Release Notes
Release Notes for Red Hat Insights
Abstract
Chapter 1. About Red Hat Insights
Red Hat Insights is a Software-as-a-Service (SaaS) application included with almost every subscription to Red Hat Enterprise Linux, Red Hat OpenShift, and Red Hat Ansible Automation Platform.
Powered by predictive analytics, Red Hat Insights gets smarter with every additional piece of intelligence and data. It can automatically discover relevant insights, recommend tailored, proactive, next actions, and even automate tasks. Using Red Hat Insights, customers can benefit from the experience and technical knowledge of Red Hat Certified Engineers, making it easier to identify, prioritize and resolve issues before business operations are affected.
As a SaaS offering, located at Red Hat Hybrid Cloud Console, Red Hat Insights is regularly updated. Regular updates expand the Insights knowledge archive in real time to reflect new IT challenges that can impact the stability of mission-critical systems.
Chapter 2. February 2023
2.1. Product-wide updates
2.1.1. Published blogs and resources
- Blog post: Insights recommendations as Prometheus alerts by Tomas Remes and Tomas Dosek (February 9, 2023)
- Blog post: Using Red Hat Insights as a source of events for Event-Driven Ansible automation by Jerome Marc (February 22, 2023)
- External video: Red Hat Insights Security
- External video: Red Hat Insights Business
- External video: Red Hat Insights Operations
- External video: Red Hat Insights Openshift
2.2. Integrations and notifications
Supported government customer requirements
Email-only notifications are an option to assist you and your Information Technology team. These notifications simplify fetching user data for Notifications and removing system names from emails.
Improved user experience with email
The following actions are now available:
- Updating email templates for compliance with new User Experience Design guidelines
- Sorting recommendations based on total risk (critical to low)
- Filtering the recommendations to show only the most critical
Insights enables Event-Driven Ansible automation
2.3. Red Hat Insights for Red Hat Enterprise Linux
2.3.1. Advisor
New updates released:
2.3.2. Insights Tasks
Announcing Red Hat Insights Tasks with preupgrade analysis
You can perform simple analyses on your Insights connected hosts through Red Hat Hybrid Cloud Console. Use Insights Tasks to run a preupgrade analysis on your RHEL 7 or RHEL 8 hosts to identify and remediate known issues. Quickly assess your connected hosts and get clean reporting on next steps.
Additional Resources
Take the unknowns out of RHEL upgrades with Red Hat Insights
2.4. OpenShift Container Platform
2.4.1. Advisor
View Insights Recommendations as in-cluster alerts and in Cluster history
Advisor recommendations for OpenShift are now visible in multiple places. Reviewing these recommendations is a suggested first step when troubleshooting cluster issues. It is also wise to monitor them for potential issues. Here are several methods for monitoring:
- Use the existing monitoring stack
- Integrate Insights advisor alerts into your dashboards
- Use the cluster history tab
Risk of change
Advisor recommendations for OpenShift Container Platform now include the risk of change field. This provides you with information on the impact of changes included in particular recommendations, ranging from low (no impact to cluster and/or workload) to high (cluster outage required).
2.4.2. Cost Management
Oracle cloud infrastructure
Oracle Cloud has been added where accounts and services are aggregated. Distribution of OCI costs to OpenShift entities such as clusters, nodes and projects have not been completed. This feature is intended for Hybrid Committed Spend.
AWS customer filtered data
If you use Cost Management functionality and have a large number of systems, clusters, and third-party services this feature will be impactful for you. You can restrict how much data you share with Red Hat by filtering out specific systems, services, and other resources.
Upload existing data on operator installation
The Cost Management Metrics Operator (CMMO) gathers Prometheus metrics from the cluster and uploads them to Cost Management. Since Prometheus is configured by default to store two weeks of data, we have enhanced the operator so all data in Prometheus will be uploaded. This means if you install the CMMO on an existing cluster we will be able to provide cost information for two weeks from day 1.
This is useful for cases where you mistakenly stopped/uninstalled the Cost Management operator, or had a problem with the upgrade. This functionality eliminates all gaps.
Upgrade risk predictions
Upgrade Risk Prediction is a machine learning feature that estimates the failure rate of cluster upgrades. It also highlighs potential upgrade issues.
Chapter 3. January 2023
3.1. Product-wide updates
3.1.1. Published blogs and resources
- Blog - Red Hat Insights malware detection service is now generally available by Shane McDowell (January 10, 2023)
- Blog - New deep threat intelligence in Red Hat Insights: Helping to prioritize what matters the most with system vulnerabilities by Mohit Goyal (January 16, 2023)
- Blog - How to use Red Hat Insights malware detection service by Andre Rocha (January 23, 2023)
3.1.2. Integrations and notifications
Bug fixes and user interface enhancements
The following user interface features are now available in Notifications:
- Email templates are updated for consistency between services (on-going).
- View event log button is accessible from the Integrations landing page.
- The User Preferences page is improved and regroups instant/daily notifications and weekly report (currently available in Beta).
- Configure Integrations button is accessible on the Red Hat Insights landing page.
- Additional information about Splunk and Service Now integration is presented on the Integrations landing page.
- Deleting a behavior group now prompts a confirmation message.
- Behavior groups with long names now display correctly on the Notifications page.
3.2. Red Hat Insights for Red Hat Enterprise Linux
3.2.1. Advisor
New recommendations (not just) for Edge and containers
- Over the past two months, the team has released five rules in December and seven new rules in January, along with three edge- and container-specific recommendations under existing rules.
- Applicability of a rule candidate to an Edge host or a container is now part of the rule development process.
- We are now detecting end-of-life (EOL) products within running containers through the recommendation: Red Hat will discontinue technical support services and software maintenance services when a product running in a container reaches End-Of-Life (EOL)
3.2.2. Drift
Bug Fixes & UI Enhancements
A couple of minor bug fixes & enhancements are now available in Drift, including:
- Baselines sorting is now fixed after changing size per page
- Baseline delete fact/category modal text is updated
- The compare button on Historical System Profiles is now disabled if the list is empty
- Toast alert notifications are added when editing and exporting baselines
3.2.3. Malware detection
General Availability blog posted
We announced the general availability of the Malware Detection with a post to the Red Hat public blog: Red Hat Insights malware detection service is now generally available
3.2.4. Resource optimization
- Resource Optimization now supports RHEL 9 and the latest minor releases of RHEL 8.
Executive report v2. This new release of the resource optimization executive report is based on the past 45 days of data and includes the most-used instance types and the most-frequent suggestions based on the past 24 hours.
3.3. OpenShift
3.3.1. Advisor
Integration of Insights recommendations with cluster history
Service Log (shown under the Cluster history tab after clicking on a single cluster) is a main communication channel between Red Hat SRE and our managed-services customers.
Insights now integrates with it to raise awareness of actionable recommendations available for the cluster. Each recommendation has an event going directly to the cluster history tab and links to the advisor service for further details.
