Hi all, it’s been a while. I’m deeply sorry not to have sent out some blog posts lately, so now I’ll try to get back your trust by providing some useful information. Not only that, I’ll even go out of my comfort zone: instead of NetEye Core and monitoring strategies, I’ll talk about NetEye SIEM…
Read MoreBeginning with NetEye version 4.26, Alyvix has been fully integrated into NetEye. Currently Alyvix within NetEye is implemented as the neteye-alyvix module, and is part of our Application Performance Monitoring (APM) world. We have Elastic with all the functionality of traditional APM, and then for synthetic monitoring we have Alyvix. In the past few weeks…
Read MoreEl Proxy helps in compliance with GDPR regulations, which, besides the rest, imposes guarantees on the integrity of data and ensures that the data is kept for no longer than a predefined period of time. El Proxy ensures the integrity of the data by saving the data in El Proxy blockchains. The guarantee that data…
Read MoreIn my previous blog post, we had a long discussion about how Icinga 2 manages its configuration in a Distributed Monitoring environment and how this can lead to unwanted disclosure of sensitive data, be it Secrets or Personal Data. The post ended with a set of recommendations/best practices that can be summarized in the statement…
Read MoreToday I want to talk about a topic that, although it is (and always has to be) in the spotlight, is seeing its popularity skyrocket even more in recent months: how to handle Secrets and Personal Data with NetEye. And I’m not talking about the right way to use Director’s Data Fields, how to hide…
Read MoreDuring my experience as a Würth Phoenix consultant, I’ve seen a pretty long list of broken Icinga 2 configurations. Several times, customers have begun a scheduled meeting with something like “Hey mister consultant, ever since the last deploy some objects have stopped being monitored, but I don’t see any errors!”. After some troubleshooting, everything always…
Read MoreWhen I’m running a service which processes a lot of data, sooner or later I start to wonder: what is the service doing? What data is it processing? This also applies to our event processor Tornado. For the Tornado Engine, the administrator may wonder for example how many events Tornado is receiving, how many actions…
Read MoreOne of the strongest points of NetEye is the extremely high level of customization that you can reach. It allows any customer to set up their environment for an almost perfect fit to their own needs or desires. This is typically achieved with the work of our Consultant Team in understanding each customer’s needs, and…
Read More(Or, Who’s Monitoring the Monitor?) Everyone uses a monitoring system to understand what’s going on in their own environment and how it performs, but what about the monitoring system itself? The monitoring system also has its own tasks to perform, and obviously its own needs. Therefore even NetEye itself, while performing its duties, can be…
Read MoreWhenever a new monitoring project gets underway, a consultant discusses with the customer about almost any related topic: what needs to be monitored, how to monitor it, when to implement it, how to represent performance data, etc. Based on customer needs and desires, any sort of implementation strategy can be planned, but almost all of…
Read MoreBeginning with NetEye 4.17, the NetEye Log Management module has been able to rely on the new Real Time Log Signing architecture, which aims to overcome some weaknesses in the previous Log Management implementation based on rsyslog. One of the core components of the new architecture is the new El Proxy daemon, whose tasks are…
Read More“A dashboard should tell a story or answer a question” “Dashboards should reduce cognitive load, not add to it“ Following the two best practices mentioned above I would like to consider the following use case: I am a NetEye customer with a single node implementation and I would like a dashboard that helps me to…
Read MoreMeeting the highest security standards is an absolute priority in NetEye. For this reason, in the continuous process of improving security in NetEye 4, we brought an important architectural improvement in the Log Manager module in the NetEye 4.17 release. The new architecture takes the name of Real Time Log Signing and its main focus…
Read MoreIn my previous post I showed you how to make your own alerts on NetEye SIEM by using the Elastic Watcher and Alerts and Actions features. But if we work in production environments, what we really need is an alert that can go directly to NetEye’s Monitoring Overview. How can we manage SIEM alerts and…
Read MoreThe main goal of a monitoring system like NetEye is to alert and notify you when something noteworthy happens in your environment. All the logs coming in to NetEye SIEM can be analyzed, and could raise one or more alerts in the Elastic Stack, such as detection, machine learning anomalies, etc. How can you make…
Read More