The following updates were released to the Kentik platform during May 2026.
AI / Insights
Features
- AI Advisor Cloud Pathfinder visualization: AI Advisor now renders hop-by-hop network path diagrams for cloud traffic, showing entity types, VPC associations, AWS regions, and reachability status.
- AI Advisor usage tab: New "AI Advisor Usage" tab in AI Settings shows AI assistant usage analytics over selectable time ranges.
- Create runbooks from AI Advisor: Users can create, retrieve, and update runbooks directly from AI Advisor conversations, with automatic linking to alert policies and session tracking.
- AI Advisor alerting tools: Adds single-alert lookup, device enrichment in alert details, and a new Alert Statistics tool for aggregated counts, trends, and top-N rankings.
- Notification template AI helper: "Ask AI" assistance is now integrated into the notification template editor for context-aware help with template creation and debugging.
- AI Advisor disabled-tool visibility: AI Advisor can now display unavailable tools along with the reason they are disabled (RBAC or missing features), so users know how to enable them.
- DeviceConfigTool search improvements: Device config search now uses a token-budget model with configurable
search_token_limitand context window controls for denser, more predictable results. - GPT-5.5 model support: The AI gateway now offers GPT-5.5 and removes deprecated models so only current, supported models are available.
Bug Fixes
- AI Advisor NMS saved views fix: Fixed execution and listing of NMS (Metrics Explorer) saved views that previously returned "invalid query data" errors.
- AI Advisor synthetic test label filtering: Fixed the non-functional label filter in the synthetics status tool, enabling case-insensitive filtering of synthetic tests by label.
- AI Advisor single-metric NMS queries: The NMS tool now enforces one metric per query for more consistent results and validation.
- AI Advisor device RBAC centralization: Device RBAC is now centralized in the agent, ensuring AI Advisor consistently honors device permissions and removes fail-open behavior.
Alerting
Features
- Bulk acknowledgment comments: Added support for bulk ack comments, default sorting of comments by newest first, and a clearer "send" submission icon.
- Synthetics notification preview: Synthetic alarm notifications can now be previewed by ID, letting users test notification templates before deployment.
- Cloudflare API Token authentication: CFMT mitigation platforms now support API Token authentication in addition to API Key, with conditional field requirements and format validation.
- compactJSON template function: The
compactJSONfunction is now registered in the template editor as an alias foruglifyJSONfor use in custom notification payloads. - Notification preview with real alarm data: Notification channel preview and test endpoints can now use real alarm data by passing an
alarmID. - New count metric for policies: Policies can now use a new "count" metric that counts messages/flows matching policy conditions.
- Device tags in alert policies: Policies can now use device tags in dimensions, device selectors, and filters; tags appear in supported-dimension and display-name API responses.
Bug Fixes
- User-friendly alert clear reasons: Updated alert clearance messages to be more user-friendly and understandable.
- Alerting table filter fixes: Fixed the persistent "Reset to Default" button and restored search terms from the URL on page load.
- Policy name length validation: Flow policy names are now validated to the 50-character API limit to prevent rename errors.
- Rolling window / toggle mode lock: Users can no longer switch existing policies between rolling window and toggle mode, ensuring mode consistency.
- Syslog/SNMP traps policy validators: Fixed validation errors when creating Syslog/SNMP traps alert policies in the policy drawer.
- Device Alerts tab loading: Reduced device alert lookback from 30 days to 24 hours to prevent the Alerts tab from timing out.
- CFMT email validation: The Account Email field now requires a valid email format when using API Key authentication.
- Flowspec rate limit rounding: Rate-limit values are now rounded to prevent route flaps and mitigation failures.
Cloud
Features
- AWS Map transit gateway filtering: Improved transit gateway traffic visualization on AWS Map with an "Any" filter connector and support for observing gateway filters that capture traffic entering the cloud.
- OCI topology scrape upgrades: Enhanced OCI topology collection with large-scale scraping and a faster summary-based table, available via opt-in feature flag.
