Youtube - 2.1.0 Release Overview video
For those who prefer readable content, read on! For all images in this article, simply "Right click > Open image in new tab" to see them in full resolution.
"Backup filters" feature
You can now create custom backup filters, which allow you to ignore or completely delete parts of the backup received from your devices. This can be useful if you do not want to store some data that the device outputs, or if you want to ignore parts of the backup for config change notifications. For example, if your device outputs some data that is different on every backup, you can create ignore filters to tell Unimus this data should be ignored. Using the backup filters, you can create completely custom rules on what to ignore or delete to cut down on change notifications.For more information and examples, we have a dedicated blog article.
"NMS Sync" upgraded to preset-based
We have migrated NMS sync to use presets, instead of static configuration. This provides multiple benefits. For example, you can now configure sync from as many NMS systems of the same type as you like simply by creating more presets. The second benefit is that NMS sync is now fully compatible with Zones. You can specify to which Zone an NMS Sync preset should import to. These updates make NMS Sync very flexible. You can import all your customers' networks from a single NMS into multiple Unimus Zones. Or you can import from multiple NMS systems, each representing a separate Zone.For more information and examples, please check our NMS Sync blog article.
"Advanced Settings" for Mass Config Push
We have added a new "Advanced Settings" window to Config Push. In most use cases our default Config Push behavior was sufficient, and worked as expected. However, in a few specific cases there was a need to fine tune how Config Push behaved, and the new Advanced Settings allow these adjustments.These new settings are covered in this blog article.
NetXMS Agent as a proxy for Zones
In 2.1, we are adding the option to use a NetXMS Agent as a Unimus Zone proxy. If you are using NetXMS and already have an Agent deployed in a remote network, you don't need to deploy Unimus Core - you can just use your existing Agent. This cuts down on the amount of software you need to deploy, and if you already use NetXMS, you can now onboard your networks into Unimus much faster.More details in the documentation on our Wiki.
Other minor new features and improvements
We have also added many new minor features, such as improvements to notifications, UX improvements to Config Push, warnings when an older version Core is connected, performance improvements, and many other UI and UX improvements across Unimus. Head down to the full Changelog to learn more!
Security improvements and bug fixes
We focused heavily on security in 2.1, as outlined in our Update on Unimus codebase and release security article earlier this year. We have updated both our backend and frontend frameworks to latest LTS releases, reviewed Unimus build security and infrastructure and introduced code-signing to all binary releases.
With each new release, we also add support for new network vendors and devices. This release is no different and we are adding support for 21 new device types, from 15 separate networking vendors.
The Changelog for 2.1.0 is quite large, so this article doesn't cover it completely. If you want to see all the changes in this release, please check the full Changelog below:
= Version 2.1.0 = Features: Added notifications if a Zone goes offline (can be configured in the "Notifications" screen) You can now select which Zone the "Basic import" imports devices into Config Push History (on the Dashboard) now shows which user ran the Push, or if it was scheduled Improved Diff performance (diffs with a large change-set could be very slow) Improved Import / NMS Sync handling - import/sync jobs are now queued, so a single job doesn't block you from queueing others You can now disable the Core connection listener if desired (if not using remote Cores) The "get" endpoints for "devices" in the API ("/api/v2/devices/...") now also return the status of the last device job "Sensitive data stripping" has been moved from "Other settings" to "Backups > Configuration" "Advanced settings" > "Discover un-discovered devices when new Credentials are added", "added" was changed to "added or bound" Improved Output Group matching in Mass Config Push Added new icons for Comments / Tags / Filters in all tables Added "unimus.core.tcp.connect-timeout" config option to control Core->Unimus connection timeout (default 5 seconds) You can now disable specific job types (Discovery, Backup, Scan, Config Push) if desired Added support for devices which ask "Configure from terminal?" when the "configure" command is sent On JunOS devices, "monitor stop" will be sent before backup to make sure logs are not present in backup Improved support for Adtran NetVanta devices Improved support for Datacom devices Improved support for ExtremeWare devices Improved support for Quanta devices New "Custom Backup Filters" feature: - you can create custom filtering rules on backups to filter any data you don't want inside backups - both completely deleting and/or replacing data for a filtered text are available - allows for creation of rules based on Tags, device vendors or device types - https://unimus.net/blog/backup-filters-unimus-210 "NMS Sync" is now configured using Presets, and now properly works with Zones - you can now define as many NMS Sync connections as you like - fully integrated with Zones, you can now use NMS Sync to sync devices to multiple Zones - existing configuration automatically migrated to Presets - https://unimus.net/blog/nms-sync-improvements-unimus-210 Ability to use the NetXMS Agent as a proxy for Zones: - you can use a NetXMS Agent as a poller for an Unimus Zone instead of an Unimus Core - if you use NetXMS, you no longer need to deploy both a NetXMS Agent and an Unimus Core for the Zone - https://wiki.unimus.net/display/UNPUB/NetXMS+Agent+as+Zone+Proxy New "Advanced Settings" feature for Mass Config Push: - allows overriding credentials used to connect to devices by this Push Preset - allows overriding