Blog Entries

15. 05. 2024 Marco Berlanda Bug Fixes, NetEye

Bug Fixes for NetEye 4.35

We fixed a few bugs in Tornado: Updated packages We updated the following packages:

Read More
14. 03. 2024 Attilio Broglio NetEye, Unified Monitoring

How to Control Remote Devices from NagVis Maps via Tornado

This article stems from a project on the remote control of devices using NagVis maps. The main purpose is to find an easy way to actuate a remote device through a click on an interface. To do this, we implemented a method that uses Nagvis’ context menu by adding links. Clicking on them sends a…

Read More
23. 02. 2024 Juergen Vigna Log-SIEM, NetEye, Unified Monitoring

Monitoring Logs in Elasticsearch: A Practical Example

Say you want to monitor logs coming into your Elasticsearch instance, and have it send data to your Monitoring Dashboard. I’ll show you how to do this with a practical example, in particular for an event coming from the Active Directory where a user is locked out, and the associated Domain Controller sends the event…

Read More
13. 02. 2024 Tobias Goller NetEye, Unified Monitoring

SNMP Trap Archiving in Elastic via Tornado

First of all, I’ll briefly explain what the “Tornado” in NetEye actually is. Tornado is a Complex Event Processor that receives reports of events from data sources such as monitoring, email, and SNMP Traps, matches them against rules you’ve configured, and executes the actions associated with those rules, which can include sending notifications, logging to…

Read More
22. 11. 2023 Attilio Broglio NetEye, Unified Monitoring

Improve Tornado Rules with a Mapping Modifier

Some years ago, one of my colleagues wrote an article about how to “Avoid Tornado Rules Repetition with a Map Post-modifier”. He presented an interesting and very useful way for creating Tornado rules without rewriting them. The core of his approach was based on the Mapping modifier, a functionality in the previous Tornado GUI that…

Read More
20. 12. 2022 Attilio Broglio NetEye

How to Parse HTML Email Messages with Tornado

Tornado is a CEP “Complex Event Processor” that receives reports of events from data sources such as monitoring and email, matches them against preconfigured rules, and executes the actions associated with those rules. Some vendors provide static notification systems that cannot be customized. For example, during one project we were faced with a tool that…

Read More
28. 10. 2022 Juergen Vigna Contribution, NetEye

Receiving and Handling Incoming SMS’s on NetEye in Tornado (Part 1/2)

Most physical NetEye servers have an SMS Gateway attached in order to send CRITICAL notifications via an SMS message, since this will work even when the main network is down. However, sometimes you just want to send messages to your NetEye server’s SMS Gateway in order to effect certain actions, for example just to check…

Read More
02. 10. 2022 Damiano Chini APM, Development, NetEye

Implementation of Distributed Tracing in Tornado with OpenTelemetry

In a previous post we showed how Distributed Tracing and Elastic APM can help Tornado administrators track down events from their generation on Tornado Collectors to the Actions they trigger in Tornado. This blog post will be more technical and will give you an insight on how we managed to implement Distributed Tracing in Tornado…

Read More
27. 04. 2022 Ajay Sharma Bug Fixes, NetEye

Bug Fixes for NetEye 4.22

We fixed a bug in Tornado which cause skipping of the default master tenant filter if no satellite is configured. For NetEye 4.22 we updated the following packages: tornado, tornado-autosetup, tornado-common, tornado-neteye-config, tornado-dto, tornado-rsyslog-collector to version 1.18.5-1

Read More
27. 04. 2022 Ajay Sharma Bug Fixes, NetEye

Bug Fixes for NetEye 4.23

We fixed a bug in Tornado which cause skipping of the default master tenant filter if no satellite is configured. For NetEye 4.23 we updated the following packages: tornado, tornado-autosetup, tornado-common, tornado-neteye-config, tornado-dto, tornado-rsyslog-collector to version 1.19.3-1

Read More
22. 03. 2022 Tobias Goller Icinga Web 2, Machine Learning, NetEye

Performance Metrics Collection from NetEye to Elastic

Today my objective is to collect the performance metrics from various NetEye Icinga checks and write them out to Elasticsearch so I can apply Machine Learning (ML) algorithms to identify potential anomalies. This is a task that’s not possible with the open-source version of InfluxDB installed in NetEye. Moreover, this data in Elastic is used…

Read More
11. 03. 2022 Enrico Alberti Log-SIEM, NetEye

NetEye for Data Protection Officers

With NetEye 4.22 we released a feature awaited for years: the ability to reach the Elasticsearch API externally, thanks to our NGINX proxy under NetEye. This new feature brings with it a lot of use cases, but what was turning over and over in my head was the automatic process for verification of the blockchains…

Read More
02. 03. 2022 Damiano Chini APM, Log-SIEM, NetEye

Observing Events in Tornado with Elastic APM

Sometimes you’d just really like to have an overview of what happens to the Events that flow through Tornado. Where do they come from? Did they get stuck somewhere in the Collectors or in Tornado? Which Tornado Actions did they trigger? Gathering all this information from hundreds of log lines across different services (i.e., Tornado…

Read More
31. 12. 2021 Damiano Chini Development, NetEye

Tornado Monitoring and Statistics

When I’m running a service which processes a lot of data, sooner or later I start to wonder: what is the service doing? What data is it processing? This also applies to our event processor Tornado. For the Tornado Engine, the administrator may wonder for example how many events Tornado is receiving, how many actions…

Read More
29. 11. 2021 Attilio Broglio NetEye

Dynamically Manage Traps from a PowerMe UPS in NetEye’s Tornado

UPSs are critical devices that need particular attention when you’re monitoring them. Most of them are not very performant with respect to SMNP requests you send them. For this reason, passive monitoring via SNMP traps is the best solution. In this way, monitoring doesn’t burden the hardware with useless requests. In this session we’ll look…

Read More

Archive