Release LoadGen Api, Appliance and MCP Server: 1.0.0.12098

Release LoadGen Api, Appliance and MCP Server: 1.0.0.12098

LoadGen General

  • Upgrade note — one-time Insight configuration refresh. This release adds two new Insight machine-group monitoring capabilities (see the API section). On upgrade, every existing machine group is brought up to the new configuration shape once, which triggers a single, benign configuration re-push to your Insight agents on their next check-in. The new sections default to disabled, so nothing starts monitoring and no agent or monitor restarts.
  • Clearer naming for the legacy Run-As Profiles store. After the platform-wide Run-As Profiles → Credential Profiles rename, the Configuration → Backup export picker and the repository Sync Collections entity list both showed "Run-As Profiles" next to "Credential Profiles", which read as a stale duplicate. The legacy entry is now labelled "Run-As Profiles (legacy mirror)" to make clear the two back distinct, live stores. Existing backup bundles and sync mappings are unaffected.

LoadGen Api

  • Analyse — API refinements. The Analyse analytics API is easier to consume: valid metric names can be discovered up front (so a typo no longer silently returns an empty panel), a valid query that simply has no data now returns an empty result with 200 instead of a misleading 404, correlation returns the aligned scatter points, and validation errors are standardised into a consistent field-level shape.
  • [#9157] Fixed the Test Analysis Overview (Testing → Results → Analysis) showing "No measurement data available." for every run. Per-action measurement aggregates — count, success/failure split, min/max/average and the P50–P99 percentiles — are now computed server-side over the full result set and returned in the shape the page expects.
  • [#9157] Analyse — accuracy, counter selection and new views. A wave of Test Analysis improvements: resource charts (CPU / memory / disk / network) now match the values in the database and let you pick an exact performance counter, with the counter pickers populated from the run's real counters on both SQL and InfluxDB datasources; an Application filter scopes Trends, Percentiles, Distribution and Correlation; a new per-measurement timeline view plots one line per measurement of a chosen application; correlation returns aligned scatter points with timestamps; the correlation/bottleneck overlay can now carry either a transaction or a counter on each axis; charts can show raw (un-averaged) samples; and failed or cancelled runs are now selectable for analysis.
  • [#9157] Report builder — saved charts, live preview, AI drafting and professional PDFs. Reports can now embed your saved Analyse charts, re-rendered live against the report's chosen run, and the report editor gained a live preview plus optional AI-assisted section drafting grounded in the run's real metrics. Generated PDFs were overhauled into a professional layout: a proper cover page, a Table of Contents with real page numbers and a clickable PDF outline, "Page X of Y" footers, one figure per page, correct timeline axes, readable rounded chart labels, and rendered narrative text. Reports now render natively on both Windows and Linux appliances.
  • [#9157] Durations are reported in seconds. Standardised transaction and sub-transaction durations to seconds end-to-end across the Test Analysis tabs and generated reports; some surfaces previously mislabelled these values as milliseconds. The Transactions and Compare tabs now also read the same per-measurement duration as the Overview grid.
  • Core Agent dispatch — classic-technology load tests run reliably. Fixed several issues that could cause Citrix, VMware Horizon, WVD and Full Agent load tests dispatched through the platform to fail to run: sessions could start, but the script, its images or its datasources were not delivered to the agent, so the run stalled with no progress. Scripts (including the correct script language), images and datasources now resolve consistently from the published workload, the newest published workload version is used, and script global variables shared across virtual users are honoured. A related monitoring dispatch path that could crash a Full Agent was also fixed.
  • API Testing — "log in once and reuse the token", real response data, and environments. The visual API-flow builder now delivers its two most-requested patterns end to end: a base login flow returns its captured bearer token to the flows that call it, and a capture step (or any {{ }} expression) can read the real prior response through a new response. namespace (response.body.field, response.status, response.headers.). Environment variables ({{env.*}}) now reach every expression. The API Sources list also shows real version, status and impacted-flow counts instead of zeros.
  • API Testing — data-driven testing and new node types. Added real loop iteration (control.forEach), a CSV dataset node and a read-only database lookup node, so a flow can iterate rows from inline CSV or a query and run the body once per row. New request and assertion nodes broaden coverage toward Postman / Insomnia / Bruno parity: GraphQL, WebSocket and Server-Sent-Events request nodes; an assert.header node; per-assertion soft/hard mode; and sandboxed pre/post-request JavaScript (script.pre / script.post) with a curated test() / expect() API.
  • API Testing — CI reporting, retries, error handling and flaky-node detection. A run can now be exported as a JUnit or self-contained HTML report (GET /api-testing/runs/{runId}/report?format=junit|html), with ready-made PowerShell and bash pipeline wrapper scripts, so an API flow can gate a CI build. Flows gained per-node retry policies and a control.error-handler node (a caught failure no longer fails the run), and analytics gained flaky-node detection that surfaces nodes which intermittently pass and fail. Each node's output variables — including a called flow's child outputs — now appear in the run timeline.