timeouts used in device communication by this Push Preset - allows settings the prompt matching mode used by this Push Preset - https://unimus.net/blog/config-push-advanced-settings-unimus-210 Unimus Core version is now checked by Unimus and shown in Zones - added versioning to the Core communication protocol - Unimus now checks if Cores are using a supported version during connection - Unimus will notify on the Dashboard if any "older" version Cores are connected - Core version is now shown in the "Zones" screen (if the Zone is using an Unimus Core as it's proxy) Added support for: - Adit 600 series - Brocade G620 - Cisco FirePOWER for AWS - Datacom DmOS devices - Datacom DmSwitch devices - D-Link DXS 5000 series - Extreme 200 series - Extreme VOSS / VSP OS - Extreme Wing AP 510 - Fiberhome devices - Fiberstore (FS.com) Campus switches - Fortinet FortiWeb - IBM Flex System Fabric - IBM RackSwitch - Netgear GSM switches - Nomadix EG devices - Nomadix NSE devices - Siklu Terragraph - Ubiquiti airFiber 60 5G - Ubiquiti airFiber 60 LR - Ubiquiti GigaBeam - ZTE ZXA devices Fixes: Fixed Slack notifications not working with new Slack Apps (changes in Slack API for new Apps) Fixed issue when writing into an input box, a desync may occur that caused a character to get lost, and the cursor to jump to the start of the input box Fixed built-in backup filtering in rare cases could add many "<--filtered-->" text instances into a backup Fixed config change notification not sent if a backup was pushed over the API Fixed API limited max page size to 50, even if user specified a much larger size Fixed Import and/or NMS Sync could get stuck if there was an internal error during import/sync Fixed Unimus could stop working on HSQL after a long period of time if data retention cleanup settings were enabled Fixed running discovery/backups on all devices over the API did not work (single device requests worked properly) Fixed Import and NMS Sync running UI notifications could get lost when moving around the application Fixed wrong Config Change Notifications on specific Cisco IOS versions Fixed wrong Config Change Notifications when a few specific config items were present on F5 devices Fixed "Backup it very long, do you want to continue?" warning boxes not working properly Fixed errors when trying to add extremely long passwords (over 130) characters in the "Credentials" screen Fixed inconsistent case sensitivity in Config Search (normal matching is now always CI, regex matching is done per regex settings) Fixed Config Search showing whole backup when Context Size was set to 0 Fixed multiple edge-case issues and errors in Config Search Fixed multiple edge-cases where a device address with a whitespace was not properly trimmed Fixed checkbox and selection not being properly reloaded after refresh (F5) Fixed "last run" value not being updated in a Config Push preset in some circumstances Fixed multiple UI issues (element overflows, wrong element sizing on small resolutions) in Config Push Fixed "$[no-wait]" not properly working in Config Push under certain circumstances Fixed Discovery failing on newer firmware version of HP/HPE ProCurve devices Fixed devices that used "enter" as pagination not working over Telnet Fixed jobs failing on newer Adtran NetVanta devices Fixed jobs failing on a few specific HP Comware devices Fixed jobs failing on a few specific devices over Telnet Fixed jobs failing on specific configurations of ExtremeWare devices Security fixes: Upgraded the frontend framework to the latest LTS version Upgraded the backend framework to the latest LTS version Fixed not properly invalidating all sessions of a logged-in account if it was removed (sessions would work until session timeout) Fixed users being able to see Tags they did not have access to in Config Search (only list of Tags affected, search results were properly secured) Embedded Core version: 2.1.0 Known issues: ISSUE: When many jobs are running, and you scroll or re-order the Devices table, some rows can be duplicated and/or malformed WORKAROUND: table re-render fixes this - scroll out and back in, or reorder again and elements will rerender properly STATUS: issues in framework after upgrade to latest LTS - we are investigating how to fix :( ISSUE: Opening a Config Push preset is slow and locks the UI session with large results (1000+ devices) WORKAROUND: none STATUS: issue scheduled for fix in next version ISSUE: Search in Config Push preset outputs is slow and locks the UI session with large results (1000+ devices) WORKAROUND: none STATUS: issue scheduled for fix in next version ISSUE: Device ownership (Owner) is not properly set when using Basic Import WORKAROUND: none STATUS: issue scheduled for fix in next version ISSUE: An API call to the "devices" endpoint using PATCH doesn't work WORKAROUND: none STATUS: issue scheduled for fix in next version ISSUE: Already logged in user gets 'Access denied' when they manually navigate to '/' WORKAROUND: none STATUS: issue scheduled for fix in next version ISSUE: When moving many devices across Zones, an error can occur WORKAROUND: none, retry the move again STATUS: issue scheduled for fix in next version ISSUE: Notifications don't contain a list of addresses of filtered devices (no connectors, Core offline, etc.) WORKAROUND: none STATUS: issue scheduled for fix in next version ISSUE: Config push creation - 'Require "enable" mode' is not automatically checked when 'Require "configure"' is checked WORKAROUND: none, works properly after preset has already been created STATUS: issue scheduled for fix in next version ISSUE: Data put into HTTP query parameters are not escaped in NMS Sync importers that use HTTP protocols WORKAROUND: none STATUS: issue scheduled for fix in next version ISSUE: Sorting by Job Status in Devices does not work properly if Unmanaged devices are present WORKAROUND: none STATUS: issue scheduled for fix in next version ISSUE: Some screens in Unimus show time in server's time zone, others in client's (browser's) time zone WORKAROUND: none, issue only relevant if client has different time zone than server STATUS: we are debating on how to fix this - will likely create a setting to select which TZ should be used