Bug Fixes for NetEye 4.35
We fixed a few bugs in Tornado: Updated packages We updated the following packages:
Read More
Blog Entries
How to Control Remote Devices from NagVis Maps via Tornado
This article stems from a project on the remote control of devices using NagVis maps. The main purpose is to find an easy way to actuate a remote device through a click on an interface. To do this, we implemented a method that uses Nagvis’ context menu by adding links. Clicking on them sends a…
Read MoreMonitoring Logs in Elasticsearch: A Practical Example
Say you want to monitor logs coming into your Elasticsearch instance, and have it send data to your Monitoring Dashboard. I’ll show you how to do this with a practical example, in particular for an event coming from the Active Directory where a user is locked out, and the associated Domain Controller sends the event…
Read MoreSNMP Trap Archiving in Elastic via Tornado
First of all, I’ll briefly explain what the “Tornado” in NetEye actually is. Tornado is a Complex Event Processor that receives reports of events from data sources such as monitoring, email, and SNMP Traps, matches them against rules you’ve configured, and executes the actions associated with those rules, which can include sending notifications, logging to…
Read MoreImprove Tornado Rules with a Mapping Modifier
Some years ago, one of my colleagues wrote an article about how to “Avoid Tornado Rules Repetition with a Map Post-modifier”. He presented an interesting and very useful way for creating Tornado rules without rewriting them. The core of his approach was based on the Mapping modifier, a functionality in the previous Tornado GUI that…
Read MoreHow to Parse HTML Email Messages with Tornado
Tornado is a CEP “Complex Event Processor” that receives reports of events from data sources such as monitoring and email, matches them against preconfigured rules, and executes the actions associated with those rules. Some vendors provide static notification systems that cannot be customized. For example, during one project we were faced with a tool that…
Read MoreReceiving and Handling Incoming SMS’s on NetEye in Tornado (Part 1/2)
Most physical NetEye servers have an SMS Gateway attached in order to send CRITICAL notifications via an SMS message, since this will work even when the main network is down. However, sometimes you just want to send messages to your NetEye server’s SMS Gateway in order to effect certain actions, for example just to check…
Read MoreImplementation of Distributed Tracing in Tornado with OpenTelemetry
In a previous post we showed how Distributed Tracing and Elastic APM can help Tornado administrators track down events from their generation on Tornado Collectors to the Actions they trigger in Tornado. This blog post will be more technical and will give you an insight on how we managed to implement Distributed Tracing in Tornado…
Read MoreBug Fixes for NetEye 4.22
We fixed a bug in Tornado which cause skipping of the default master tenant filter if no satellite is configured. For NetEye 4.22 we updated the following packages: tornado, tornado-autosetup, tornado-common, tornado-neteye-config, tornado-dto, tornado-rsyslog-collector to version 1.18.5-1
Read MoreBug Fixes for NetEye 4.23
We fixed a bug in Tornado which cause skipping of the default master tenant filter if no satellite is configured. For NetEye 4.23 we updated the following packages: tornado, tornado-autosetup, tornado-common, tornado-neteye-config, tornado-dto, tornado-rsyslog-collector to version 1.19.3-1
Read MorePerformance Metrics Collection from NetEye to Elastic
Today my objective is to collect the performance metrics from various NetEye Icinga checks and write them out to Elasticsearch so I can apply Machine Learning (ML) algorithms to identify potential anomalies. This is a task that’s not possible with the open-source version of InfluxDB installed in NetEye. Moreover, this data in Elastic is used…
Read MoreNetEye for Data Protection Officers
With NetEye 4.22 we released a feature awaited for years: the ability to reach the Elasticsearch API externally, thanks to our NGINX proxy under NetEye. This new feature brings with it a lot of use cases, but what was turning over and over in my head was the automatic process for verification of the blockchains…
Read MoreObserving Events in Tornado with Elastic APM
Sometimes you’d just really like to have an overview of what happens to the Events that flow through Tornado. Where do they come from? Did they get stuck somewhere in the Collectors or in Tornado? Which Tornado Actions did they trigger? Gathering all this information from hundreds of log lines across different services (i.e., Tornado…
Read MoreTornado Monitoring and Statistics
When I’m running a service which processes a lot of data, sooner or later I start to wonder: what is the service doing? What data is it processing? This also applies to our event processor Tornado. For the Tornado Engine, the administrator may wonder for example how many events Tornado is receiving, how many actions…
Read MoreDynamically Manage Traps from a PowerMe UPS in NetEye’s Tornado
UPSs are critical devices that need particular attention when you’re monitoring them. Most of them are not very performant with respect to SMNP requests you send them. For this reason, passive monitoring via SNMP traps is the best solution. In this way, monitoring doesn’t burden the hardware with useless requests. In this session we’ll look…
Read More