Release Notes

Red Hat Insights 2020-10

Release Notes for Red Hat Insights

Red Hat Insights Documentation Team

Abstract

These release notes highlight the latest features and improvements implemented in the Red Hat Insights application and services.
Providing Feedback: If you have a suggestion to improve this documentation, or find an error, submit a Bugzilla report at http://bugzilla.redhat.com. Select the Cloud Software Services (cloud.redhat.com) product and use the Documentation component.

Chapter 1. Introduction to Red Hat Insights

Red Hat Insights is a Software-as-a-Service (SaaS) offering, included with your Red Hat Enterprise Linux (RHEL) subscription, that provides continuous, in-depth analysis of your RHEL infrastructure to proactively identify issues across multiple included services:

  • Advisor
  • Compliance
  • Vulnerability
  • Drift
  • Patch
  • Policies

Powered by predictive analytics, Red Hat Insights gets smarter with every additional piece of intelligence and data. It can automatically discover relevant insights, recommend tailored proactive next actions and even automate tasks. Using Red Hat Insights, customers can benefit from the experience and technical knowledge of Red Hat Certified Engineers, making it easier to identify, prioritize and resolve issues before business operations are affected.

As a SaaS offering, Red Hat Insights is regularly updated and expands its knowledge base in real-time to reflect new IT challenges that can impact the stability of mission-critical systems.

1.1. Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. We are beginning with these four terms: master, slave, blacklist, and whitelist. Because of the enormity of this endeavor, these changes will be implemented gradually over several upcoming releases. For more details, see our CTO Chris Wright’s message.

1.2. Required Entitlements

As of May 2019, Red Hat Insights is free, offered as part of the value of your Red Hat Enterprise Linux subscription. No additional entitlements are required to use Insights.

Chapter 2. October 2020

2.1. Red Hat Insights

This release includes the following enhancements:

SAP workload management: Red Hat Insights provides functionality and controls to assist in managing SAP workloads hosted on Red Hat Enterprise Linux. Red Hat Insights will automatically profile and identify registered hosts running SAP workloads and enable additional filtration capabilities within the Insights services around the SAP workload or SAP ID (SID). SAP-specific recommendations are available within Advisor, and additional SAP facts are available in the Drift service comparison and baseline functionalities, policy creation in the Policies service, and information available in Inventory.

Global filtration by tag, group, and workload: The results provided by Red Hat Insights services can now be filtered by workload (SAP is currently the only supported workload), Satellite host group, or custom tags created in the Insights client configuration file. The global Search tags filter is visible in the header of most pages in the Insights application UI. Once selected, filters persist across supported Insights services to provide a consistent experience and view of results. This feature is not yet enabled on all Insights services.

User access permissions: User access provides additional capabilities to support custom roles and permissions. Users with Organization Administrator (org admin) permissions can create custom roles to assign to users within their organizations. These roles are made up of one or more permissions across cloud.redhat.com and Red Hat Insights services to provide additional levels of granular control over who can do what and where.

Integrations: A new Integrations feature, located in the Insights account-level settings, enables users to configure Insights integration points such as webhooks. Users define and manage integrations that are shared on the account. Integrations are called by other services as configured in Notifications. Additional integration types will be available in the future.

Notifications: A new Notifications feature, located in the Insights account-level settings, enables users to configure notifications for all events sent from Insights services. An administrator defines and manages notifications for all users in the account. Advisor and Policies services are currently using this functionality. Other services and applications will follow.

2.2. Advisor

This release includes the following enhancements:

Enhanced systems view: The systems view is redesigned to provide additional details about the status of each host. A breakdown of recommendations by criticality, as well as robust filtration and sorting capabilities, provide an additional level of prioritization and customization. Your refined view can then be exported, in CSV, JSON, and PDF formats for sharing results with stakeholders.

Dashboard card redesign: The Advisor dashboard card is redesigned to provide clear calls to action for high-priority issues, such as critical recommendations or detected incidents. Additional statistics identify recommendations broken down by category (Availability, Stability, Performance, and Security).

2.3. Compliance

This release includes the following enhancements:

UI simplification: The Compliance UI is simplified, especially reporting.

REST API to assign systems to an existing policy: An API associates systems registered with Insights to an existing policy within the Compliance service.

