Rumble v1.11

After eleven releases and eleven months since our 1.0 launch we are happy to announce that v1.11 is live! The release adds Projects; temporary organizations that make it easy to manage one-off scans and professional services with Rumble. Also introduced in v1.11 is the ability to explore historical data, a new addon for Splunk Cloud, bulk asset changes via CSV import, over 10,000 new SNMP fingerprints, and much more!

Read on for the full list of changes since v1.10.

Projects for Short-Term Efforts

Rumble is licensed by Live Assets, but this isn’t a fit for all use cases, and we have been exploring alternatives. After extensive conversations with our users, we landed on Projects. Projects are temporary organizations that become read-only after 30 days and automatically expire after 90 days. If you want run one-off scans, explore different discovery options, or provide professional services to other organizations, Projects can help. Projects are available in all paid tiers and can be promoted to full organizations any time prior to the 90-day expiration. Project asset limits are equivalent to your license tier times five. If you are subscribed to the 1,000 live asset tier, Rumble supports 1,000 live assets across all permanent organizations and now 5,000 additional assets across all temporary projects.

Screenshot of New Project action Screenshot of New Project options

Projects for Historical Data

If you want to see what a network looked like in the far past, or just last week, Rumble offers the tools for this, but loading historical scan data into new sites and organizations was clunky at best, and not the least bit intuitive. Starting with version v1.11, historical scans can be loaded into temporary projects via the Load action in the task details page for a given scan. Multiple scans (or imports) can be loaded into projects this way, allowing you to explore the data in a separate environment. We plan to explore other options for tracking and displaying asset history, but wanted to provide something easy and full-featured today. Historical data loaded into projects support all of the normal features, including per-user access control, remote APIs, inventory search, and reporting.

Screenshot of Historical Task Load

Rumble Addon for Splunk Cloud

Rumble has a shiny new Addon for Splunk 8 and Splunk Cloud! The latest addon supports syncing assets into Splunk, with multiple inputs supported, global API key management, and optional search filters for each input. Want to track only new assets as one input? Sure thing! How about just assets with SMB protocol 1 enabled? It handles that too! Splunk Cloud users can request this addon and schedule the installation through the Splunk Cloud support portal.

Screenshot of Rumble Splunk Addon

Easy Annotation with CSV Imports

Excel is often regarded as the “Second Best Tool for Anything” and this applies equally well to asset inventory. Rumble has supported CSV export from day one and is slowly adding support for CSV import as well. Rumble v1.11 can now import its own CSV export and will update matching assets with any changes to the comments or tags fields. Other fields, like OS and Hardware can be set as well, but may be overridden by the next scan.

Screenshot of Excel with Asset Data

Over 10,000 New SNMP Fingerprints

There are hundreds of ways to fingerprint a device on the network, but none so ubiquitous as the SNMP Object ID. Rumble v1.11 rolls up over 10,000 new SNMP ObjectID fingerprints across dozens of MIBs into the biggest fingerprint database of its kind. These new fingerprints work in conjunction with existing coverage, with normalized vendor and device types, and provide even more precise device fingerprinting of SNMP-enabled equipment. Building this database required hand-editing and normalizing over 60,000 individual records, with extensive back-testing against public datasets, but the results are worth it.

Screenshot of SNMP Fingerprint Data

Web Screenshot Improvements

Two major improvements to web screenshots were added in this release. First, non-standard Chrome installation paths on Windows are now automatically detected. Second, Rumble now takes multiple screenshots of each service, with various timing options, picking the highest quality image from the result set automatically. This process substantially reduces the number of screenshots that return a blank page or simply time out.

Screenshot of APC Network Card

Scan Data Compression

All Rumble scan data uploaded to and downloaded from the platform is now compressed with Gzip by default. This substantially decreases the size of scan data and helps with bandwidth-constrained environments. The Import action now supports compressed and uncompressed files while all task data downloads only return compressed data going forward. The command-line Rumble Scanner now compresses the scan.rumble file by default.

Screenshot of CLI Scanner Output

Release Notes

The complete release notes for v1.11.0 can be found in our documentation

If you haven’t had a chance to try Rumble before, or would like to play with the new features, sign up for a free trial and let us know what you think!

Similar Content

Overview Rumble 1.10 is live with continuous scanning, user interface updates, an event log, updates to the scan engine, additional fingerprints, and a new way to keep recurring scans in sync with their sites! Continuous Scanning All paid plans now support a new Continuous scanning option. This will run scans back-to-back, pausing only to apply agent updates. For folks who want to keep a close eye on their networks, continuous scans bring you fresher data, faster.
Overview Rumble 1.9.0 is out with major updates to the scan engine, reports, fingerprinting, user interface, documentation, and much more! Scan Engine Folks who scan external assets using their hostnames will now see asset correlation occur using the DNS name itself. For environments where IP addresses are constantly changing (load balancers, CDNs, etc) this leads to less churn and a more accurate inventory. The Rumble Agent and Rumble Scanner now detect and automatically filter out invalid services caused by intercepting middle devices such as Fortigate firewalls and Cisco ASAs.
Overview The 1.8.0 release of Rumble Network Discovery adds Registered Subnets to Sites, increases fingerprint coverage across databases, MAC addresses, and web applications, adds support for FreeBSD, OpenBSD, NetBSD, and DragonFly BSD, and expands support for additional Linux architectures. Tagging has been updated across the platform and numerous small bugs have been fixed. Registered Subnets Sites now allow subnets to be registered with optional tags and descriptions. These subnets work in conjunction with the normal Scope and can be used to apply tags to any assets within the defined networks.