Insight Advisor recommendations as in-cluster alerts
With the release of OpenShift Container Platform 4.12, the advisor service exposes recommendations in the form of information alerts, leading users to steps required to remediate cluster problems.
This allows customers to see advisor recommendations within their monitoring stack, and the channels to monitor alerts that they have already configured for their cluster.
Health checks based on deployment validation operator and kube-linter project
A new type of recommendation has been introduced for customers of managed clusters. Cluster issues caused by improper configuration of workloads cause the majority of TOIL for the Red Hat SRE team.
The deployment validation operator utilizes StackRox opensource project kube-linter to check these configurations and report mistakes to the advisor service. Based on SRE experience, the advisor service will recommend fixes directly to customers of managed OpenShift.
This functionality is limited to managed clusters only and is brought to customers with great help from the SRE team. In the future, the functionality will be expanded to other types of customers.
3.3.2. Cost management
Bucketing “Platform costs” for OpenShift
OpenShift runs a number of kube-<something>
and openshift-<something>
projects as part of the control plane to run the cluster. This is a cost that someone, either IT or the end customers, has to pay for.
We are now providing a simplified way (a toggle button) to group all those costs together and filter them in/out. In the near future, we will allow users to include additional projects (e. g. monitoring, security, etc.) as part of the platform costs to be attributed to the workloads.
Cost of unallocated capacity
When running an OpenShift cluster, you need to be prepared for peaks, new workloads, etc, so you cannot run it at 100% of its capacity. This means the cluster will always have some unallocated capacity (typically, from 33% to 50% of the total capacity!), which has a cost that someone has to pay for.
In addition to the cost of the workload, the cost-management service now reports the cost of the unallocated capacity, so that users get a complete picture of the costs of running workloads in OpenShift and can charge that to their own customers.
Savings plan for OCP on AWS
AWS has three ways of reporting costs: blended, unblended, and amortized. In a nutshell: use amortized if you have savings plans; unblended otherwise. Blended is deprecated.
The cost-management service already supported these three modes in the AWS (per-cloud-service) view, and we have now enabled it in the OpenShift view so that project costs report the actuals when a customer is using savings plans.
This enhancement was the result of a user case.
Change distribution to resource usage for project
The cost-management service used to distribute costs in a slightly different manner depending on the grouping mode selected by the user. As a consequence, users saw one set of costs and total costs when grouping by project, and an entirely different set and total when they grouped by tag, even when that tag was in use by all of the projects of interest. While this made sense, it was confusing and hard to explain.
We have now switched to resource usage to allocate all costs, so you would see the same costs when grouping by tag or by the project.
Node and cluster costs are now also just the sum of project costs, and with the inclusion of the cost of the unallocated capacity (see above), we are now showing the same totals however the user wants to see costs.
This enhancement was the result of a user case.
Amortized monthly cost model costs
We used to show monthly costs as an upfront fee. When a cost model has a cost per cluster/node/PVC count, we used to calculate the count and attribute that cost to the first day of the month, causing a significant spike on that day.
We have now changed that to distribute those costs evenly throughout the month so that each day has an equal portion of the total cost for the month.
This enhancement was the result of a user case.
Cost Management Metrics Operator 1.2.0
This version adds the "node_role" metric to the reports, which was critical to a large defense-industry customer that uses the cost management service in disconnected mode.
The team did a fantastic job at implementing, testing, and releasing this within one month of the customer’s request.
This enhancement was requested by a user.
Chapter 4. December 2022
4.1. Product-wide updates
4.1.1. Published blogs and resources
- Blog post: Slack integration with Red Hat Insights by Jerome Marc (December 9, 2022)
- Blog post: Using system tags to enable extended security hardening recommendations by Jakub Svoboda (December 14, 2022)
- Blog post: Take the unknowns out of RHEL upgrades with Red Hat Insights Actions by Megan Meza (December 15, 2022)
- Press release: Red Hat Expands Visibility Across Hybrid Cloud Workflows with New Red Hat Insights Capabilities (December 15, 2022)
4.1.2. Integrations and notifications
Splunk certified application v0.17 is released
A new version of the Insights for Red Hat Enterprise Linux application for Splunk is now available on the Splunkbase marketplace. This version no longer requires navigating through the setup process when upgrading the application.
Bug fixes and user interface enhancements
The following user interface features are now available in Notifications:
- Endpoint URLs are inspected to reject internal IP addresses
- Slack integrations are removed from the backend when deleted
Additional Resources
- Integrations and Notifications firewall configuration: Firewall Configuration for accessing Red Hat Insights/Console.redhat Integrations and Notifications
- Splunkbase marketplace: Splunkbase marketplace
4.2. Red Hat Insights for Red Hat Enterprise Linux
4.2.1. Inventory
New filtering option for Remote Host Configuration (RHC)
A new filter enables you to list systems on console.rehat.com. This makes it easier to figure out which systems can be remediated using RHC.
4.2.2. RHC / Insights-Client
Improvements to the registration process
Adjustments were made to the registration and unregistration procedures. These changes will prevent duplicate hosts in your Insights Inventory. The specific functionality includes the following:
-
When using the
--unregister
parameter, Insights client will remove themachine-id
file. Thus, it is not possible to register the system with the same machine-id. -
The
--force-reregistration
parameter will be deprecated. To achieve the same goal (register Insights client with a new machine-id), you will need to run **Insights client--unregister
andinsights-client --register.
-
The
--register
parameter will fail if amachine-id
is present on the system and the Insights client is not registered. That should be a faulty state. To fix it you need to runinsights-client --unregister
andinsights-client --register.
-
With the
legacy_upload=True
in the client configuration file, the Insights client could be in a faulty state. When the system is not connected to RHSM and has been previously registered, it indicates that the system is registered but not confirmed by an Application Programming Interface (API). With the new change, when such a state is detected, the.registered
andmachine-id
files from the host will automatically be removed. You will need to runinsights-client --register
to be registered again. This will not affect you if you configured basic authentication.
4.2.3. Resource Optimization Service (ROS)
ROS in status.redhat.com
The availability of the resource optimization is now reported in status.redhat.com, under console.redhat.com.
4.2.4. Cost Management
New features were implemented so you can more easily understand cost metrics:
- Costs of unallocated capacity is represented (both workers and platform)
- Amazon Web Services (AWS) costs default to amortized when savings plans are involved
- Grouping by tag or project no longer causes costs to be displayed incorrectly
Chapter 5. November 2022
5.1. Product-wide updates
5.1.1. Published blogs and resources
- Blog: Sharing Red Hat Insights with your Technical Account Manager for better collaboration by Brian McCafferty (November 1, 2022)
- Blog: 5 ways Red Hat Insights can improve your sysadmin life by Joseph Tejal (November 2, 2022)
- Blog: Integrate Grafana and Red Hat Insights through APIs by Jerome Marc and Gianfranco Sigrisi (Novemberber 10, 2022)
- Blog: How we use Red Hat Insights to build better products by Radek Vokal and Tomas Dosek (Novemberber 18, 2022)
5.1.2. Integrations and notifications
Slack integration is now available in Service Preview
An integration between Red Hat Insights and Slack is now available as Service Preview. Every time Insights triggers an event, this feature forwards the event and its data to a Slack receiver and posts the message to the appropriate channel.
