Blog Entries

09. 09. 2024 Rocco Pezzani Log-SIEM, NetEye

Prevent Elasticsearch Crashes Using Disk Watermarks

Hi all, it’s been a while. I’m deeply sorry not to have sent out some blog posts lately, so now I’ll try to get back your trust by providing some useful information. Not only that, I’ll even go out of my comfort zone: instead of NetEye Core and monitoring strategies, I’ll talk about NetEye SIEM…

Read More
25. 03. 2024 Franco Federico APM, NetEye, Visual Synthetic Monitoring

Migration from Alyvix Server to Alyvix Service

Beginning with NetEye version 4.26, Alyvix has been fully integrated into NetEye. Currently Alyvix within NetEye is implemented as the neteye-alyvix module, and is part of our Application Performance Monitoring (APM) world. We have Elastic with all the functionality of traditional APM, and then for synthetic monitoring we have Alyvix. In the past few weeks…

Read More
21. 12. 2022 Damiano Chini Log Management, Log-SIEM, NetEye

How We Verify the Integrity of El Proxy Blockchains Altered by a Retention

El Proxy helps in compliance with GDPR regulations, which, besides the rest, imposes guarantees on the integrity of data and ensures that the data is kept for no longer than a predefined period of time. El Proxy ensures the integrity of the data by saving the data in El Proxy blockchains. The guarantee that data…

Read More
15. 12. 2022 Rocco Pezzani NetEye

Strategies for Secret Management

In my previous blog post, we had a long discussion about how Icinga 2 manages its configuration in a Distributed Monitoring environment and how this can lead to unwanted disclosure of sensitive data, be it Secrets or Personal Data. The post ended with a set of recommendations/best practices that can be summarized in the statement…

Read More
30. 09. 2022 Rocco Pezzani NetEye

Secret Management with NetEye Monitoring

Today I want to talk about a topic that, although it is (and always has to be) in the spotlight, is seeing its popularity skyrocket even more in recent months: how to handle Secrets and Personal Data with NetEye. And I’m not talking about the right way to use Director’s Data Fields, how to hide…

Read More
14. 03. 2022 Rocco Pezzani NetEye, Unified Monitoring

Hosts, Zones and Broken Icinga 2 Configurations

During my experience as a Würth Phoenix consultant, I’ve seen a pretty long list of broken Icinga 2 configurations. Several times, customers have begun a scheduled meeting with something like “Hey mister consultant, ever since the last deploy some objects have stopped being monitored, but I don’t see any errors!”. After some troubleshooting, everything always…

Read More
31. 12. 2021 Damiano Chini Development, NetEye

Tornado Monitoring and Statistics

When I’m running a service which processes a lot of data, sooner or later I start to wonder: what is the service doing? What data is it processing? This also applies to our event processor Tornado. For the Tornado Engine, the administrator may wonder for example how many events Tornado is receiving, how many actions…

Read More
20. 12. 2021 Rocco Pezzani NetEye, Unified Monitoring

Introducing NetEye Extension Packs

One of the strongest points of NetEye is the extremely high level of customization that you can reach. It allows any customer to set up their environment for an almost perfect fit to their own needs or desires. This is typically achieved with the work of our Consultant Team in understanding each customer’s needs, and…

Read More
06. 12. 2021 Rocco Pezzani ITOA, NetEye, Unified Monitoring

Metrics on NetEye Monitoring

(Or, Who’s Monitoring the Monitor?) Everyone uses a monitoring system to understand what’s going on in their own environment and how it performs, but what about the monitoring system itself? The monitoring system also has its own tasks to perform, and obviously its own needs. Therefore even NetEye itself, while performing its duties, can be…

Read More
19. 09. 2021 Rocco Pezzani ITOA, NetEye, Unified Monitoring

Understanding Instability in a Monitored Environment

Whenever a new monitoring project gets underway, a consultant discusses with the customer about almost any related topic: what needs to be monitored, how to monitor it, when to implement it, how to represent performance data, etc. Based on customer needs and desires, any sort of implementation strategy can be planned, but almost all of…

Read More
01. 07. 2021 Damiano Chini Log Management, Log-SIEM, NetEye

El Proxy – Error Handling

Beginning with NetEye 4.17, the NetEye Log Management module has been able to rely on the new Real Time Log Signing architecture, which aims to overcome some weaknesses in the previous Log Management implementation based on rsyslog. One of the core components of the new architecture is the new El Proxy daemon, whose tasks are…

Read More
01. 04. 2021 Giuseppe Di Garbo ITOA, NetEye

NetEye Home Dashboard

“A dashboard should tell a story or answer a question” “Dashboards should reduce cognitive load, not add to it“ Following the two best practices mentioned above I would like to consider the following use case: I am a NetEye customer with a single node implementation and I would like a dashboard that helps me to…

Read More
01. 04. 2021 Damiano Chini Development, Log Management, Log-SIEM, NetEye

Log Management – Real Time Log Signing

Meeting the highest security standards is an absolute priority in NetEye. For this reason, in the continuous process of improving security in NetEye 4, we brought an important architectural improvement in the Log Manager module in the NetEye 4.17 release. The new architecture takes the name of Real Time Log Signing and its main focus…

Read More
11. 01. 2021 Enrico Alberti Log-SIEM, NetEye

Alerting on NetEye SIEM: Tornado Webhooks and Smart Monitoring (part 2)

In my previous post I showed you how to make your own alerts on NetEye SIEM by using the Elastic Watcher and Alerts and Actions features. But if we work in production environments, what we really need is an alert that can go directly to NetEye’s Monitoring Overview. How can we manage SIEM alerts and…

Read More
11. 01. 2021 Enrico Alberti Log-SIEM, NetEye

Alerting on NetEye SIEM: Watcher & ‘Alerts and Actions’ (Part 1)

The main goal of a monitoring system like NetEye is to alert and notify you when something noteworthy happens in your environment. All the logs coming in to NetEye SIEM can be analyzed, and could raise one or more alerts in the Elastic Stack, such as detection, machine learning anomalies, etc. How can you make…

Read More

Archive