Rumble 1.11: Taking Discovery to 11
After eleven releases and eleven months since our 1.0 launch we are happy to announce that v1.11 is live! The release adds Projects; temporary organizations that make it easy to manage one-off scans and professional services with Rumble. Also introduced in v1.11 is the ability to explore historical data, a new addon for Splunk Cloud, bulk asset changes via CSV import, over 10,000 new SNMP fingerprints, and much more!
Read on for the full list of changes since v1.10.
Rumble is licensed by Live Assets, but this isn’t a fit for all use cases, and we have been exploring alternatives. After extensive conversations with our users, we landed on Projects. Projects are temporary organizations that become read-only after 30 days and automatically expire after 90 days. If you want run one-off scans, explore different discovery options, or provide professional services to other organizations, Projects can help. Projects are available in all paid tiers and can be promoted to full organizations any time prior to the 90-day expiration. Project asset limits are equivalent to your license tier times five. If you are subscribed to the 1,000 live asset tier, Rumble supports 1,000 live assets across all permanent organizations and now 5,000 additional assets across all temporary projects.
If you want to see what a network looked like in the far past, or just last week, Rumble offers the tools for this, but loading historical scan data into new sites and organizations was clunky at best, and not the least bit intuitive. Starting with version v1.11, historical scans can be loaded into temporary projects via the Load action in the task details page for a given scan. Multiple scans (or imports) can be loaded into projects this way, allowing you to explore the data in a separate environment. We plan to explore other options for tracking and displaying asset history, but wanted to provide something easy and full-featured today. Historical data loaded into projects support all of the normal features, including per-user access control, remote APIs, inventory search, and reporting.
Rumble has a shiny new Addon for Splunk 8 and Splunk Cloud! The latest addon supports syncing assets into Splunk, with multiple inputs supported, global API key management, and optional search filters for each input. Want to track only new assets as one input? Sure thing! How about just assets with SMB protocol 1 enabled? It handles that too! Splunk Cloud users can request this addon and schedule the installation through the Splunk Cloud support portal.
Excel is often regarded as the “Second Best Tool for Anything” and this applies equally well to asset inventory. Rumble has supported CSV export from day one and is slowly adding support for CSV import as well. Rumble v1.11 can now import its own CSV export and will update matching assets with any changes to the comments or tags fields. Other fields, like OS and Hardware can be set as well, but may be overridden by the next scan.
There are hundreds of ways to fingerprint a device on the network, but none so ubiquitous as the SNMP Object ID. Rumble v1.11 rolls up over 10,000 new SNMP ObjectID fingerprints across dozens of MIBs into the biggest fingerprint database of its kind. These new fingerprints work in conjunction with existing coverage, with normalized vendor and device types, and provide even more precise device fingerprinting of SNMP-enabled equipment. Building this database required hand-editing and normalizing over 60,000 individual records, with extensive back-testing against public datasets, but the results are worth it.
Two major improvements to web screenshots were added in this release. First, non-standard Chrome installation paths on Windows are now automatically detected. Second, Rumble now takes multiple screenshots of each service, with various timing options, picking the highest quality image from the result set automatically. This process substantially reduces the number of screenshots that return a blank page or simply time out.
All Rumble scan data uploaded to and downloaded from the platform is now compressed with Gzip by default. This substantially decreases the size of scan data and helps with bandwidth-constrained environments. The Import action now supports compressed and uncompressed files while all task data downloads only return compressed data going forward. The command-line Rumble Scanner now compresses the
scan.rumble file by default.
The complete release notes for v1.11.0 can be found in our documentation
If you haven’t had a chance to try Rumble before, or would like to play with the new features, sign up for a free trial and let us know what you think!
November 2, 2021
Rumble 2.8: Synchronize your VMware inventory, import Censys scan data, and run RFC 1918 scans faster
What’s new with Rumble 2.8? Integration improvements Synchronize your VMware virtual machine inventory Import external scan data from Censys Scan, search, and self-hosted improvements Discover all RFC 1918 networks, faster Customize scan schedules with more options …Read More
October 5, 2021
Rumble 2.7: New dashboard, multi-subscription Azure, AWS ELBs, Splunk add-on improvements, and faster discovery for Rumble Professional
What’s new with Rumble 2.7? User experience improvements Get insights, trends, and visualizations from your dashboard Easily navigate configuration pages for scans, imports, connections, and more Know when your connector credentials are invalid Integration …Read More
September 8, 2021
Rumble 2.6: Integrate with Microsoft Azure Cloud, identify EOL assets, self-host in offline mode, and detect more protocols
What’s new with Rumble 2.6? Synchronize your Azure VM inventory with Rumble Identify assets running end-of-life OS versions Support for NFS, PPTP, and “r” services Updates to the CrowdStrike integration Install and update self-hosted Rumble in offline mode See new …Read More