Release notes

We've added support for ARM-based processors for Linux. With this feature, you and your team can effectively monitor, manage, and even automate tasks on any Linux device using ARM architecture. This allows our users to include a much wider range of devices, including but not limited to ARM-based servers, Raspberry Pi computers, IoT devices, and other embedded systems.

• Scripts have received a makeover. As scripts become more essential, a bigger, better view was needed. They now have their own dedicated page with a much larger area dedicated towards the editor.
• Connection monitors can now be configured to alert when a device comes online. This can be useful for locating lost or stolen devices. As soon as the device comes online you can use Level to run a script that grabs the IP address or location.
• Service alerts now trigger on services that get stuck in a "starting" or "stopping" state.
• The remote service list now includes a "Service Name" column in addition to the existing "Display Name". The service name is important because it can be used to create a service monitor.
• We've added a variety of new fields to the device list CSV export. This includes the new security score as well as information about the manufacturer, model, and serial number of the device.
• The video encoder for remote control has been updated. This will bring speed and reliability improvements. The update also removes the "Media Feature Pack" dependency for Windows N devices.

• When a patch policy is enabled, Level turns off the operating system's auto-update functionality. A bug was preventing this from happening on some Windows devices. This has been resolved.
• Attempting to reinstall Level shortly after using a remote terminal session could lead to an error about a file remaining in use. We should now be properly closing the "winpty" file in all circumstances.
• Pasting large blocks of text could result in garbled output near the end of the body. This has been resolved and pasting speed has been improved.

Level now handles devices that were offline during your scheduled patch policy window. Our patch policies are a great way to keep your devices up-to-date and keep your Security Score nice and high. However, devices that were offline would simply fail to install and try again the next time the policy ran. We know that it can be quite difficult to ensure that some devices are online at the right time.

We've got you covered. Any devices that miss a scheduled install will be updated the next time Level sees them. Updates that require a reboot will still be installed but the device will not be rebooted. This feature can be easily configured in the patch policy settings.

• We've added real copy-and-paste actions to remote control sessions. The new copy action grabs the highlighted text on the remote machine and inserts it into your local clipboard. The new paste action takes the text from your local clipboard and outputs it on the remote machine. Best of all, paste works on the login screen!
• The previous actions for "Get Clipboard" and "Send Clipboard" are still available to transfer and maintain clipboard contents with ease between your local and remote devices.
• The scripts page has been updated to use our new table. This aligns with other table updates across the app and allows for sorting, column selection, and bulk actions. More improvements coming here soon.

• Level was a little overzealous in preventing scripts from being deleted. Previously we would stop you if the script had ever been used in an alert. Now you can delete any script that isn't actively being used for a device monitor.
• Editing a monitor with a "breach duration" of 0 was sometimes causing the duration to be changed to 1. This should no longer happen.
• Before installing updates, the Level agent has to query Windows to get more information about each one. Previously, this action had a timeout of one minute but it turns out that older machines could take much longer. The timeout for this phase has been greatly increased.
• During a Windows shutdown, the security center stops working. If the agent happened to query the security center during this time we would get back negative values that could temporarily reduce the device's security score. We now ignore these values.
• The admin account count should now be correct on non-English machines.
• Some of the HTTP requests coming from the agent didn't have an explicit timeout set. This could potentially lead to hanging requests. This has been addressed and all HTTP requests have a timeout.
• We now prevent a role from being deleted while it has active user invites associated with it.
• A bug popped up in a recent release that caused the toast message shown after taking an action on a single device to incorrectly show the count of all devices that matched the current search. The message now properly reflects the action.
• We fixed a bug that caused the process and services sidebar in a remote control session to appear blank until it was collapsed and reopened. Now it should always show content the first time.

To help users leverage Level's powerful new Security Score, we have added a column to the device list that displays the Security Score at a glance for each device. This column can be sorted to quickly identify the devices with the highest risk, allowing users to prioritize which devices need to be addressed first and to get all of their devices in a safe and compliant state.

• Security score can be negatively impacted by the age of available updates on a device. To help identify these older updates, we've added a column to the update list that shows an update's age with warning indicators as they get older.
• Running an end-of-life operating system version can be the source of many security vulnerabilities. Level now detects these versions and draws attention to them through the security score. Windows and macOS only for now. Linux distros coming soon.

