Release notes

Red Hat Lightspeed advisor in Red Hat Satellite (GA)

The advisor service is now generally available for disconnected environments in Satellite 6.18. This service offers broad assessments of RHEL infrastructure health across availability, stability, performance, and security. Users can now view risk levels, affected systems, and remediation playbooks directly within the Satellite console.

Red Hat Lightspeed advisor in Satellite (Tech Preview)

The vulnerability service is now available as a technology preview for on-premise use. This service provides a security-focused view for identifying systems at risk. You can view detailed CVE information, such as severity and CVSS scores, to enable more effective risk triage compared to traditional errata views.

Red Hat Content Delivery Network (CDN) and Entitlement Network Modernization

On January 14, 2026, Red Hat will update its CDN and entitlement networks. This affects customers who use RHEL 7.3 or earlier and customers who use specific IP allowlists. These network updates directly impact the insights-client. After the hostname is updated to the legacy endpoint, insights-client will stop reporting to Red Hat Lightspeed services on RHEL 6 and RHEL 7. To maintain Red Hat Lightspeed functionality on these legacy versions, you must register your systems to a Satellite server.

Red Hat Lightspeed API Cheat Sheet update

The Red Hat Lightspeed API cheat sheet has the following updates:

Updated certified Red Hat Lightspeed Splunk application

A new version of the certified Splunk application (v0.22.202511251015) is now available on Splunkbase. This release includes enhancements for eventHandles and links in the Vulnerability dashboard widget. The deprecated Drift functionality was also removed. This update includes mandatory Splunk Cloud recertification to maintain compliance and availability.

UI fixes and improvements

The following updates and fixes have been made for Inventory:

New recommendations released

The Red Hat Lightspeed advisor service now detects and recommends solutions for the following issues:

Policies decommissioning is set for December 12, 2025

The Red Hat Lightspeed policies service will be decommissioned on December 12, 2025. Customers should use inventory APIs or Ansible Automation Platform (AAP) to standardize system profiles and report use cases.

Advisory tables can now be filtered by severity

You can now sort and filter Advisory tables by severity.

Expanded lifecycle support and RHEL 10 readiness

The Planning team expanded the following capabilities to support long-term planning:

Enhanced visualization and user experience

The Lifecycle tab was updated to PatternFly 6 standards to improve usability. Planning also resolved data crowding issues in the RHEL Lifecycle chart and replaced generic roadmap failure notifications with descriptive messages.

Insights MCP Server expanded with Planning capabilities

The Planning team published their first tool (get_upcoming_changes) to the Developer Preview of the Insights MCP Server. Future work is planned for get_rhel_lifecycle and get_appstreams_lifecycle to further enhance developer workflows.

Red Hat Lightspeed: Model Context Protocol (MCP)

The Developer Preview of insights-mcp is live. The insights-mcp utility is a new, lightweight tool from Red Hat that enables you to explore and integrate Red Hat Lightspeed services with large language models (LLMs) through an MCP server.

Enhanced Insights automation with AAP 2.6

Red Hat Ansible Automation Platform 2.6 introduced automatic job labeling for Red Hat Lightspeed-triggered automation. This enhancement brings EDA and AAP closer together, making event-driven operations more transparent and easier to manage at scale.

Enhanced AAP integration: now supports Service Account authentication

Red Hat Lightspeed now supports Service Account authentication for playbook retrieval by Ansible Automation Platform (AAP). This enhancement creates a more secure, scalable, and automation-friendly integration between the platforms.

Depreciation Notice

Basic authentication with a username and password is deprecated. Transition to Service Account authentication to maintain compatibility and improve security posture.

UI fixes and improvements

The following changes and fixes are now available:

Fixes and improvements

Inventory has the following updates that improve usability, consistency, filtering capability, and host lifecycle management:

UI fixes and improvements

Advisor recommendations that conflict with active compliance policies are now flagged with a note under Steps to resolve. To find flagged recommendations, expand the Operations → Advisor → Recommendations drop-down in the Red Hat Hybrid Cloud Console.

New recommendations

The Red Hat Lightspeed Advisor service now detects and recommends solutions for the following issues:

New security rule released

A new security rule is now available for CVE-2025-41244 - Vulnerability of open-vm-tools. Product Security identified this CVE because it had public visibility and multiple customer inquiries.

