Archived Release Notes: Rumble Platform
Platform release notes
Starting with version 1.7.9 all release notes have been consolidated into one page.
- The pre-login style has been updated.
- The account registration flow has been updated to provide a smoother activation experience.
- Restricted user accounts may now be assigned roles within multiple organizations.
- Asset and Service attributes have been normalized. All keys are now camelCase and most service attributes are now prefixed by the protocol name.
- SMB v2 OS detection now applies more weight to Windows 10 versus Server 2019 in most situations.
- SMB v1 OS detection has been improved for non-Windows platforms.
- SSO now supports a default role of
No Access. Accounts created through the SSO login process with this default role must be manually promoted to a usable account role.
- Users now support a
No Accessrole for both
All Orgsand specific organizations.
- A bug preventing access to the per-account Demo Organization has been resolved. Agents and Scanner downloads for the Demo Organization have been explicitly disabled. Any agents with the Demo Organization will automatically uninstall.
- All Rumble Console confirmation dialogs now list the specific item they are confirming. This can prevent misclicks from removing the wrong item.
- A fingerprinting regression related to non-Windows machines running SMB services has been resolved. This would unintentionally classify some NAS devices as Microsoft Windows.
- ToneLoc export support in the
Subnet Grid Report.
- Cisco HSRP MAC addresses are now ignored for the purposes of asset correlation.
- Agent diagnostic information is now visible from the agent details page. This requires agent version 1.7.1 or later.
Subnet Grid Viewreport is now available (via the Subnet Report).
tls.notAfterTSservice fields can now be queried using time comparison operators.
- Scan schedules now show the day of the week for first, last, and next timestamps.
- A bug that obscured the validation error for invalid TCP ports has been resolved.
- Alert Rules can now be limited to specific Sites or All Sites.
- Dependency upgrade across the backend and frontend.
- A bug in the recurring scan limits of the Starter Edition has been resolved.
- A bug in the asset export that resulted in missing service details has been resolved.
- Rumble now supports a free tier via the Starter Edition.
- The dashboard now shows statistics for live assets only and not all assets.
- The license view now ignores demo organizations and sites in the statistics.
- The task view now represents scans pending processing more accurately.
- The Asset and Service exports now include the
service.vhostfields (if present) to make them more consistent with the Rumble Scanner
- The Analysis Reports section has been added, including the new
- The Query Library has been added, including a set of predefined common queries.
- Inventory search queries can now be saved to the
- Inventory search action buttons have been slimmed down.
- The Explore tab provides easy aceess the
- Accounts that have been temporarily locked due to failed logins may be manually unlocked by superusers from the Team page.
Data retention controls are now available on the Organization Settings page. These can be used to specify data retention periods and remove stale offline assets after a fixed period of time.
Inventory, Site, and Organization search now support exact matches with the
=prefix. An exact hostname match can be specified as
Inventory, Site, and Organization search now support matching empty fields using the
=prefix. An empty hostname match can be specified as
Inventory searches now support the
Inventory Asset and Service search now support the
Inventory Asset and Service search now support
%as a wildcard for address matching. The query
address:%.0.1will find all assets with an address ending in
A bug that prevented searches for less than one hostname has been fixed (
Active and Failed scan tasks now support the
Copyaction. Copied scans scheduled in the past will default to the current time to start.
Single Sign On users can now specify the default organization role of SSO-enrolled users.
Account lockouts are now enforced after 10 failed password-based login attempts.
- The Screenshot Inventory now sorts by address instead of port number by default.
- The Asset Inventory now allows attributes to be queried even if they conflict with a keyword by using the prefix
- The Service Inventory now allows attributes to be queried even if they conflict with a keyword by using the prefix
- Fingerprinting improvements for HTTP, X509, Telnet, SSH, FTP, and SIP.
- Scan tasks now have a configurable grace period. Setting this to zero or a negative value will result in the scheduling retrying indefinitely until an agent becomes available.
- Web services with multiple asset icons now show each icon correctly.
- A bug that prevented Sites from being imported has been resolved.
- A bug that prevented superusers from logging in directly when SSO was in required mode has been resolved.
- Asset icons are now lazy loaded as they scroll into the viewport.
- Asset icons URLs are now more cache friendly.