• Fixed a bug that prevented a device's memory from being shown when the "location" was empty.
• The "Total CPU Usage" on the process manager wasn't properly dividing the usage by the number of cores. Now it should be more accurate.
• We had a bug that sometimes caused team invites to show "This invite is expired". The invite would still work but it caused a lot of confusion. This warning should now only show when the invite is actually expired.
• Each script execution returns an exit code that is supposed to be shown when you hover over the "Error" status. A recent bug turned off the hover effect but it's been restored.

The security of your devices is important. We understand this as much as anyone. With the rising number of malicious cyber threats and attacks, it's more important than ever to keep your devices secure. We think we've got you covered.

We're absolutely thrilled to introduce a new tool to your endpoint management arsenal: Security Score. This powerful addition analyzes your device's security-related features and processes them through a unique scoring algorithm. It takes into account a range of factors, such as the state of your device's firewall, the presence of antivirus software, the number of administrator accounts, and many other metrics.

With Security Score, you get an instant snapshot of your device's current level of risk. Plus, you'll receive a bird's eye view of the steps you can take to improve your device's security. Whether it's installing antivirus or improving your device's internet settings, we'll provide you with clear and concise recommendations to help you stay protected.

Checking your device's Security Score is as easy as viewing your device's overview page. No matter what operating system you are working with, you will receive a breakdown of the key security score metrics, allowing you to assess your security issues and lower your risk.

• Each device now has its own dedicated "Notes" field.
• Run a patch policy immediately by hitting the "Run policy now" button on the patch policy page.
• We now report on the disk encryption status of Linux partitions.

• Fixed a bug that could cause an agent to become hung if it received an "unauthorized" response from our API servers during its initial boot.
• In some cases, running an uptime monitoring tool alongside Level was causing a lower "Reachability" percentage as ping packets were being intercepted. We've updated our packet tracking code.
• The process manager on macOS was missing some user-owned processes. These have been added.

• We've added more "rerun" options to jobs. You can now easily rerun other scripts on the same group of devices.
• Devices can now be patched in bulk. You can install all available updates on one or more devices right from the device list.
• You can now export the results of a job to a CSV.
• Script executions will no longer time out if they are attempted on a device that doesn't have the specified shell. The device now reports "shell not found" as part of the stderr output.

• We now show disks and partitions for Linux devices using LVM.
• On macOS, it was possible for the Level user service to get into a state that the system agent didn't know how to handle. This could cause remote control to fail. We now recognize this failure state and recover the user service.
• A corrupted database could cause the agent to get stuck in a panic -> restart loop. The agent now recreates the database if it recognizes that it's been corrupted.
• Fixed a bug on the permissions page where granting permissions could sometimes cause the displayed role to change.
• Editing a monitor would sometimes incorrectly show that it had no remediation script. We went ahead and remediated the remediation script bug.
• During a previous release, we introduced a bug that could cause Level to orphan some processes during remote control. This is now fixed.
• Fixed a bug with disk reporting that caused us to miss partitions when there were multiple on the same drive.
• We found a bug with our uptime percent calculation that could cause some devices to show up to 3% lower than they should have been. Getting 100% uptime was rare before, it should be common now.
• Creating and selecting many new tags on the device overview page could cause some of those tags to appear as unselected. This should now work as expected.
• Some Mac silicon machines were having a timeout while initializing remote control. We still need to get to the bottom of what's causing the delay but, for now, we've extended the timeout so that they may connect.
• Trying to use caps lock during remote control was causing a fight between the local state and the remote state. The fix was to stop sending caps lock to the remote machine, now we just send the capitalized characters.
• "Process" and "Service" links now work from the device list right-click shortcut.

