Rumble 1.6.2: Analysis Reports & The Query Library
Today’s update comes with two significant features:
Analysis Reports and the
This work brings practical analytic capabilities to the inventory data and makes it easier than ever to create and share custom queries with your team and the wider community.
Analysis Reports are now accessible via the
Explore link in the navigation menu. This section includes the three existing reports (Topology, Subnets, Bridges) and introduces two new ones.
Domain Membership report uses information gathered from the NTLMSSP responses of the SMB and RDP protocols to identify machines that are not joined to the primary domain. This report can quickly highlight unmanaged, misconfigured, and third-party systems.
Service Attribute report offers a combination of pre-built and configurable queries for unique service attributes. This report can highlight the most and least common values of a given attribute, using an optional attribute filter.
The pre-built service attribute queries cover two-dozen common and noteworthy service attributes.
This report provides one of the most interesting perspectives of a network. Looking at the top entries for a given attribute, as well as the long tail of unique entries, can highlight both the intended configuration and the exceptions in a way that is otherwise difficult to see.
This report can be run against any attribute from the
Analysis Reports page or via the Asset Detail page by clicking the icon next to an attribute name.
Keep in mind that these queries only cover Live Assets, are limited to 1,000 results, and can be a little slow depending on the number of assets involved.
The Inventory search provided by Rumble keeps getting better with each release, but can be tricky to get used to, and the right solution isn’t always obvious. To help folks become familiar with the query language and to make it easy to share useful queries, this release introduces the
Query Library. Accessible via the tab in the
Explore section, this library provides pre-built queries for common tasks and allows new saved queries to be created, imported, and exported.
Public & Private Network Connections query quickly finds any asset that might be bridging the internal network to the open internet.
If you come up with an awesome query and want to see it in the default library, please drop us a line and we can make that happen. We hope you find these updates useful and we would love your feedback.
If you haven’t had a chance to try Rumble before, or would like to play with the new features, sign up for a free trial and let us know what you think!
October 5, 2021
Rumble 2.7: New dashboard, multi-subscription Azure, AWS ELBs, Splunk add-on improvements, and faster discovery for Rumble Professional
What’s new with Rumble 2.7? User experience improvements Get insights, trends, and visualizations from your dashboard Easily navigate configuration pages for scans, imports, connections, and more Know when your connector credentials are invalid Integration …Read More
September 8, 2021
Rumble 2.6: Integrate with Microsoft Azure Cloud, identify EOL assets, self-host in offline mode, and detect more protocols
What’s new with Rumble 2.6? Synchronize your Azure VM inventory with Rumble Identify assets running end-of-life OS versions Support for NFS, PPTP, and “r” services Updates to the CrowdStrike integration Install and update self-hosted Rumble in offline mode See new …Read More
August 3, 2021
Rumble 2.5: Identify endpoint protection agents, detect wireless & mobile Internet, and scan all your EC2 accounts
What’s new with Rumble 2.5? Identify endpoint protection agents via integrations and unauthenticated scans Fingerprint wireless and mobile Internet on Windows without authentication Better fingerprinting for Windows 10 and 11, desktop/server, secondary IPs Discover …Read More