- Page meta tags have received small tweaks.
- This release includes major updates to the Rumble Agent and Rumble Scanner.
- The asset inventory now displays any HTTP and UPnP icons acquired during the scan.
- The asset inventory now displays an icon for assets with available screenshots.
- The inventory search no longer triggers an error on some grouped query corner cases.
- The inventory search now supports /32 masks for the
- The inventory search now treats the
typekeyword as an exact match.
- The inventory search now supports filtering based on service counts.
- The inventory search now supports filtering based on the RTT and TTL fields.
- The inventory search for services now supports filtering based on port ranges.
- The asset detail page now describes upstream and downstream layer 2 links.
- The asset detail page now lists all acquired icons in the top summary.
- The asset detail page now has a Scan action available from the menu.
- The new scan page now supports applying a list of tags to all identified assets.
- The new scan page agent selection now defaults to the first site-specific agent.
- The tasks page now allows recurring scans to be paused an unpaused.
- The console now always shows the live agent count on the navigation menu.
- The console now applies styling to the print view.
- Hostnames consisting of leading digits are now ignored when correlating assets.
- A bug that resulted in the wrong timezone being used after SSO login has been resolved.
- Scans triggered via API now default to the site scope if no targets were specified.
- Scans triggered via API can now specify a list of tags to apply to all identified assets.
- Import tasks with the wrong data supplied format are rejected before task creation.
- Completed tasks are now always shown in the order they finished (versus were created).
- A Cisco IOS fallback fingerprint was leading to false positives and has been disabled.
- The License page now lists invoices and allows payment methods to be updated.
- The SMB Server GUID attribute is now used to correlate results to assets.
- The SNMP sysName and sysObjectID attributes are now used to unmatch assets that have changed IPs or were mistakenly matched through another attribute (shared bogus MAC addresses or similar).
- A bug that could treat active agents as offline has been resolved.
- Windows agents are now limited to a single concurrent scan to avoid resource contention issues.
- Changes in source TTLs on external segments no longer disqualify an asset match during correlation.
- Cosmetic updates to email templates and task displays.
- Version 1.4.0 is a rollup of post-1.3.0 point release work.
- Scans now support specifying the SNMP v3 Context for devices that require this (CatOS).
- Scans now support the “Fast” option for the ARP probe, which is on by default in AWS VPC environments.
- Agents now support concurrent scans, with the limit configurable per-agent.
- Asset correlation avoids accidentally grouping when a forged MAC address is present in routed protocol responses (NetBIOS, SNMP, etc).
- Change reports now ignore differences in reverse DNS, hostnames, domain names, and the top-level service count.
- Recurring, scheduled, and queued tasks without an available agent will mark the task as failed after 4 hours. Recurring tasks will attempt to run scans normally during the next scheduled period.
- Scanner binaries for OEM customers now behave according to the license agreement.
- Long task names are now truncated automatically in the task list.
- The failed tasks tab now shows a longer history by default.
- Search queries can now use parenthesis to group terms, for example:
os:linux AND (port:22 OR port:80) AND NOT port:3306.
- The Export API now supports an asset sync backend with support for checkpointing based on created_at or updated_at fields.
- Version 1.3.0 is a rollup of post-1.2.0 point release work.
- The Organization API is now available.
- The Teams view is now split between members (access to all organizations) and restricted users (access to single organizations).
- Team member invitations now have a Reply-To header set to the inviting user.
- Team member invitations can now specify custom subject lines and messages.
- Active tasks are now always sorted by their start time, not their last update time.
- Tasks now always show the created by field (for tasks created or updated after v1.2.2).
- The search warnings field is now cleared after each new query.
- The search timestamp fields now default to less-than (<) if no operator is specified.
- The Active Tasks tab now offers a
Clear Queuebutton to remove all queued tasks.
- Sites and Organizations can now be sorted and searched.
- The Beta discount is officially retired.
- End of year discount is valid through 2019
- Support for BACnet is now available in new scans.
- Leading and trailing spaces in Site and Organization names are now removed.
- Many new fingerprints were added for HTTP and SIP endpoints. These may trigger asset change notifications due to improved device and service recognition.
- Network scans of segments where a device responds to all ARP requests with the same MAC address will now be handled appropriately.