Splunk certified application v0.16 is released
A new version of the Red Hat Insights application for Splunk is now available on the Splunkbase marketplace. This v0.16 update includes:
- New charts in the dashboard
- New filter for organization Ids
- Bug for (null) account Ids have been fixed
- Updated Installation documentation
- Enabled Resource Optimization events
Additional Resources
- Integration configuration: Configuring notifications and intergrations on the Red Hat Hybrid Cloud Console
- Splunkbase marketplace: Splunkbase for Red Hat Insights
5.2. Red Hat Insights for Red Hat Enterprise Linux
5.2.1. Advisor
Introducing extended security hardening recommendations
Extended security hardening is a feature that allows you to designate certain systems as security-sensitive and receive additional security analysis and remediation content. Red Hat Insightsadvisor extended hardening recommendations include:
- Decreased security: Decreased security: SElinux in Permissive mode
- Decreased security: Decreased security: SELinux disabled
- Decreased security: Decreased security: kernel network settings
New recommendations for preventing kernel panics, memory leaks, and more
Insights advisor published eight new rules:
- The Berkeley Database is deprecated in Red Hat Enterprise Linux 9
- The CommVault ContinuousDataReplicator (CDR) prevents iptables NAT and other kernel modules from loading
- The iptables backend in firewalld has been deprecated in Red Hat Enterprise Linux 9
- Kernel memory leaks occur when handling Posix ACL on an EXT4 filesystem due to a kernel regression bug
- Kernel panic occurs due to race conditions on the transmit lock caused by a known bug in the bnxt_en driver on Red Hat Enterprise Linux 8
- Applications do not work normally when QProcess deadlock occurs on Red Hat Enterprise Linux 8.6
- The script hosted on /usr/libexec or any compiled executable script is prevented from running because of incompatibility between fapolicyd and falcon-sensor kernel modules
- A privileged container running on a different Red Hat Enterprise Linux version host is not compatible
5.2.2. Vulnerability
OpenSSL vulnerability addressed
Red Hat Product Security Intelligence identified CVE-2022-3602 and CVE-2022-3786, which are vulnerabilities in the OpenSSL cryptographic library. This resolution prevents a denial of service. A link to Insights Vulnerability appears on the top of the bulletin, RHSB-2022-004 for the OpenSSL vulnerability. Insights Vulnerability displays, detects and remediates CVE-2022-3602 and CVE-2022-3786 autonomously, without hand-written Insights rules or hand-written Ansible playbooks.
Additional resources
- OpenSSL vulnerability: OpenSSL vulnerability RHSB-2022-004
5.2.3. Compliance
Policy wizard improvements:
- Links have been added to simplify rule creation
- Reset to default link available
- View policy rules link will open a new browser window for optimal viewing
5.2.4. Malware
Red Hat Insights malware detection is now generally available
The Red Hat Insights for Red Hat Enterprise Linux malware-detection service is a monitoring and assessment tool that scans RHEL systems for the presence of malware. The malware-detection service incorporates YARA pattern-matching software and malware-detection signatures. Signatures are provided in partnership with the IBM X-Force threat intelligence team working closely with the Red Hat threat intelligence team.
Additional Resources
- Malware product documentation: Assessing and Reporting Malware Signatures on RHEL Systems with the Insights for RHEL Malware Service
Chapter 6. October 2022
6.1. Product-wide updates
6.1.1. Published blogs and resources
- Blog: Introducing Red Hat Insights integration with ServiceNow by Jerome Marc (October 12, 2022)
- Blog: Red Hat OpenShift security portfolio grows with new Red Hat Insights Vulnerability service by Mohit Goyal and John Spinks (October 19, 2022)
- Blog: Edge-compatible recommendations now available in Red Hat Insights Advisor by Stefan Bunciak and Jaylin Zhou (October 31, 2022)
6.1.2. Integrations and notifications
Service Preview of Flow Templates for the Red Hat Insights application is now available on ServiceNow Store
Flow Templates for Red Hat Insights, an application that facilitates ingestion and handling of Insights events, is now available in Service Preview. The certified application is available for download in the ServiceNow Store at Flow Templates for Red Hat Insights.
Flow templates for Red Hat Insights help you:
- Configure the forwarding of Insights events to ServiceNow in a quick and simple way
- Automate workflows and processes based on Red Hat Insights triggers
- Embed Red Hat Insights into existing corporate tooling, workflows and processes
- Reduce development costs by providing a library of reusable actions
- Correlate Insights findings and data from other sources in ServiceNow
Additional Resources
- Certified application: Flow Templates for Red Hat Insights in ServiceNow Store
- Red Hat Blog post: Introducing Red Hat Insights integration with ServiceNow
- Product Documentation: Installing and configuring Flow Templates for Red Hat Insights
- Red Hat Webinar (on-demand): Integrate system data and Insights knowledge into your existing tools and processes
New notification event from the inventory service
The inventory service is now triggering Insights events. When a data upload from a host is rejected, a Validation Error
Insights event is triggered with all relevant data, and handled according to the configured Behavior Group. This may be useful for further troubleshooting missing hosts from the Inventory.
6.2. Red Hat Insights for Red Hat Enterprise Linux
6.2.1. Advisor
Recommendations are now compatible with RHEL for Edge
All existing rules are fully compatible with RHEL for Edge, including tailored remediation steps. You can find more details in the blog post, Edge-compatible recommendations now available in Red Hat Insights Advisor
New recommendations released
-
The
abrtd
process causes a high CPU usage due to a known bug - Container is running from a RHEL image which is not supported on this RHEL version host
- NICs on Azure VMs encounter high network latency issue due to a known issue in the NETVSC driver
- The Hyper-V 2019 VMs network throughput performance is impacted if the large-receive-offload (LRO) feature is disabled on hv_netvsc interfaces
- Decreased performance occurs when Satellite is running with a large logs table in the foreman PostgreSQL database
- System performance loss occurs on a dynamic memory-enabled Hyper-V virtual machine when excessive log messages are produced by the Hyper-V memory ballooning module
- Unsupported vCPU and memory usage in Virtual Machine on Red Hat Enterprise Linux with KVM
-
The
sshd
service fails to start when the permissions of host key files are too open -
The
httpd
service will fail to start due to a missing mod_http2 dependency symbol provided by the httpd package
The First impacted column shows the date the rule started impacting a system
Until now the prominent date in the advisor service was the publish date. In response to user feedback indicating that the publish date is confusing, the advisor service UI contains a new column in the list of impacted systems to highlight the date when a rule started impacting a system. This adds value to your advisor service experience because it communicates the relationship to your environment and shows correlation with other events (for example, a noticeable performance drop).