- GCP gateway and interconnect dimensions: Added new GCP UDR dimensions for source/destination gateway name, gateway type, and interconnect name, enabling gateway-level traffic analysis.
- Azure private load balancer tagging: Azure tagging now includes private load balancer frontend IPs for more accurate subscription, resource group, region, vnet, and subnet tags.
Bug Fixes
- Cloudpak utilization chart selection: Fixed the License page Cloudpak Utilization chart so only one selection dot appears at a time in select mode.
- Missing cloud traffic metrics: Fixed device-level data mapping so the Public Clouds utilization chart displays complete Received and Stored traffic for all devices.
- Cloud chart dark mode labels: Public Clouds utilization chart axis labels are now visible in dark mode.
- GCP metadata crash: Prevented a crash when GCP lacks permissions to fetch regions and zones, allowing graceful degradation with partial topology.
- AWS topology consistency: Added eTag-based concurrency control to prevent race conditions and empty data when updating AWS topology files in S3.
- S3 request timeouts: Added a 20-second response header timeout with retries to eliminate sporadic 15-minute S3 timeouts affecting cloud flow ingestion.
- GCP service account key validation: GCP service account keys with formatting issues are now normalized and validated, eliminating cryptic ASN.1 parse errors.
NMS
Features
- Command Access generally available: Command Access is now available to all customers, enabling users to back up device configs and run ad hoc SSH troubleshooting commands.
- Configurable command timeout: Users can set a custom device command execution timeout (default 30s), configurable per device and via bulk updates.
- Command execution gating: Commands now run only on devices where command execution is enabled; devices with read-only diagnostics disabled report the command as denied.
- Kentik Map device health: The Kentik Map now shows color-coded CPU and memory health icons and opens the device sidebar when clicking device circles.
- Data origin in chart tooltips: Highest bit rate charts and Metric Explorer now show each series' data origin in tooltips.
- SNMP v3 "None" credentials: Users can create SNMP v3 credentials with no authentication and/or privacy protocol (noAuthNoPriv and authNoPriv).
- Agent HealthV2: HealthV2 fields are now populated for Universal Agents and capabilities using the full severity scale.
- Merge series in Metrics Explorer: Library Metrics Explorer panels now show the previously missing Merge Series control.
- Device tags in the UI: Device tags can now be used as filtering criteria across NMS, Flow, and Subpolicy configuration.
- Site inventory enhancements: Site inventory now includes separate Lat/Lon columns, distance calculation between sites, and Google Maps URLs.
- Cisco Catalyst Center integration: New telemetry gateway source collects device inventory, health, interface, and wireless AP data from Cisco Catalyst Center with auto-provisioning.
- Custom reports in agent bundles: Custom SNMP reports are now rendered into agent bundles, with a new PreviewReport API and automatic bundle regeneration when reports change.
- Added Xerox WorkCentre support: Added Xerox WorkCentre printer SNMP monitoring support.
- Improved VMware NSX trap support: Improved VMware NSX SNMP trap support.
- Improved BITS trap support: Improved BITS trap support.
Bug Fixes
- Kibana logs link filter: Device details Actions > Logs now filters by
device_idinstead ofdevice_nameso logs match correctly. - Metrics panel display units: Metrics panels now derive the correct display unit from metric metadata instead of defaulting to percentage.
- License limit downgrades: Users can downgrade full-monitor SNMP devices to flow-only and edit device properties when over their npak license limit.
- Discovery agent SNMP/ST capability: Discovery now auto-enables the SNMP/ST capability on selected agents to prevent the workflow from hanging.
- Device name normalization: Device names are now normalized to lowercase for consistent display.
- SNMP discovery deadlock: Fixed SNMP discovery hanging when the thread count was unset by defaulting to four threads.
- Unpermitted capability cards: Capability cards behind disabled feature flags no longer flash on initial load.