• Minimized RDP sessions do not draw a GUI, so streaming those sessions is impossible. The agent can now detect a GUI-less session and show a helpful message.
• We've greatly improved the support capabilities of the Level agent. It can now give us much more detailed information about any problems you might encounter. We hope you don't ever need it but if you do, we will be able to diagnose issues faster.
• Labels for network interfaces are no longer the generic "Interface 1" through "Interface 10". The label now corresponds to the interface names from the machine ("en0", "loopback", etc).
• We've added proper sorting for the CPUs, memory, disks, disk partitions, and network interfaces of a device.
• You can now turn on/off maintenance mode for many devices at once from the device listing.
• Level now visually identifies the primary partition for each device. Combined with the existing encryption status for each partition, you can see if your device is protected by BitLocker or FileVault. More to come on this soon...

• The Linux agent will no longer report "wtmp" as the last logged-in user.
• Installing the agent on Apple Silicon machines sometimes caused a launchctl error to be displayed. The install still worked but the message made it seem like it hadn't. This error should no longer occur.
• Fixed a parsing bug that caused the "os install date" to be displayed incorrectly on Mac and Linux devices.
• Leaving a Level tab open for a few hours sometimes caused the WebSocket connection to disconnect. This would prevent future remote management sessions from working until the tab was refreshed. We now take care to keep the socket running for as long as the tab is open.
• Fixed a bug that caused the partition usage percentage to be displayed incorrectly when the size identifiers were mixed (example: 3 GB free on a 10 TB drive).
• Greek language Windows devices were displayed with a Linux icon. We've updated the icon to use more reliable methods of determining the OS so this shouldn't be a problem for other languages in the future.
• Fixed a bug that was preventing the "GB free" disk monitor from working.
• Removed "synthetic disks" from the disk partition listing on macOS devices.
• The device overview now maintains its proper width on smaller displays.
• The reachability graph should no longer grow beyond its bounds.

The device list has been made bigger and better, in every sense of the word. The list now occupies the entire width of your browser window, giving you the freedom to show as many or as few columns of information as you would like. And now with more columns of information available to be displayed upfront, it's a better time than ever to take advantage of your full screen real estate. Tailor the information you see that matters most to your specific daily workflow.

Along with an overhaul of the device list, we felt it time the device overview itself received a new look. Along with much more detailed device information, we went ahead and improved device navigation, making it easy to access the most important pages and tools. See priority updates and active alerts at a glance, and quickly view up-to-the-minute device health information. We also added the ability to quickly access remote access tools directly from the page header, giving you quick access to endpoints that need a more hands-on approach.

Along with the device view overhaul, Level now gathers more detailed information about all your endpoints via the new System tab. A wealth of operating system and hardware information has been collected, allowing a much deeper look into each of your endpoints. We've also broke down disk information more granularly, allowing you to see individual partitions and their occupied and remaining space. We remain committed to delivering the most important information about your endpoints without the need to remotely access them directly.

We’ve added session selection to remote control on Windows. Previously, you were only able to join the Console session. You can now freely switch between Console and active RDP sessions as needed. This is especially handy for organizations that have their end-users connect to virtual machines through RDP. Now they can hop into these sessions to provide better support.

• Reduced remote control connection time by 2-3 seconds, allowing for the faster access to your devices
• Added a "watchdog" process to Windows. The process assists the Windows Service Manager in keeping the Level service running, even when the unexpected happens.

• Some processes could have missing info when the process list first loads. This information is now populated more quickly.
• Ensure that "reboot required" is properly set on Windows.
• On macOS, some key combinations weren't working on international keyboards.
• Correctly display a service status even if it is in an unexpected format.
• Some key combinations could lead to an agent crash during remote control on macOS. We have reworked a lot of the input handling code.
• Fixed a bug that could cause the macOS login screen to not be streamable after a reboot.
• Fixed a Linux bug could lead to dpkg being in a bad state after an install that required a machine reboot.
• Resolved a bug that prevented Level from streaming a high dpi display when the device had mixed dpi displays.
• We now prevent users from suspending themselves. 😅
• It was possible for a "managed" session to get out of sync and remain in the UI even after the session has ended. Added a timeout and monitor that will clean these up after a couple of minutes with no activity.
• Reducing a device's resolution during a remote control session could lead to mouse offset until the page was refreshed. We now properly recalculate the mouse coordinates.
• Moving a device into a subgroup while in the parent group caused a loading spinner that spun forever. Removed the loading spinner when the device wasn't going anywhere.
• Changed "Last Seen At" to show "Now" for online devices. Previously it was showing a specific timestamp, that's not accurate because we have a constant socket open to online machines.

