Default language.

25.2 (15.0) enhancements

BMC Discovery 25.2 (15.0) runs on Oracle Linux 9. You can upgrade directly to BMC Discovery version 25.5 (15.0) from version 20.02 (12.0) and later that run on either CentOS 7 or Red Hat Enterprise Linux 7.

You can also migrate your data to a fresh installation of BMC Discovery 25.2 (15.0). To migrate your data, you must back up the CentOS or Red Hat Enterprise Linux based appliance and restore it to a new BMC Discovery appliance.

  

Installing from kickstart media

Installing the virtual appliance

Release notes and notices

Deprecated features

BMC Discovery training and certification

25.2

Deep container discovery

BMC Discovery provides detailed discovery of software running inside containers. A scan of a container in the data center has two parts: SSH access and API access. SSH access discovers running processes, whether they are containers, running in containers, or one of the levels of orchestration or runtime processes. If the process is identified as a container, and it is simply running on a host without orchestration software, its discovery continues by using SSH. Patterns determine the version of the software running in the container.

If orchestration software, such as Kubernetes, is discovered, you can perform further discovery by using a separate API scan, which can determine which deployments are present, the pods in which they run, and the original images. This provides accurate versioning of the software running in the containers, which in turn makes lifecycle data such as the end-of-support and end-of-life data available for container-based software. In this case, SSH and API scans are required for complete discovery.

Stable Software Instances are related to Deployment nodes, and are referred to as stable, as they do not change as containers come and go. The ephemeral software that runs inside containers is modeled by using Contained Software Instance nodes.

A Software-Container Details view provides an overlay view from which you can toggle the display of Contained Software and Container Images. See Software and infrastructure visualization for more information.
 
The following screenshot shows a visualization of discovered containers.
container-visualization.png

BGP network route discovery

BMC Discovery discovers IP links between network devices by using BGP IP routing information, and discovers site-to-site connectivity using ISP AS path information. It supports iBGP and eBGP. For further information, see IP Connectivity using BGP data.

Discover hosts by using Oracle Cloud Infrastructure bastion

Discovering hosts in Oracle Cloud Infrastructure (OCI) by using an OCI bastion enables you to perform detailed discovery of Linux hosts running in OCI without requiring further credentials. The OCI bastion also supports Windows hosts, though a PowerShell credential is required for the targets.

BMC Discovery accesses the bastion with the OCI credential, and the bastion creates a managed SSH session to Linux hosts without requiring further credentials. For more information, see Discovering hosts in OCI by using OCI bastion.

  

Trigger run types

  
A ‘trigger’ discovery run allows you to create a discovery run that executes a pattern without performing any discovery. The pattern can be a simple pattern, or one written to access a defined data source type. For more information, see Creating import triggers and Performing a discovery run.

  

Automatic scanning of cloud-based Kubernetes clusters

  
Automatic discovery of cloud-based Kubernetes clusters occurs by default when you scan your supported cloud services. When BMC Discovery finds a Kubernetes cluster, it creates an automatic scan using a Kubernetes token obtained from the cloud provider. Automatic scanning of Kubernetes clusters can be disabled (Automatically scan Kubernetes clusters) for each scan. No additional credentials are required. The API token is generated depending on your existing privileges. (See Discovering Kubernetes clusters and Kubernetes (BMC Discovery Content Reference) for more information.

  

Select the credentials to export from the credential vault

  
Select and export any combination of credentials from the credentials page, in addition to exporting single credentials or the entire credentials vault. See Exporting-and-importing-the-credential-vault for more information.

  

Visualizations allow you to view their state at earlier dates

  

BMC Discovery allows you to view visualizations on selected dates in the past. For more information, see Software-and-infrastructure-visualization.

  

Results from the discovery of additional endpoints are shown on the requesting DiscoveryAccess

Where the scan of an endpoint runs additional Discovery requests, such as runCommand, on remote endpoints, the details of that request are added to an existing DiscoveryAccess for the remote endpoint and related to the first (requesting) DiscoveryAccess. The details are shown on the first requesting DiscoveryAccess page. For more information, see the  DiscoveryAccess-page.

  

Support for ECDSA SSH keypairs and OpenSSH formatted keypairs for target scanning

  

BMC Discovery supports ECDSA SSH keypairs for scanning discovery targets. ECDSA SSH keypairs and the other types of supported SSH keypair can be generated by using either OpenSSH or OpenSSL tools. 

  

Technology Knowledge Update

  

The 25.2 version also includes the  Technology Knowledge Update TKU 2025-Jun-1

  

Miscellaneous updates

  

  • Support for support for the BMC Discovery Outpost using an HTTPS proxy.
  • Add multiple related nodes to a visual query quickly without repeatedly clicking Apply and Add.
  • Apply a sort order to the results of a Visual Query. For more information, see Visual query builder tools.
  • Many network devices only listen on UDP ports. These devices do not respond to prescans, so they might not be detected and consequently not added to the full scan. Select the Prescan IPs option, where you scan specific ranges you know contain many such network devices. The scan will give NoResponse DAs for dark space but successfully detect everything else. See Performing a discovery run for more information.
  • An administrative user can delete queries saved by other users. See Saving and sharing queries for more information.
  • You can select and export any combination of credentials from the credentials page, in addition to exporting single credentials or the entire credentials vault. See Exporting and importing the credential vault for more information.
  • The OpenAPI definition file defines just the common attributes for credentials. See Endpoints in the REST API for information about all endpoints in the REST API.
  • TPL template files are provided for sync mapping extensions for Azure services.
  • When creating a visualization, add related nodes step by step
  • Increase the limit of search domains in UI from 6.

Review the BMC Discovery 25.2 defect fixes that will benefit your organization and understand changes that might affect your users. 

Version Fixed issues
25.2 Known and corrected issues

What else changed in this release

Description

Reference

Nodes added, changed, or removed in BMC Discovery.

Latest changes in BMC Discovery commands.

List of OS and application packages contained in a default BMC Discovery Enterprise Edition installation.

Changes to open source packages and freely distributable binary components in BMC Discovery.

Updates to predefined reports available by default in BMC Discovery.

Change of supported OS for BMC Discovery Outpost

  
The minimum supported version of the OS for the BMC Discovery Outpost is Windows Server 2016. Before upgrading your BMC Discovery Outposts you must upgrade any BMC Discovery Outpost hosts to Windows Server 2016 and later. 

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*