Rumble 1.7.0: Reporting, Fingerprints, and More!
Overview
Version 1.7.0 of Rumble Network Discovery is live with big updates to reporting. The Analysis Reports
introduced in version 1.6.2 are now joined by a new Subnet Grid Report
, linked off the main Subnets Report
under the Explore
menu.
The Query Library
has been updated with small tweaks and new built-in query for finding expired TLS certificates, supported by improvements to the scan engine. The Rumble backend has been upgraded to support our larger customers as well as all of our new Starter Edition users.
The command-line Rumble Scanner now generates its own Network Bridges
and Switch Topology
reports outside of the cloud platform. For folks who want to build their own fingerprints, the command-line scanner now supports custom Recog fingerprint stores using the --fingerprints
argument and easy debugging by setting the --fingerprints-debug
boolean flag.
Subnet Grid Report
Rumble can now provide a birds-eye view of the network through the Subnet Grid Report
. The backstory on this visualization needs its own blog post, but the short version is that treating the IP address space as a grid and applying color maps based on attributes can identify interesting network properties. The Subnet Grid Report
can be found linked with a icon off of the main Subnets Report. The example below is the type
color map of a public IPv4 network.
The Rumble Scanner
The command-line Rumble Scanner now generates the Network Bridges
and Switch Topology
reports. These reports can help you understand the layer 2 topology and layer 3 segmentation of a network without having to upload the scans into the cloud platform.
These report can also be generated using previous scan data. The --import
option can be used multiple times to merge many raw scan files into a combined report.
$ rumble-scanner -o rumble-1.7.0 --import previous-scan/scan.rumble.gz
$ start rumble-1.7.0\bridges.html
More Enhancements
Alert Rules can now be limited to a specific site or all sites, depending on your preference.
Recurring scans now show the day of the week abbreviation in the user interface.
The Rumble Agent and Rumble Scanner now use version 0.9991 of npcap
.
Dashboard statistics now only account for Live Assets
.
The service timestamp fields ts
, tls.notAfterTS
, and tls.notBeforeTS
can now be queried using
time-based query operators.
Release Notes
The complete release notes for v1.7.0 can be found in our documentation at the links below.
If you haven’t had a chance to try Rumble before, or would like to play with the new features, sign up for a free trial and let us know what you think!
Similar Content
May 10, 2022
Rumble 2.13: Sync assets & software from SentinelOne, track more cloud resources, view cross-organization inventory, and schedule automated reports
What’s new with Rumble 2.13? Sync asset and software inventory from SentinelOne Explore software identified through Rumble scans Track more cloud resources from AWS, Azure, and GCP Work with your asset inventory across organizations Schedule and email the …
Read MoreApril 5, 2022
Rumble 2.12: Generate organization reports, create scan templates, synchronize GCP, and invite external users
What’s new with Rumble 2.12? Generate Organization Overview Report for stakeholders Create scan templates to simplify scan management Synchronize your GCP virtual machines to Rumble Invite external Rumble users to your account Fingerprints and protocol updates User …
Read MoreMarch 8, 2022
Rumble 2.11: Identify outliers, trace network paths, and streamline SSO user provisioning
What’s new with Rumble 2.11? Identify outliers to find misconfigurations, missing patches, and rogue devices Trace potential network paths to verify network segmentation Streamline SSO user provisioning Cloud connectors available in Rumble Professional Identify …
Read More