias Goller Anomaly Detection, Unified Monitoring

Alerting on Network Traffic Anomalies with ntopng

Today I’d like to tell you about the possibility of alerting when anomalies in network traffic are encountered. I use ntopng to generate, evaluate and forward these alerts. If you don’t know about ntopng, let me briefly describe for you what it does. According to its creator, ntopng is a High-Speed Web-based Traffic Analysis and…

Read More
11. 01. 2021 Enrico Alberti Log-SIEM, NetEye

Alerting on NetEye SIEM: Tornado Webhooks and Smart Monitoring (part 2)

In my previous post I showed you how to make your own alerts on NetEye SIEM by using the Elastic Watcher and Alerts and Actions features. But if we work in production environments, what we really need is an alert that can go directly to NetEye’s Monitoring Overview. How can we manage SIEM alerts and…

Read More
11. 01. 2021 Enrico Alberti Log-SIEM, NetEye

Alerting on NetEye SIEM: Watcher & ‘Alerts and Actions’ (Part 1)

The main goal of a monitoring system like NetEye is to alert and notify you when something noteworthy happens in your environment. All the logs coming in to NetEye SIEM can be analyzed, and could raise one or more alerts in the Elastic Stack, such as detection, machine learning anomalies, etc. How can you make…

Read More
02. 10. 2019 Mirko Morandini Service Management

Integrating EriZone with Monitoring Tools

Two screens for monitoring, ticketing, event management, CRM, project management and Outlook, and at least another two screens for all the applications that you need to manage… that often seems to be the minimum for working efficiently. However, you probably don’t want your office to look like a NASA flight control room… To organize the…

Read More

Archive