6.2.2. Vulnerability
Security Rule for Retbleed added to Red Hat Insights Vulnerability
A new security rule brings advanced Retbleed vulnerability detection to Red Hat Insights Vulnerability (CVE-2022-29900/CVE-2022-23816, CVE-2022-29901, CVE-2022-23825). Although Retbleed was not a major Incident, it remains an extremely complex vulnerability that can, if left unresolved, result in information disclosure, similar to the Spectre v2 incident.
6.2.3. Compliance
Updating existing policies within Insights Compliance is now easier
Some enhancements have been made to the Insights compliance service to make the process of editing policies post-initial creation easier by delivering in-line editing capabilities.
6.2.4. Drift
Bug fixes and UI enhancements
A couple of small bug fixes and enhancements are now available in the drift service, including:
- Email notifications now have personalized greetings
- A Drift analysis administrator role is now included in the Default Admin Access group. Additional information about the role is available in a Knowledge Base article, Insights Drift — improvements to role-based access control.
6.3. OpenShift Container Platform
6.3.1. Cost Management
Currency support
Cost Management now handles accounts in all of the major currencies supported by hyperscalers.
When costs in different currencies are aggregated, values will be converted using XE.com for the instantaneous exchange rate and also correctly added up. You can also display costs in any of the supported currencies, no matter what the original currency is. Currency support is available everywhere: every page, every chart, and every report.
Marketplace services reported using name instead of hash
An enhancement now reports marketplace services by name, instead of the previous hash provided by hyperscalers that was difficult to understand.
This enhancement affects: Red Hat OpenShift Service on AWS (ROSA), Azure Red Hat OpenShift (ARO), OpenShift Data Foundation (ODF), Red Hat Enterprise Linux (RHEL) on Azure, and third-party marketplace services.
6.3.2. Red Hat Insights Vulnerability for OpenShift
Red Hat Insights Vulnerability for OpenShift is now Generally Available (GA)
New functionality is available to help you manage the security of your Red Hat OpenShift Container Platform infrastructure through using the new vulnerability service for Insights for OpenShift. The first iteration of the service provides you with a similar user experience as your Red Hat Insights for Red Hat Enterprise Linux vulnerability service experience. The blog article, Red Hat OpenShift security portfolio grows with new Red Hat Insights Vulnerability service provides additional context and use cases that are covered by the service and also describes how it compares and contrasts with Red Hat Advanced Cluster Security (ACS) for Kubernetes. You can access this new service at Red Hat Hybrid Cloud Console > OpenShift > Vulnerability > CVEs.
Chapter 7. September 2022
7.1. Product-wide updates
7.1.1. Published blogs and resources
- Blog - Red Hat Insights Advisor pathways will guide you towards a healthier hybrid cloud by Stefan Bunciak (September 16, 2022)
- On-Demand Webinar - Integrate system data and Insights knowledge into your existing tools and processes by Jerome Marc & John Spinks (September 14, 2022)
7.1.2. Integrations and notifications
New notification events from integrations and resource optimization
Integrations and Resource Optimization services are now triggering Insights events:
- One new event for Integrations: Integration disabled (see below)
- One new event for Resource Optimization: New suggestion
Integrations are now disabled after 10 consecutive failed attempts and/or one client error
Integrations failing for 10 consecutive attempts (5xx) and/or one client error (4xx) are now disabled, and a new Integrations disabled event is triggered from the Integrations service. In turn, this prompts a notification email to go out to the organization administrator of the account (default behavior group on integrations disabled event).
7.2. Red Hat Insights for Red Hat Enterprise Linux
7.2.1. Remote host configuration (RHC) and the Insights client
Un-registration improvement
When unregistering a client using the insights-client
command, the machine-id file is now removed to prevent duplication scenarios with VM cloning, etc. This was completed as of an RFE via BZ 1919570.
7.2.2. Advisor
New recommendations released
We added nine new rules, including a kernel panic hashtab rule that resulted in over 17,000 rule hits and an rsyslog “Max Open Files” rule that resulted in over 2,000 rule hits.
- The ipset and iptables-nft packages have been deprecated in Red Hat Enterprise Linux 9
- The digest produced by SHA-1 is not considered secure so the installation of RPM packages signed with SHA-1 is considered unsafe
- RHEL 9 hosts newly provisioned via Red Hat Satellite 6.11 always boot into emergency mode
- Kernel panic occurs when a file on a NFSv4 filesystem is opened by multiple processes concurrently due to a kernel bug
- System boot failure occurs when grubenv content is invalid
- The systemd automount shares hang on autofs4_expire_wait
- New ssh connection attempts get refused when the number of concurrent unauthenticated connections reaches the configured "MaxStartups" value
- Kernel panic occurs due to the hashtabs allocation failure caused by a known bug in the RHEL 8 kernel
- The rsyslog service fails to start when the number of journal files reaches the configured "MaxOpenFiles" value
7.2.3. Malware detection (beta)
Yara RPMs included in RHEL 8 and 9 beta appstream
The Yara RPMs are now available in the appstream repositories of both the RHEL 8.7 and RHEL 9.1 beta releases. On a RHEL 8.7 or 9.1 beta install, setting up Malware Detection is now as easy as running:
[root]# dnf install yara [root]$ insights-client --collector malware-detection
7.2.4. Subscription services
Support for Red Hat Satellite and Satellite Capsule Server
The Subscriptions service recently added support for Red Hat Satellite and Satellite Capsule Servers. You can now see the usage of these two products to aid you in understanding your deployments and assist in planning for any upgrades or architectural changes.
Support for the Developer Subscription for Teams is now available
The Subscriptions service has added support for Red Hat Developer Subscription for Teams. Users of this subscription will see an increase in their subscription capacity for Red Hat Enterprise Linux as of 27-Sep-2022. You can view your usage of this subscription type by filtering with the Usage > Development/Test option on the RHEL product page.
7.2.5. Resource optimization
New-suggestions notification
The Resource Optimization service can now generate daily notifications when new suggestions are available. When receiving notifications over e-mail, a link to view new suggestions in Insights is included.
7.3. OpenShift Container Platform
7.3.1. Cost Management
GCP enhancements
Optimizations went into the GCP backend, making it much faster and able to ingest more data.
7.3.2. Vulnerability for OpenShift (beta)
Vulnerability for OpenShift is in beta
The Insights Vulnerability for OpenShift service is in BETA. In the first iteration of this service, we have started laying down the foundation for enabling users to assess and prioritize vulnerability exposure of their OpenShift clusters at the infrastructure level. Over time we will be building out this service further to enhance the management and security of OpenShift infrastructure and are collaborating with the OpenShift teams to ensure a comprehensive user experience, including integration with Red Hat Advanced Cluster Security (ACS) for Kubernetes.