Edit policy functionality: Edit policy details (business objective, compliance threshold, etc.) and assigned systems in existing Compliance service policies.

CIS policy support: Create CIS policies for Red Hat Enterprise Linux 7.9 and 8.3 systems within the Compliance service.

2.4. Vulnerability

This release includes the following enhancements:

Custom PDF reporting by CVE: The Vulnerability service enables users to create customized PDF reports. Unlike the Executive Report (also PDF), custom CVE reporting enables users to apply filters to their data set to show focused reporting based on the stakeholder audience.

Advisory information available: The Vulnerability service shows Red Hat Security Advisory (RHSA) information to enable customers to quickly determine which RHSA is relevant for a given CVE. This information links to the Insights Patch service to enable customers to better understand and remediate specific RHSAs, as needed. The ability to view advisory information in the Vulnerability service, and to remediate RHSAs in Patch, is permitted by org admins in User Access.

2.5. Drift

This release includes the following enhancements:

Tag filtering for system comparison selection: Systems can be selected for comparison using the Filter systems by tag functionality. With this capability, users can request comparison from groups of systems identified by tags (e.g. ownership, location, environment, etc).

Tags in comparisons, HSPs, and baselines: System tags are displayed when performing a comparison and can be compared between systems, baselines, and historical system profiles.

Using a historical system profile (HSP) to create baselines: Baselines can be created as a copy from a historical system profile (HSP) using the CRUD API and/or the UI. Previously, baseline creation allowed users to create from scratch, as a copy of an existing system, or as a copy of an existing baseline.

Additional system facts: For use in Drift and Policies services:

  • sap_system: indicates if SAP is installed on the system e.g. True
  • sap_sids: provides the SAP system ID (SID) e.g. A42
  • sap_instance_number: provides the SAP instance number e.g. 42
  • sap_version: provides the SAP version number e.g. 2.00.052.00.1599235305
  • tuned_profile: indicates the PCP profile currently active e.g. desktop
  • selinux_current_mode: indicates the current SELinux mode e.g. enforcing
  • selinux_config_file: indicates the SELinux mode set in the config file e.g. enforcing

UI enhancements:

  • Header and footer are now displayed on the historical system profile selector.
  • Reference is now always set as default when a baseline is added to a comparison.
  • Incomplete data are now highlighted when a reference is set on a comparison.

2.6. Policies

The Policies service includes the following enhancements:

Policies details and recent trigger history: Users can now see when policies were triggered and get a list of all systems matching the policy. Users can click on each policy link on the Policies list to access Policies Details and Recent Trigger History.

Link to policies details and trigger history added to notification email: Insights notification emails for Policies now contain a URL link to the Policy Details page that lists Recent Policy History. Users can click on the link in the email to navigate to this page. Previously users had to look up for policies manually to get their history.

Tags in Conditions for Policies: System tags are now supported in conditions for policies, in addition to system facts. System tags are added to conditions’ regular expressions using tags. <tag name> syntax (e.g. tags.owner = “Firstname Lastname”).

Policy assignment to specific system(s) using facts.fqdn: facts.fqdn is now resolving the system hostname as part of policy conditions. This means users can use this fact to ensure the policy applies to this system and/or a group of systems (e.g. ‘facts.fqdn = “<your hostname>” and <your condition>’ as a policy’s condition).

UI enhancements:

  • Fact name auto-completion is available for conditions when defining a policy.
  • Sample condition examples are now provided for conditions when defining a policy.

2.7. Patch

The Patch service includes the following enhancements:

System groups: Users can work with system groups when viewing Red Hat advisory applicability. Systems are identified by user-applied tags or identified workloads and can be grouped by one or more of those tags and workloads. For example, a user can see a list of Red Hat advisories that apply to systems running SAP workloads with a “europe-west” tag.

Package reporting: With system and applicability reporting down to the package level, users can gain greater insight into the content on their systems, identify any outliers, and have package-level remediation options. For example, a user can identify an out-of-date package and create a playbook to bring it up to the latest version without needing to find the advisory that delivered that update.

Chapter 3. More Information About Red Hat Insights

Learn more about Red Hat Insights from the following resources:

Revised on 2020-11-02 15:44:57 UTC

Legal Notice

Copyright © 2020 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.