- The SIP protocol is now reported properly on UDP SIP responses.
- Tasks now track which user created or last updated them.
- SSO configurations with multiple IdP x509 certificates will now validate against any certificate in the list, not just the first one.
- Version 1.2.0 is a rollup of post-1.1.0 point release work.
- Initial support for the Wireless Inventory using the new wlan-list probe.
- An encoding issue in the Inventory display of certain columns has been resolved.
- The Scan Max Group Size is now set to a reasonable default when older scans are copied.
- The Copy action will no longer create names with more than one “Copy of” prefix by default.
- SNMP v3 credentials may now be specified in the scan configuration.
- The Switch Topology report is now available from the Inventory reports menu.
- Assets that respond to SNMP enumeration of the CAM/MAC table are now automatically classified as switches.
- A bug in the email notifier has been resolved that prevented delivery in rare circumstances.
- The Network Bridges report has been optimized for improved readability.
agentinventory search term has been added. This accepts a UUID as well as the agent name.
- Email notifications for expiring, deactivating, and unused trial accounts.
- Version 1.1.0 is a rollup of post-1.0.0 point release work.
- OS detection now prefers the most granular fingerprint in the case of multiple matches.
- Stopped tasks now show in the Failed list and not the Completed list.
- Scans now support the
Max Group Sizeoption to limit the number of concurrent scan targets.
siteinventory search term now accepts a UUID as well as the site name.
taskinventory search term now shows all assets that were last updated by a given task ID.
lowest_ttlfield is no longer considered as a significant change in asset change notifications.
- A bug that led to some assets being stored with only IPv6 link-local addresses has been resolved.
- A bug that prevented OS version numbers from being tracked properly has been resolved.
- A bug that allowed hostname-based OS matching to override more reliable fingerprints has been resolved.
- Trial accounts and associated data are now automatically removed two weeks after the license period expires.
- The Network Bridges report now supports filtering using the same syntax as the Asset Inventory search.
- The Network Bridges report is now much faster, with the caveat that nodes are no longer draggable.
- The Network Bridges report now supports up to 1,000 multi-homed nodes at a time.
- The Completed Tasks view no longer shows tasks in a Cancelled or Error state (these are now listed under Failed Tasks).
- The Asset Inventory view now allows merging multiple assets into a single asset.
- Failed tasks can now be cleared via the
- The Export API now treats the Organization ID in the URL as optional.
- The Asset and Services inventory now support the
idsearch term to find assets by ID.
- The Export API now offers a list of sites in three formats (CSV, JSON, JSONL).
- The change summary titles in the task view now link to their respective sections in the body.
- A small number of typos and cosmetic improvements resolved with the web console.
- The SYN probe now retries twice if no RST is received. This improves reliability at the cost of a small increase in scan times. This can be changed by the
syn-max-retriesadvanced parameter for the SYN probe in the new scan configuration screen.
- Single Sign On support is now available for all users (SAML2). This is available the
SSO Settingsbutton on the My Team page.
- A handful of small cosmetic issues have been resolved in the web interface.
- The asset correlation algorithm now accepts looser matches for TCP/IP stack fingerprints when matching an asset by IP address. This reduces the chance of asset churn when one or more services change between scan runs.
- Scan tasks now have Name and Description fields. These can be set during task creation and updated in Recurring and Scheduled tasks. These fields are shown in the main task view right after the task type.
- Existing scan tasks can now be copied to a new scan configuration (
Copyaction in the task list). This simplifies the process of running a one-off scan from an existing recurring scan definition.
- Less common scan options have been moved to the Advanced Scan Options section, which is now visible by default in the scan configuration page.
- The Team
Managemenu now include an option to reset the security tokens of a team member (available to superusers only).
- The Sites listing now links the site name to the inventory search query. To edit the Site definition, use the
Update Siteaction from the
- A race condition was fixed that could lead to some scan tasks failing with the error
agent failed to queue task.
- Minor cosmetic improvements were applied to the console.
- A bug was fixed that caused some Scanner downloads to have a license expiration set in the past.
- The task scheduler is now more tolerant of temporary network errors when queueing scans.
- Rumble Network Discovery is out of Beta with version 1.0.0!