Platform
Features
- Device list views: The ListDevices API now accepts a view parameter (FULL, BASIC, ID_ONLY) to control response detail and improve performance for lightweight queries.
- Get device by name: New GetDeviceByName API endpoint allows looking up a device by name instead of ID.
- VRF management via Interface API: Interface API requests can now create and update VRF records, fixing 500 errors on interface updates.
- Tenant user API: Added separate create, update, and delete operations for MKP tenant users as distinct operations from tenant management.
- Device Command Access default:The Device Command Access feature flag is now enabled by default for non-on-premises deployments.
- BGP password validation clarity: Updated the device_bgp_password field description to reflect the full accepted character set.
- Insights admin authentication: Added basic authentication to the insights admin interface to prevent unauthorized changes to insights definitions.
- Bulk device site reassignment: New bulk API and UI to reassign multiple devices to a different site in a single operation with RBAC enforcement.
- Universal Agents severity scale: Agent and capability health now use a full five-level scale (Healthy, Warning, Degraded, Critical, Down) across Universal Agents and Agent Details.
- Capability restart telemetry: Added capability_restarts and crash_loop_count metrics for alerting on restart loops and crash storms.
- Ubuntu 26.04 support: Agents can now be deployed on Ubuntu 26.04 and Linux Mint 23.
Bug Fixes
- Site filter sorting: Site filter options on the Devices page are now sorted alphabetically with "None" pinned to the top.
- License page flow measurement accuracy: Fixed FPS query logic on the License page to deduplicate measurements per device and average values, improving accuracy for DevicePak and FlowPak plans.
- SSO super admin protection: Super admin access is no longer downgraded through SSO attribute mapping, and rolesets only apply when they contain roles.
- Data Explorer timezone label: The Data Explorer date range header now shows the timezone (UTC offset) for clarity.
- Tree navigation readability: Improved tree navigation with larger fonts, chevron icons, and better alignment.
Synthetics
Features
- Redesigned Tests page: The Synthetics Tests page now consolidates Test Control Center functionality with an enhanced admin table (sorting, filtering, customizable columns), health timeline sparklines, bulk pause/resume and label editing, and configurable time ranges (1 hour to 30 days).
- Path View table view: New MTR-style table view for synthetic test path results, with hop-by-hop RTT, packet loss, ASN, geolocation data, and CSV export.
Bug Fixes
- Observation Deck crash fix: Fixed a crash in the Observation Deck when synthetic tests are not configured.
- Agent alert API fix: Fixed PUT/DELETE failures by passing IDs as strings, and agent alerts now default to active when created.
- Path View trace merging: Path View now merges traces across timestamp buckets so probes from all agents are displayed, especially for longer-frequency tests.
Traffic
Features
- Editable Data Explorer widgets: Data Explorer query widgets in Observation Decks can now be edited, automatically creating an underlying saved view in the Library.
- Traffic cost interface consolidation: Interface rows sharing the same device ID and SNMP ID are now combined into a single row for a cleaner traffic costs view.
- RoCEv2 sFlow parsing: Added parsing of RoCEv2 headers from sFlow data, enabling analysis of RDMA operation codes, queue pairs, and related fields for Crusoe devices.
- Optional PTR-based device auto-creation: kproxy can optionally auto-create devices for unknown senders using reverse DNS lookups, streamlining onboarding.
- VRF fields in flow: ktranslate can now capture ingress and egress VRF IDs in flow data for VRF-based traffic analysis.
- Disney Streaming CDN detection: Added Disney Streaming as a detectable CDN so its traffic appears in CDN Attribution analytics.
- Bulk device plan reassignment: New API and UI to reassign multiple devices to a different plan with capacity validation and live UI updates.
Bug Fixes
- Device telemetry FPS source: The Device Telemetry page now selects FPS data by source priority (flowproxy > kproxy > flow), eliminating data gaps.
- sFlow flow metric accuracy: Fixed counting of sFlow counter samples as flows, preventing inflated flow statistics for devices sending mixed samples.