Chapter 8. August 2022
8.1. Product-wide updates
8.1.1. Published blogs and resources
- Blog - Red Hat Satellite: How to obtain Insights Advisor recommendations by Matthew Yee (August 8, 2022)
- Blog - Implementing security benchmarks with Red Hat Ansible Automation Platform by Ally Kouao (August 10, 2022)
- Blog - Streamlining IT security operations with Red Hat Insights and Red Hat Satellite by Ally Kouao (August 17, 2022)
- Blog - Getting started with Red Hat Insights malware detection by Shane McDowell (August 22, 2022)
- Blog - Turning interesting times into normalcy: The constant value of a Red Hat subscription by Gunnar Hellekson (August 23, 2022)
- On-demand Webinar - Integrate system data and Insights knowledge into your existing tools and processes by Jerome Marc & John Spinks (September 14, 2022 at 12pm EST)
8.1.2. Integrations and notifications
New notification events from Malware and Cost Management
Malware and Cost Management services are now triggering Insights events:
- One new event for Malware: Detected Malware
- Two new events for Cost Management: CM Operator Stale Data, and Missing OpenShift Cost Model
Bug fixes and UI enhancements
A few small bug fixes & enhancements are now available in Notifications, including:
- The list of Behavior Groups in the Settings > Notifications screen is now displayed horizontally rather than vertically to facilitate a better experience working with the growing list of notifications.
- A banner appears in the Integrations and Notifications screens to prompt you to switch to beta and benefit from the new Splunk integration (currently in Service Preview).
A new version (v0.15) of the Red Hat Insights application is now available on Splunkbase: additional events are handled in the Events table (Malware, Patch, and Vulnerability) and the dashboard now has a Security section.
8.2. Red Hat Insights for Red Hat Enterprise Linux
8.2.1. Remote host configuration (RHC) and the Insights client
RHC manager updated UI
The RHC Manager configuration UI introduces a new option that allows you to disable the management of configuration sent to the host. This allows you to benefit from the Insights remediation features via RHC, while having the possibility to manage your Insights configuration with your internal solution.
8.2.2. Advisor
Pathways (GA)
After several months of hard work by Advisor engineering, Insights front-end team, UXD team, CEE Insights rule development team, and many others, we’ve promoted pathways from beta to the Insights production environment for general availability. It’s a huge milestone and a great added value for large-scale customers looking to address as many of our recommendations as possible. The most impactful pathways are highlighted on the Advisor main page, along with the new pathways tab in the recommendations table.
Performance improvements for Satellite / Advisor integration
There is improved the performance of the integration between Satellite and Advisor, which improves the responsiveness when you view Advisor results in the Satellite interface.
Newly developed recommendations
Seven new rules were released in August. A key one to highlight is the Decreased security when "sudo" is not configured as per the best practice of SAP as a result of Red Hat Enterprise Linux Security Hardening Guide for SAP HANA 2.0 analysis along with the following additional recommendations released:
- Non-root partitions created on LVM would disappear in the cloned VM or restored snapshot on Nutanix AHV or Azure platforms
- The GFS2 journal log flushing causes applications to write to the filesystem with long pauses or stalls when dirty data is written back to the underlying disk on large memory systems
- SAN disks cannot be recognized correctly when the problematic package sg3_utils is installed
- The audit messages are lost during system booting because many rules are defined and the backlog limit is exceeded
- The rsyslog service consumes CPU extremely and fails to log messages when using remote TLS reception
8.2.3. Patch
Support for 3rd-party package updates
System package views now support the display of 3rd party package updates. Third-party packages are defined as any package from a repository that is not on the Red Hat CDN. This could include vendor repositories, custom rpm repositories, or locally-synced-and-renamed Red Hat repositories. To see these results, your host must be running RHEL 7, RHEL 8.6+ or RHEL 9, and it must maintain a fresh yum/dnf cache.
8.2.4. Malware detection (beta)
Malware-detection blog post
We published a blog post announcing the public beta of the Malware Detection service: https://www.redhat.com/en/blog/getting-started-red-hat-insights-malware-detection.
8.2.5. Resource optimization
Insights tour
Resource Optimization has been added to the Insights Product Tour:
8.3. OpenShift Container Platform
Conditional OpenShift updates
The feature, working based on Insights data, is now generally available as part of OCP 4.11. This feature provides more protection against upgrade failures caused by cluster conditions. More info is available on this blog.
Health checks
The fleet of health checks has grown again. It currently features 224 internal checks, 81 external ones, and 31 aimed at OpenShift Container storage.
8.3.1. Cost Management
Notifications
Cost Management added two notifications:
- Missing OpenShift Cost Model. This notification is triggered when there is an OpenShift Source with no assigned Cost Model, which means Cost Management has a way to distribute the cost.
- Cost Management Operator Stale Data. This notification is triggered when the Cost Management Metrics Operator has not sent data for more than seven days.
8.3.2. Vulnerability for OpenShift (beta)
Announcing beta availability
The Insights Vulnerability service for OpenShift service is now available in beta. In the first iteration of this service, we have started laying down the foundation for enabling users to assess and prioritize vulnerability exposure of their OpenShift clusters at the infrastructure level. Over time we will be building out this service further to enhance the management and security of OpenShift infrastructure and are collaborating with the OpenShift teams to ensure a comprehensive user experience, including integration with Red Hat Advanced Cluster Security (ACS) for Kubernetes.
Chapter 9. July 2022
9.1. Red Hat Insights for Red Hat Enterprise Linux
9.1.1. Advisor
Displaying Satellite-managed systems in Insights Advisor by default
You no longer have the ability to hide Satellite-managed systems in Advisor because all accounts were changed to show these systems in the Advisor application by default. This feature had previously resided under Settings - Applications - Advisor: Show Satellite-managed hosts. See the Displaying Satellite-managed systems in Insights Advisor by default - Red Hat Customer Portal knowledge article for additional information.
Disabled recommendation in response to the retbleed vulnerability
Product Security analysis showed that the new Retbleed vulnerability could be exploited on some systems when retpoline is enabled. In response, Red Hat Insights disabled an existing performance recommendation that encouraged using retpoline as mitigation for Spectre v2.
9.1.2. Compliance
RBAC update, new roles, etc.
The compliance service now supports granular permissions along with two canned roles that are provided: The Compliance Admin role and the Compliance read-only role. With the release of this feature, you can grant custom-level permissions per your organizational needs. See the Insights Compliance — improvements to role-based access control - Red Hat Customer Portal knowledge article and Insights Compliance - upcoming improvements to RBAC - Red Hat Customer Portal discussion for additional information.
Improvements to PDF reports
Significant updates were made to the PDF reports within the compliance service to handle large amounts of data. Because larger organizations are adopting the service, this is a necessary step that improves the overall experience.
9.1.3. Drift
Bug fixes and UI enhancements
A couple of small bug fixes and enhancements are now available in Drift, including:
- Global filtering is now set correctly in the system selection modal
- Sort on baseline facts is now available
- All tables now have sticky headers (headers are kept on the page when scrolling down)
9.1.4. Insights client and Remote Host Configuration (RHC)
RHC single-step registration
With the rhc client, you can now register systems to both Red Hat Subscription Management (RHSM) and Insights for Red Hat Enterprise Linux using the # rhc connect
command.