  • API Testing — scheduling and security hardening. Scheduled runs are more robust: retries now survive an API restart, an overlap guard stops a schedule stacking runs, a stuck-run reaper fails and alerts on hung runs, and the terminal status is written back so a schedule no longer shows a perpetual "Queued". Security was hardened throughout: flow HTTP requests now re-validate every redirect hop against the SSRF guard and drop credentials on cross-origin redirects; captured request/response bodies and environment secrets are masked in every read (including the list endpoints); {{var}} substitution into a JSON body is escaped correctly; and the save-time Validate action now matches what the engine will actually run.
  • Insight — foreground-window and logon-phase monitoring. Windows Insight agents can be configured for two new monitoring capabilities from a machine group's configuration: foreground-window UX timing (application-launch and active-window metrics) and logon-phase monitoring (per-logon total plus profile, GPO, scripts, FSLogix and shell phase timings, and the processes started during logon). Both are disabled by default and other agent platforms safely ignore them. (See the General upgrade note about the one-time configuration refresh.)
  • Insight — analytics and charts. Introduced an Insight analytics read path so Insight metrics can be explored and charted like load-test results: system / process / network performance and connections as time-series, WMI inventory and event explorers, UX-timing views, and dedicated logon-timing charts. Saved charts gained a category and a searchable description, and saved Insight time-series charts can be embedded in generated reports. Tag filters accept free text and wildcards (for example citrix). Insight analytics require an Insight-category InfluxDB datasource with a read-capable token — the datasource connection test now fails a write-only token for an Insight datasource with a clear message.
  • SessionSight — capture, privacy and Windows appliance ingest. SessionSight now captures page-view navigation in single-page apps — the keystone that page-view goals, funnels, journeys and the dashboard depend on — and assigns each browser a stable anonymous visitor id so visitors are counted distinctly. Privacy capture was hardened: password and sensitive fields are hard-redacted in every masking mode, and capture fails closed to Strict until the masking configuration loads. On Windows appliances, SessionSight data now ingests correctly. Deleting a tenant or container no longer purges analytics data unless you explicitly request it.
  • SessionSight — goals, funnels, heatmaps and integrations. Goals and funnels now count conversions per session rather than raw matched events, multi-step page-view funnels advance correctly, and heatmaps render real click hotspots aligned to the page. Fixed the Google Analytics 4 integration failing every token exchange, the AI panel discarding the typed question, and several dashboard and contract mismatches. The Marketing Command Center gained working backends for multi-touch attribution, channel grouping and tenant groups.
  • SessionSight — Journeys (user-path discovery). A new Journeys flow discovers the real navigation paths users take from SessionSight session data, ranks them by frequency, reports each path's conversion rate, and turns an approved path into a LoadGen web-test / monitoring script — no monitoring datasource required. A discovered path can also be promoted directly into a (disabled) synthetic monitoring check, and URL-normalization rules are operator-editable per container.
  • SessionSight — worker reliability. Fixed a SessionSight worker crash-loop at startup on Windows, and an oversized-write condition against a remote InfluxDB that could stall analytics and slow the wider platform. Writes are now size-bounded and self-correcting, and a genuinely oversized record is quarantined rather than blocking the queue.
  • [#9182] Fixed Run Test raising a false "One or more agents have sessionStreams=0. This may indicate a misconfigured agent." warning on every run for a correctly configured Core Agent installed as a Windows Service. Ramp-up validation now mirrors the runtime's own session-stream calculation, so a Core-Agent-only profile no longer trips the warning; a genuinely unconfigured agent still does.
  • [#9186] Fixed a Core Agent flipping to Unavailable when a Full Agent was added on a host that already had an online Core Agent (same hostname/IP). Core, Full and VDI agents on one host are now merged correctly and coexist.
  • [#9187] Fixed Full and VDI agent status probes hanging and then showing Offline with no reason when the appliance could not reach the agent. The probe now returns a fast, deterministic agent-offline result within the UI's timeout budget. (A genuinely unreachable agent still shows Offline — check agent-host reachability and firewall.)
  • [#9179] Uptime alert emails now automatically include the failing check's context — Check / Target / Type / Status / Reason — so when one alert profile covers several checks you can immediately see which check failed and why. Existing triggers are enriched with no template editing, and a custom template that already surfaces this context is not double-rendered.
  • [#9181] Fixed a test ending as Cancelled with "User cancelled test." when no user pressed Stop (for example an automatic or scheduled stop). Cancellations are now attributed to their real initiator — a user, the API, or the system — and the stored reason reflects the actual cause; a genuine user stop still reads "User cancelled test."
  • Security — dependency updates. Bumped two packages in the API image to clear high-severity advisories flagged by the image vulnerability scan: Microsoft.OpenApi 2.7.4 → 2.7.5 (CVE-2026-49451, uncontrolled recursion in the OpenAPI parser used by the API-testing import path) and Scriban 7.2.0 → 7.2.2 (GHSA-7jvp-hj45-2f2m, improper access control in the {{ }} template engine). Both are patch-level, behaviour-preserving fixes. Requires an API image rebuild.