Policies decommissioning is set for December 12, 2025

The Red Hat Lightspeed policies service will be decommissioned on December 12, 2025. Customers should use inventory APIs or Ansible Automation Platform (AAP) to standardize system profiles and report use cases.

The Community EPEL is available in production

The Community Extra Packages for Enterprise Linux (EPEL) is available in production for all users. With this update, users do not need to wait for EPEL to create a snapshot. For more information, see How to use Extra Packages for Enterprise Linux (EPEL).

Daily digest is available for errata notifications

Users can now choose to receive daily digests of security, bugfix, and enhancement errata that affect the organization’s subscriptions.

Improved configuration options

Image builder added configuration improvements for the following options:

Registration to Red Hat Satellite

The registration step now includes the option to register to a Satellite server. Registering to a server adds you to its inventory and provides ongoing management.

Callbacks to Ansible Automation Platform

A new configuration option enables a system that is launched from an image to automatically call back to Ansible Automation Platform. This process adds the system to the inventory and provides further provisioning automation.

Enable FIPS mode

When applying OpenSCAP security policy profiles, a checkbox is now available to enable FIPS mode. FIPS mode is automatically enabled when you select the DISA STIG profile. You can also manually enable it with other profiles.

Integration with Red Hat Lightspeed Compliance - Preview

Preview mode now enables you to apply a custom security policy defined by Insights Compliance service. This feature is currently available only in Preview.

Build images using Red Hat Lightspeed Content Templates - Preview

Image builder can now build images using content from the Content Templates feature. You can select the Content Template in Repeatable build in the image builder workflow. This feature is currently available only in Preview.

Build images using the community EPEL repositories - Preview

Image builder can now build images using the new community EPEL repositories provided by Red Hat Lightspeed Content. This feature is currently available only in Preview and can be selected from either the Custom repositories or by using Content Templates.

Incident detection via MCP External

Incident detection, a Red Hat Lightspeed technology that identifies cluster incidents, was introduced as Technology preview during September 2025. The tool is now available in the MCP server. For more information, see Integrate incident detection with OpenShift Lightspeed via MCP.

Red Hat Lightspeed API cheat sheet updated

The Red Hat Lightspeed API Cheatsheet has been updated with expanded coverage, improved clarity, and new resources to help you make the most of the Red Hat Lightspeed API. Important changes include:

UI fixes and improvements

Hostnames of RHC-connected systems no longer populate as localhost in the Execution History tab of the Remediation Plan details.

UI fixes and improvements

Several updates and fixes have been implemented to improve Inventory, including:

UI fixes and improvements

Advisor recommendations that conflict with active compliance policies are now flagged with a note under Steps to resolve. To find the flagged recommendations, expand the Operations → Advisor → Recommendations drop-down in the Red Hat Hybrid Cloud Console.

New recommendations

The Red Hat Lightspeed Advisor service now detects and recommends solutions for the following issues:

Fixes and enhancements

On the Remediation Plans page, you can now filter and sort the remediation plan table by execution status to help organize your remediation efforts.

UI fixes and improvements

Red Hat Lightspeed implemented several updates and fixes to improve inventory, including:

New recommendations

The Red Hat Lightspeed advisor service now detects and recommends solutions for the following issues:

New malware signatures released

The Red Hat Lightspeed malware detection service now scans and detects for the following issues:

Clearer system display names and increased roadmap items

The Red Hat Lightspeed Planning applications have been enhanced to provide clearer and more detailed information for both Life cycle and the Digital Roadmap. Now, instead of listed systems displaying their unique IDs (UUIDs), the Planning apps display the actual hostname. This makes it easier to identify and manage your systems. In addition, the number of items on the Digital Roadmap has increased from 16 to 24, which provides a more comprehensive view of upcoming tasks and features for Red Hat Enterprise Linux (RHEL).

Cost Management Metrics Operator 4.0 and 4.1

The Red Hat Lightspeed cost management service processes the data gathered by the Red Hat OpenShift agent, the Cost Management Metrics Operator. Two new versions of the operator have been released within a short period of time.