Additional steps might be required to configure the remediation functionality. See the Registering your host using RHC knowledge article for additional information.
9.1.5. Malware detection (public beta)
Red Hat Insights has published additional malware detection signatures, bringing the total number of signatures to 170. In addition to the additional signatures you can get additional context to help educate you about the potential impacts of matching those signatures. You can now see information about the type of malware the signature represents, and you can link to background discovery information and analysis reports provided by IBM X-Force.
9.1.6. Notifications and integrations
New wizard for creating and editing notifications behavior group(s)
Behavior group(s) creation and association of events now follow a step-by-step wizard. This provides additional functionality, such as associating multiple events to a behavior group at once (including selecting all events). This wizard is also used when editing an existing behavior group.
New notification events from vulnerability, patch, and compliance services
In addition to Advisor, Drift, and Policies, new events are now triggered from vulnerability, patch and compliance services. These events can be used for email and webhook notifications and with our Splunk integration, which was released last month. These new events are:
- 4 new events for Vulnerability: New vulnerability with CVSS >= 7.0, Any vulnerability with a known exploit, New vulnerability containing Security rule, and New vulnerability with Critical Severity
- 1 new event for Patch: New advisory
- 2 new events for Compliance: System is non-compliant to SCAP policy, and the Policy report failed to upload
9.2. Red Hat Insights for Red Hat Ansible Automation Platform
Impact of Ansible packaging changes on Insights
Ansible recently announced some changes to their packaging with Ansible Engine and Ansible Core. The details of these changes and how they impact RHEL and Insights can be found in the Updates to using Ansible in RHEL 8.6 and 9.0 blog post. The implications of this change required some updates to how Insights works with Ansible, specifically ensuring Red Hat’s continued support of those use cases that may use the modules that were removed from the Ansible core package. Insights now packages the modules that were removed from Ansible core, but using these modules now requires the use of Remote Host Configuration as documented in the Insights Remediation knowledge article.
Chapter 10. June 2022
10.1. Red Hat Insights for Red Hat Enterprise Linux
10.1.1. Blogs and resources
- Improved analysis of IBM Power environments with Red Hat Insights by Stefan Bunciak and Thorsteh Hesemeyer (June 1, 2022)
- Save time and money with Red Hat Insights Compliance reporting by Mohit Goyal and Marley Stipich (June 14, 2022)
- Red Hat Insights launches new recommendations to keep Application Streams running by Stefan Bunciak (June 21, 2022)
- Introducing Red Hat Insights integration with Splunk by Jerome Marc (June 23, 2022)
10.1.2. Compliance
Support for RHEL 9
With the release of RHEL 9, the compliance service has also added the ability to deploy OpenSCAP policies for RHEL 9 systems.
Alerts and Notifications
The compliance service now supports the ability for users to subscribe to various events that may require immediate attention. The ability of Insights to alert users when these conditions are triggered makes for efficient and effective processes. The details of how this feature works is described in detail in a new blog that was released: Save time and money with Red Hat Insights Compliance reporting by Mohit Goyal and Marley Stipich (June 14, 2022)
10.1.3. Notifications and integrations
Service preview of Red Hat Insights application for Splunk is now available on Splunkbase marketplace
Insights for Red Hat Enterprise Linux extends its ecosystem and integration capabilities by providing a bespoke Splunk application on the Splunkbase marketplace. This new feature facilitates ingestion and visualization of Insights events in Splunk and provides a quick, simple and secure path to drive Red Hat Insights adoption.
Red Hat Insights application for Splunk helps you:
- Quickly and simply configure the forwarding of Insights events to Splunk
- Visualize and explore Insights findings with a customizable dashboard and table
- Correlate Insights findings and data from other sources in Splunk
- Navigate back to Red Hat Insights from Splunk to get more details and remediations
- Embed Red Hat Insights into existing corporate tooling and processes
See the following additional resources for more information:
New alert for Update to RBAC default access group
default behavior group
A new Update to RBAC default access group
default behavior group is provided by default in each account, allowing Org. Admin users to receive updates on RBAC changes when a new role is added, removed, or updated. In order to receive those updates, each admin user needs to be subscribed to RBAC events in User Preferences.
Bug fixes and UI enhancements
A couple of small bug fixes and enhancements are now available in Notifications, including:
- Tables in Integrations and Event Log screens are now displaying relative time
- Event Log is now gated behind notifications:events:read permission
- A couple of UI issues are now fixed in the Splunk configuration wizard
10.1.4. Resource optimization
Executive report
The Executive Report provides executive decision makers with a summary of the status of their RHEL infrastructure, including system performance and the most common issues on non-optimized systems. It is available as a PDF. Because it targets users who may not be familiar with the exact terminology used by the resource optimization service, it includes a brief definition of those terms. This adds to the system list report and the historical data view previously introduced. These reports target our operations users. More enhancements to the executive report will be released soon.
UI enhancements
The Last Seen date in inventory has been replaced by Last Reported (last time Resource Optimization metrics from the client were received) in the system details page.
10.1.5. Vulnerability
Granular permissions support (RBAC)
The vulnerability service now supports granular permissions along with two canned roles that are provided: The Vulnerability administrator role and the Vulnerability viewer role. With the release of this feature, you can grant custom-level permissions per your organizational needs.
10.2. Red Hat Insights for Red Hat OpenShift
10.2.1. Advisor
Insights Operator conditional gathering - service for update of conditional gatherers
The developed service enables Insights Operator to be remotely updated with new conditional gatherers that will trigger additional data collection in case a condition triggers it. This enables new types of recommendations to be created while still limiting the collected data set to be as minimal as possible.
Analysis of Hypershift clusters
Hypershift architecture changes the behavior of the monitoring stack. As part of the feature, verification and adjustments to enable the architecture occurred so you can receive our recommendations.
10.2.2. Cost management
Default admin group
The "Cost Administrator" is now included as part of the Default admin group in User Access.
10.3. Other Red Hat Insights-related updates
10.3.1. Subscriptions
Subscription Inventory
The subscriptions service now provides an Subscription Inventory page (Beta) so that you can identify your purchased subscriptions.
Activation Keys
Activation keys (which are used to connect systems in lieu of username/password) are now available at console.redhat.com, and will include new features such as the ability to set System Purpose attributes. The activation key UI at RHSM is deprecated and will be removed in a future release.
Chapter 11. May 2022
11.1. Red Hat Insights for Red Hat Enterprise Linux
11.1.1. Advisor
Export of systems impacted by a recommendation
When viewing the details of an advisor recommendation, you can click the Export data icon to download a list of systems impacted by that recommendation. The list is available in CSV and JSON formats.