LoadGen Appliance

  • [#9173] Fixed the SSL Certificate Status table showing a stale expiry date after a Let's Encrypt issuance or renewal. The certificate reader now reads the live managed certificate first, so the reported expiry matches the certificate actually being served. Custom and self-signed modes are unchanged.
  • [#9177] Fixed the HTTPS wizard showing a perpetual "Issuance in flight" spinner with no error, progress or way out when a Let's Encrypt issuance stalled or failed. Issuance now reaches a terminal Timed out or Failed state with a reason (for example a rate limit or a DNS-validation problem) once it has been outstanding too long, and Cancel reverts to the previous working certificate. Older appliances keep reporting the existing states.
  • [#8955] Fixed Promote to Master (Licensing → Master / Multi-Site) reporting success but leaving the appliance running in Local mode, so a second appliance still got "Not a Master appliance" on enrollment. Promote (and Demote) now activate the mode by restarting the API automatically after saving the flag, and the response tells the frontend whether the restart was triggered or a manual restart is still required — so you are never shown a silent false success.

LoadGen Core Agent Appliance

  • New — Core Agent Appliance. LoadGen now supports a dedicated, Docker-less Core Agent Appliance: a lightweight agent that registers with your Platform, is approved by an administrator, and adds headless load-generation capacity you manage from the frontend. It runs only the Core Agent as a native service and is distinct from the full LoadGen Appliance. This release delivers the platform-side management and the on-box agent end to end — registration, approval, management, and using an approved appliance in a load test.
  • Registration and approval. A new appliance enrolls with the Platform using an enrollment token and appears under Infrastructure → Core Agent Appliances as Pending. An administrator Approves (or Denies) it, and only approved appliances can run tests. On approval the appliance is issued a unique per-appliance key. The enrollment token and the per-appliance key are shown once — copy them when they are displayed, as they are not shown again.
  • The on-box agent. Each appliance runs a small management agent alongside the Core Agent, exposing a secured local API and a boot console with an interactive login menu: view status and logs, set the Platform URL and enrollment token, change the IP address or hostname, test the connection, and restart the services. The appliance dials out to the Platform to register and to send heartbeats, and it shows its Platform connection status on the boot banner.
  • Managing an approved appliance. From the per-appliance Manage view you can see the appliance's status, both version numbers (the Core Agent and the on-box Appliance Agent), restart the Core Agent, view recent logs, and push updates. An appliance that stops sending heartbeats is shown as Offline.
  • Using an approved appliance in a load test. An approved Core Agent Appliance automatically appears in the Core Agent pool and can be assigned to a load profile like any other Core Agent (a left-nav entry is added under Infrastructure). Constraint: the Core Agent Appliance runs Web/Core (headless) load tests only — Citrix, RDS and VMware desktop technologies are not supported on this variant; route those to Full Agents.
  • Modes and firewall ports. Each appliance shows a Mode: Appliance (a LoadGen-built appliance image) or Self-Hosted (a Core Agent you installed yourself). Ports to open: the appliance dials out to the Platform on HTTPS 443 (registration and heartbeat); the Platform reaches the appliance on 5050 (management) and 4850 (load dispatch); and the appliance returns results on 4851.

LoadGen MCP Server

  • [#9181] Stopping a running test through the MCP server now records the accurate cancellation reason instead of mislabelling it as "User cancelled test." — an API-initiated stop is attributed to the API. This is the MCP side of the cancellation-attribution fix in the API section.
Was this article helpful?
0 out of 0 found this helpful