Version 1.4.0 of Rumble Network Discovery is now available with a host of changes. This release rolls up our post-1.3.0 work, including major updates to the command-line Rumble Scanner and support for asset syncing in Splunk. The Rumble user interface and API endpoints now support grouped queries using parenthesis in search terms. Grouped queries allow for complex filtering logic and can helpful when searching for specific types of misconfigurations.

Data transparancy is one of the key drivers of Rumble development. We do our best to ensure that any data gathered, transmitted, or downloaded is easy to view, import, export, and reprocess. Data generated by the Rumble Agent can be downloaded and reprocessed by the Rumble Scanner. Raw data from the Rumble Scanner can be imported into the Rumble Console. This data is consistently formatted and almost always backwards compatible between versions.

We are excited to announce the availability of an official Splunk Addon for Rumble! This addon uses the new Asset Sync API included in version 1.3.1 of the platform and supports two modes of operation. The New Assets Only mode will only pull in assets that have not been seen before, or could not be uniquely identified after being rescanned. The All Updated Assets mode will pull all changed assets since the last poll.

Version 1.3.0 of Rumble Network Discovery is now live with a new Organization API, support for the BACnet protocol, tons of new fingerprints, and improvements across the Rumble Console user interface. If you haven’t had a chance to try Rumble before, or would like to play with the new features, sign up for a free trial and let us know what you think! Organization API Rumble now supports a REST API tied to Organization-specific API keys.

Earlier this week, Gerry Gosselin and Eric Rioux of VertitechIT were investigating a strange result in the Rumble asset inventory; After scanning an external subnet with Rumble, they noticed that the main internet router was responding to SNMP probes on its normal address and HSRP address. The router in question had a strong SNMP v2 community as well an IP ACL on the SNMP service. Rumble still reported the router vendor, manufacturing date, and MAC address via SNMP, all unauthenticated and from the internet.