Ten new advisor recommendations
The advisor service released ten new recommendations. A few recommendations to note are:
- IBM Power system experiences low reliability and availability with unsupported RHEL release--detecting unsupported RHEL version on IBM Power system
- IBM Power systems experience low reliability and availability with a firmware which is End of Service Pack Support (EoSPS)--detecting unsupported firmware on IBM Power systems.
- The postgresql database performance decreases when the tuned best practices are not applied--to assist with applying tuned profile when running PostgreSQL DB.
- Systems will experience low reliability and availability with unmaintained or disabled hardware devices--to alert when using deprecated and/or unmaintained hardware.
11.1.2. Compliance
Alerts and Notifications
The compliance service now supports the ability to receive alerts and notifications, which are sent when certain conditions are met. This functionality includes the ability to be notified when systems fall below a specific compliance threshold or when they fail to report. This feature makes it easier for you to keep track of both your compliance status and program. Set these new alerts in the Red Hat Hybrid Cloud Console > Settings > Notifications > Red Hat Enterprise Linux menu.
11.1.3. Drift
Drift dashboard updates
- You no longer have the option to get 90 days of event history.
- The dashboard now contains an announcement message encouraging the setup of baselines notifications.
11.1.4. Inventory
Inventory filters and indicators for systems without the Insights-client installed
Filter your inventory to show systems with, or without, the Insights client installed. Systems without the Insights client installed display a visual indicator,
, making it easier to identify and install the Insights client on those systems.
Global filtering for Ansible Automation Platform and Microsoft SQL Server
Red Hat Insights now provides support for global filtering of two additional workloads: Ansible Automation Platform and Microsoft SQL Server. This support enhances the existing SAP workload capabilities released in 2021. You can access these workloads under the “Filter by Status” functionality located in the top bar.
11.1.5. Notifications and integrations
Set User Access groups as recipients of email notifications
You can now use custom User Access groups on your account as recipients for email notifications. In addition to the option of sending the notifications to just administrators, or to all members of the group, the recipient list for email notifications can include User Access groups and target a specific list of users, as defined in User Access for your account. Notifications administrators can now create and assign targeted Behavior Groups based on their User Access configuration.
Additional upgrades
- New events from the compliance service are now handled (see the Compliance section above)
- Filtering by Action Type and Action Status are now available in the event log.
- Filtering by Application in event log now allows you to collapse or expand the subcontents.
11.1.6. Patch
With the beta release of patch sets, you can show the patch status for your systems, up to the date that matches your organization’s patching policy. Patch sets do not affect yum/dnf operations on the system, but they allow you to refine your patch-status reporting in Red Hat Insights and can be used to create remediation playbooks for simple patch cycles.
You can access the beta release of patch sets at Red Hat Hybrid Cloud Console > Red Hat Enterprise Linux > Red Hat Insights > Patch > Patch Set.
11.1.7. Policies
Microsoft SQL Server (MSSQL) facts autocompletion in conditions builder
Microsoft SQL Server facts that are collected as part of a system profile are now shown in policies and can be used to create conditions and send notifications about MSSQL workloads.
11.1.8. Resource optimization
Access to the resource optimization service is now available on the Red Hat Insights dashboard
The resource optimization service is now available on the Insights overview dashboard. You can locate, access, and get started with the resource optimization service much easier.
RHEL version displayed in two new ways
The operating system (OS) version is now displayed in the system list and system details views, where it can be sorted and filtered. OS information is also available from the API.
11.1.9. Vulnerability
New dashbar in CVE list view
The vulnerability service has a new feature called the dashbar which appears at the top of the CVEs page. The dashbar aims to help prioritize and navigate findings easier by showing the number of, and links to, CVEs that are typically associated with higher risk to your enterprise. You have easier visibility and access to CVEs with:
- known exploits
- security rules
- critical severity
- important severity
The dashbar will also contain alerts about high-priority CVEs, when needed to increase visibility and awareness of a CVE’s potential threat.
Chapter 12. November 2021
12.1. Red Hat Insights for Red Hat Enterprise Linux
12.1.1. Product Wide Updates
This release includes the following enhancements:
Remediation with Insights and Red Hat connector
With the release of RHEL 8.5, you can connect your system using the Red Hat connector utility. The Red Hat connector utility consists of a command-line interface and daemon that enable users, within the Insights for Red Hat Enterprise Linux application, to execute Insights remediation playbooks directly on the host (console.redhat.com/insights). For more information, refer to the Red Hat Connector Configuration Guide.
12.1.2. Advisor
This release includes the following enhancements:
RHEL minor version visible in systems and inventory lists
In advisor service systems lists, users can see the RHEL minor version running on each system. In the general and recommendation-specific systems lists, users can filter by the OS minor version to allow customers to quickly narrow down the list of affected systems by the version of RHEL they are interested in.
Advisor event notifications
The advisor service enables the notifications functionality on the Red Hat Hybrid Cloud Console platform. This feature enables notifications administrators to define notification behavior groups and integrations so users can more easily monitor for advisor service and OpenShift events. Triggered events are handled based on the Notifications configuration at the account level (for example, email alert & summary, or integration with webhooks).
The advisor service has two event types that trigger notifications for users subscribed to receive them. In addition to the New recommendation event, a new Resolved recommendation event triggers notifications when a system checks in and advisor notices that a previously existing recommendation is resolved.
For more information about leveraging advisor service notifications in a self-healing infrastructure, read the following proof-of-concept blog post: Self-healing infrastructure with Red Hat Insights and Ansible Automation Platform
Microsoft SQL Server workload management
Red Hat Insights now provides functionality and controls to assist in managing Microsoft SQL Server workloads hosted on Red Hat Enterprise Linux. Red Hat Insights automatically profiles and identifies registered hosts running SQL Server and enables additional filtration capabilities within the Insights services. SQL Server-specific recommendations are available within Advisor, and additional SQL Server facts are available in the drift service comparison and baseline functionality, policy creation, and information available via Inventory. Red Hat Insights can be further extended through integration with the Microsoft SQL Assessment API, providing additional detection and recommendation capabilities.
Onboarding tour
An onboarding tour will help visitors and new advisor-service users navigate the application and understand its basic workflow, from identifying the most critical issue in a RHEL infrastructure to creating a remediation playbook to resolve it. To view the onboarding tour, visit the Insights Resource Center (light bulb in bottom right corner) in the advisor service application.
Visual enhancements
- Sticky headers and compact spacing in System and Recommendation tables
- Incident labels and filter in systems page
New recommendations
Red Hat Enterprise Linux
- More than 80 new recommendations have been added to the Insights for Red Hat Enterprise Linux advisor service. The main new recommendation themes are focused on Ansible Automation Platform & Microsoft SQL Server.
- As part of continuous maintenance of the recommendations archive, we have also reviewed and retired more than 80 recommendations.
Ansible Automation Platform
- We have introduced 10 new recommendations focused on improving the operational experience of Ansible Controller hosts. You can view these recommendations under a new featured advisor service topic, Ansible Automation Platform, in the Insights for Red Hat Enterprise Linux advisor service UI.