FIPS 140-3 compliance External

The Federal Information Processing Standard 140-3 (FIPS 140-3) is a US Government computer security standard for cryptographic modules. It is mandatory for the protection of sensitive and/or valuable data in Federal systems.

Hourly chargeback of Red Hat OpenShift Virtualization

Since December 2024, Red Hat Lightspeed cost management supports the chargeback of OpenShift Virtualization virtual machines, regardless of operating system version. Find all the details in the March 2025 blog post Charge back the cost of OpenShift Virtualization cost management.

New Splunk application update on Splunkbase marketplace

The Red Hat Lightspeed for Splunk application is re-certified for Splunk version 10 compatibility, and includes additional inventory events on the Event table.

ServiceNow application update on the ServiceNow Store

The Flow Templates for Red Hat Lightspeed application is re-certified for ServiceNow’s Xanadu and Yokohama releases.

New simplified Red Hat Enterprise Linux (RHEL) roles

Red Hat Lightspeed improved user access for Red Hat Lightspeed services by introducing three consolidated service roles that simplify User Access, strengthen security, and boost operational efficiency. They include:

Immutable systems now displayed in inventory

Inventory unifies all system types into a single, streamlined view through the following updates:

UI fixes and improvements

Red Hat Lightspeed made several UI enhancements and fixes:

Red Hat Lightspeedadvisor in Satellite 6.17.2

With the Satellite 6.17.2 release, you can download and install a new container image for Red Hat Lightspeedadvisor in Satellite that includes new and updated rules published through the end of June.

Red Hat Lightspeed advisor is fully open source

The Red Hat Lightspeed advisor service is now open source. Previously, only the advisor engine (backend) was open source. Now all of the service is open source and can be distributed to our customers through Satellite under open source license. This adds more value to advisor users, especially disconnected Satellite users.

New advisor service recommendations

The Red Hat Lightspeed advisor service detects and recommends solutions for the following issues:

Cross-linking between advisor and vulnerability for high-visibility security rules

When Red Hat identifies a high-visibility vulnerability, Red Hat Lightspeed creates a security rule and cross-links the security rule between the advisor rule and the CVE in vulnerability. This helps you to tailor your response based on additional information.

Filter by operating system versions in CVE lists

You can now filter by operating system version in CVE Lists to help you prioritize your remediation efforts.

New “Report by operating system versions”

The new Report by operating system versions vulnerability report addresses the level of exposure in out-of-the-box versions of RHEL. This new capability allows Red Hat Lightspeed to more effectively assess the security posture (from a CVE perspective) of your RHEL instances. By understanding the potential vulnerabilities and risks present in default configurations, you can make more informed decisions about upgrades and prioritize them more strategically.

Upcoming compliance APIv1 deprecation notice

The Red Hat Lightspeed compliance APIv1 will be deprecated on August 8, 2025, and switched off on September 5, 2025. The new version of the API is available at Detail of Cloud Services for RHEL Compliance API v2.

New troubleshooting tasks

The following two new tasks are available to help you troubleshoot your RHEL systems and the tasks execution framework that Red Hat Lightspeed uses:

Content templates support layered products

When defining content that you want to install and patch with content templates, you can include the following layered products, in addition to RHEL, EPEL, and custom repositories:

Improvements to Microsoft Windows Subsystem for Linux (WSL) images

The configuration for RHEL images for WSL has been improved. After downloading WSL, the WSL images will now display the correct Microsoft icon for WSL images. Additionally, the image has cloud-init pre-installed.

Improvements to configuration options

The following configuration options are now more clearly explained and easier to use, such as with drop-down lists to select valid responses:

Automatic registration to Satellite is now in production

When building an image, Register with Satellite is now an option to pre-configure in the image. This will ensure that when you provision systems from a template image, the systems automatically register back to the Satellite server.

New features available for testing in Preview

The following features are available to test in Preview:

Upcoming decommission of Launch service in Image Builder

As of August 31, 2025, the Image Builder Launch service will be discontinued. You will no longer be able to launch instances directly from custom images by using this service. After this date, you must launch your custom images by following the cloud provider’s, Red Hat Ansible Automation Platform, or Red Hat Satellite standard procedures.