OpenShift
- Ten new OpenShift recommendations focused on storage and networking configuration, and user and certificate management, were added to the advisor service.
Insights-operator improvements for OpenShift
Insights operator now leverages conditional data gathering, which reduces the size of the insights-operator archive while allowing the Insights for Red Hat Enterprise Linux application to collect specific information only when really needed.
12.1.3. Compliance
This release includes the following enhancements:
In-service tag filtering
The compliance service now supports filters within various views specific to the compliance service. Unlike global tag filtering (Filter by status) available throughout the Insights for Red Hat Enterprise Linux application, compliance service tags are set within systems list views; for example, in report details for a policy, policy details Systems tab, and in the Compliance > Systems page.
PDF report by policy
A PDF report is now available for policies that executed successfully and reported status. This report makes it easier to share results of scans with auditors, risk and compliance teams, or others within the organization. Users will have some control on the sort of data they would like to see within the report.
Bug fixes
- Fixed “Select All” on tables throughout
- Minor UI fixes throughout (for example, icon color, etc)
12.1.4. Drift
This release includes the following enhancements:
Notifications for “drift from baseline detected” events
The drift service now makes use of the notifications functionality, allowing entitled users to define systems to monitor for drift-from-baselines events. Triggered events are handled based on the notifications configuration at the account level (for example, email alert & summary, or integration with webhooks).
Bug fixes and enhancements
- Multi values for facts and tags are now displayed consistently.
- ‘Reset filters’ feature is fixed and updates URL parameters accordingly.
- Reference ID is now set correctly when adding baselines to comparison.
- Tooltips are now visible on all selected baskets' icons.
- ‘Filter by name’ is now case insensitive and returns results for both lowercase and uppercase.
- Semantic for baseline errors is improved (typos, error messages, etc).
- UI now handles RBAC granular permissions for drift:notifications:[read|write], historical-system-profiles:read and baselines:write.
- The Baselines empty state is improved.
- All selected systems in the add-system modal dialog box are now grouped on the first page.
- A couple of issues on selected-systems basket are fixed (bulk, sizing).
- Selected systems basket is now correctly emptied on “Clear all comparisons”.
- Padding and alignment on Comparison and Baseline screens are fixed.
- Minor UI fixes throughout (for example, icon color, etc).
- Export to PDF is now available in addition to Export to CSV.
- Baseline list view now displays the system association count for drift service notifications.
- System tags with multivalue are now displayed correctly in comparisons
- Enabling/Disabling toggle for Notifications.
12.1.5. Notifications and integrations
This release includes the following enhancements:
New event types
New event types are available for users to get (email and webhook) notifications about:
- ‘Drift from baseline detected’ (Drift)
- ‘New recommendation’ and ‘Resolved recommendation’ (Advisor)
Behavior groups
Notifications administrators can now define multiple Behavior Groups to simplify the assignment of actions to event types. This new feature extends the previous Default behavior functionality, allowing Notifications administrators to define as many Behavior Groups as they want.
Behavior group, send-email action now supports admin-only recipients
‘Users: All’ and ‘Users: Admins’ are now both supported as recipients for sending email notifications. With this additional feature, Notifications administrators can configure notifications to target account Organization administrators when events trigger email actions.
Notifications event log
The event log lists all previously triggered events on the account and actions taken according to the configured behavior groups. The list is filterable by event, bundle, and application. The event log helps Notifications administrators troubleshoot notification configurations and ensure that the service performs as expected.
Bug fixes and UI enhancements
A couple of small bug fixes and enhancements are available in the integrations and notifications services:
- Filters & resetting filters now follow Red Hat Hybrid Cloud Console standards.
- The URL for the system link in the advisor service notification email is now correct.
- Email templates now point to console.redhat in place of cloud.redhat.
- Only one “Send email” action can be added per behavior group.
- Notifications page & modal dialog are fixed for mobile-client display.
- Action selection on behavior groups includes all options (‘Send an email’ and ‘Integration: Webhook’).
- Date on the first generated daily digest email is correct.
- Notifications documentation is improved.
12.1.6. Patch
This release includes the following enhancements:
Introduction of patch status
View a summary of how many hosts are up-to-date, how many hosts have patches available, and click to filter just those lists. Summary totals update based on filters. This lets customers get these quick summaries for tagged groups, workloads, or RHEL product versions.
Expanded scope for patch analysis
Analyze and report on applicability for EPEL packages and advisories for RHEL 7 and RHEL 8.
Visibility of most-impactful advisories
Review the top four most-impactful advisories based on type and number of hosts affected. Each of these highlighted advisories are presented with basic summary information, including the type/severity, brief description, number of hosts affected, and whether or not a reboot is required.
Enhanced package analysis and remediation
Gain a better understanding of packages deployed across your RHEL infrastructure and take the following actions:
- Filter systems by the version of the package installed on them.
- Select and remediate systems by adding an update to the latest available package to a playbook.
- Export the list of systems with a particular package installed.
12.1.7. Policies
This release includes the following enhancements:
Bug fixes and UI enhancements
- Empty state is now following Red Hat Hybrid Cloud Console guidelines.
- Reset filters are now following Red Hat Hybrid Cloud Console guidelines.
- Recent trigger history screen is now improved with retention information (14 days) in its empty state.
- Additional facts are now available in the type-ahead when writing conditions for policies: facts.installed_packages_delta, facts.cpu_model, facts.dnf_modules and facts.operating_system.
12.1.8. Vulnerability
This release includes the following enhancements:
Use of Red Hat OVAL feed
The vulnerability service is using OVAL behind the scenes for vulnerability analysis. This leads to a more comprehensive set of reporting, and customers may see a change in CVEs being reported. Additional details can be found in this KCS article.
Filtering by RHEL minor version
The vulnerability service now supports filters by RHEL minor versions for systems. Filtering by RHEL minor versions has been added throughout any list of systems within the vulnerability service. This leads to finer triaging and reporting.
Bug fixes
- Column management
- Minor UI fixes throughout (e.g. icon color, etc)
Chapter 13. More Information About Red Hat Insights for Red Hat Enterprise Linux
Learn more about Red Hat Insights for Red Hat Enterprise Linux from the following resources:
Providing feedback on Red Hat documentation
We appreciate your feedback on our documentation. To provide feedback, highlight text in a document and add comments.
Prerequisites
- You are logged in to the Red Hat Customer Portal.
- In the Red Hat Customer Portal, the document is in the Multi-page HTML viewing format.
Procedure
To provide your feedback, perform the following steps:
Click the Feedback button in the top-right corner of the document to see existing feedback.
NoteThe feedback feature is enabled only in the Multi-page HTML format.
- Highlight the section of the document where you want to provide feedback.
Click the Add Feedback pop-up that appears near the highlighted text.
A text box appears in the feedback section on the right side of the page.
Enter your feedback in the text box and click Submit.
A documentation issue is created.
- To view the issue, click the issue link in the feedback view.