Project-based costs

Red Hat Lightspeed cost management now has project costs, which allow you to set prices per OpenShift Container Platform project. To avoid human mistakes (for example, setting an additional charge for control plane projects), this rate is tag-based: you must set the tag key (and optionally, the value) you want to charge based on. It is possible to define many project-based charges. For example, you might want to set a minimum charge for the privilege of having a project in some cluster and then also an additional charge per SLA.

Czech Koruna (CZK) currency support

Red Hat Lightspeed supports the Czech Koruna in cost models, cost explorer, API and some reports, and other areas of cost management.

On-demand webinar is available: Enable automated response to RHEL alerts

Learn how to automate your response to Red Hat Enterprise Linux (RHEL) alerts using Event-Driven Ansible, part of Red Hat Ansible Automation Platform. It is useful when you need faster and consistent responses to issues like security risks or performance slowdowns.

UI fixes and improvements

Several updates and fixes have been implemented to improve Inventory, including:

Workloads information in System Details

You can now view detailed workload data directly on the System Details page of each system. Workload discovery includes support for: Ansible Automation Platform, Microsoft SQL, SAP, IBM DB2, Oracle DB, Crowdstrike, Intersystems, and RHEL AI. Each workload section can be expanded to show specific, contextual information. This gives you a more comprehensive understanding of what is running on your systems.

New recommendations released

The Red Hat Lightspeed Advisor service now detects and recommends solutions for the following issues:

Red Hat Lightspeed API cheat sheet updated

The Red Hat Lightspeed API Cheat Sheet was updated with expanded coverage, improved clarity, and new resources to help you make the most of the Red Hat Lightspeed API. Key changes include:

Red Hat account login using emails as usernames deprecated

You can no longer log in to your Red Hat account with your email unless your email is your Red Hat login. For more information, see Finding your Red Hat login.

Functional levels with RHC client

RHC is now the official and recommended tool for registering RHEL 10 systems to the Hybrid Cloud Console. This update with RHEL 10 allows users to enable or disable features during registration, providing control over the amount of data collected from the system.

Table view for all remediation plans

Remediation plans in Red Hat Lightspeed now feature a searchable, sortable, and filterable table view, mirroring the rest of the Red Hat Lightspeed experience. This new format streamlines the process of locating specific plans, especially beneficial when handling numerous plans, by enabling users to define and apply criteria for their searches.

Quick start guide: Creating and executing remediation plans

A new quick start guide is available to help you get started with remediations. The guide helps you navigate the process of creating a remediation plan for advisor issues, confirming execution readiness, and executing the remediation plan on direct-connected hosts.

In-app execution readiness guidance

Remediation plan details now include a new Execution readiness card. This card offers a clear, step-by-step checklist of the permissions and configuration settings required for successful remote host execution. If any of your configuration settings are incorrect, the card specifies the exact steps needed for proper setup.

Execution History tab

The new Execution History tab provides a streamlined way to monitor the progress of acting on remediation plans. You can now access the status, history, and logs of a plan execution on each included system.

Additional fixes and enhancements

The following features have been implemented to improve Remediations:

UI fixes and improvements

Several updates and fixes have been implemented to improve Inventory, including:

New recommendations released

The Red Hat Lightspeed Advisor service now detects and recommends solutions for the following issues:

RHEL AI Update Task

You can now update a connected RHEL AI system using the Red Hat Lightspeed tasks service. Options include triggering a z-stream update or a minor version update to a supported version of RHEL AI. The Red Hat Lightspeed tasks service highlights systems running an unsupported RHEL AI version to help you quickly identify which systems need attention.

Image builder now shows AppStream lifecycle information

Image builder now shows lifecycle information for AppStreams that have multiple versions available. This enables customers to select an AppStream version with a lifecycle that aligns with their needs.

Red Hat Lightspeed planning for RHEL is now generally available

Red Hat Lightspeed planning for Red Hat Enterprise Linux (RHEL) is now available, delivering new features designed to assist with planning RHEL upgrades and monitoring the RHEL lifecycle status. In addition, Red Hat Lightspeed planning provides visibility into the tentative future roadmap for RHEL.