• Support for alerting in Linux has been added for the following file systems:
  • zfs
  • xfs
  • btrfs
  • reiserfs
• Support for navigating files in Linux has been added for the following file systems:
  • zfs
  • xfs
  • btrfs
  • reiserfs
• Support for logging has been added for Windows update jobs.
• Our application size is now up to 30 MB smaller due to a smarter handling of dependencies.
• We are now using osquery to retrieve detailed system information. Stay tuned for more.

• Fixed an issue with macOS where system updates would fail on Ventura.
• Fixed an issue with macOS where, on some machines, the agent would attempt to stream the wrong device.
• Fixed an issue where the file explorer would crash if no valid partitions were found.

Linux patch management is now available, empowering you to manage security, kernel, and package updates through patch policies or directly on individual Linux endpoints. Ensuring your machine always has the latest security patches can now be done swiftly and completely hands-free. With patch policies, you have automated, granular, and audited control over your system's updates.

Level currently supports apt and yum based systems, with plans to extend this to package managers like pacman, dnf, zypper and more!

Keep the devices you control secure by requiring two-factor authentication (2FA) for you and your entire team. Administrators can access the ability to require two-factor authentication from their account settings, adding an extra layer of security to team member's accounts and ultimately making it more difficult for malicious actors to gain access to the endpoints you manage. Administrators have also been given the ability to reset a user's two-factor authentication if a situation occurs in which it is necessary.

• Improved the network load of patch installations with an up-to 10x reduction in communication between the Level agent and API.
• Improved the network load of patch installations with an up-to 10x reduction in communication between the Level agent and API.
• New sortable columns have been added to the device list: last reboot, first seen, and last seen.

• Dragging windows when remote controlling a macOS device now works correctly.
• Fixed an issue where keyboard input was failing during remote control in some use cases.
• Leading and trailing whitespace in the IP allowlist no longer prevent the IP from being allowed

Support for macOS has officially moved out of beta, and with it comes the ability to manage updates. Updates for macOS can be manually managed from your individual macOS endpoints, or they can be assigned to your patch policies with the same scheduling and delay capabilities that exist with other operating systems. No matter the distance between you and your macOS devices, you can be rest assured they stay compliant and secure.

Staying up-to-date on your macOS endpoints and their health is important, and the ability to remedy them remotely through the Level interface. For those instances where you need to access them directly, we've now implemented Level's fast and reliable remote access capabilities for macOS devices. Level's innovative, secure, and fully-encrypted streaming allows you to control your macOS endpoints remotely with clarity and responsiveness.

Improve the security of the endpoints you manage by utilizing an IP allowlist. Restrict access to who can see the endpoints under your authority by enabling and disabling a specified IP address or a range of IP addresses. This is an administrator-level feature and is applied to your entire team through your organization's settings.

We've beefed up your scheduling capabilities with support for monthly scheduling. In contrast to weekly scheduling, monthly allows you to setup your policies to run at different intervals throughout a month. Whether you prefer every other week or even just once a month, you can be certain that you'll be able to put together an update schedule that works best for the endpoints you manage.

• Added international keyboard support for non-US keyboard layouts. 🌍

We've bolstered your ability to select the devices you've searched for by introducing multi-page selections. Simply enter your search parameters, add your filters, and select all of the devices that meet your search criteria across multiple pages. Never has it been easier to organize and tag devices, mass restart machines, or even run scripts across your entire selection.

We've implemented the ability to export your device list in CSV format, allowing users to build their own reports and audits. Select the device group and filters that you wish to export, whether it be all devices or a custom device group, and simply click Export to CSV to build your file. All data points of each device in the list will be exported in the CSV, even columns that are not currently visible.

• All policies now impacting a device can be seen from the policy page in the device overview.

• Fixed an issue with searching that caused less relevant results to appear first.
• Fixed an issue with bash scripts where improper line endings were allowed in scripts.

We've updated our device list with a brand new coat of paint! We've given users even more control with the addition of a brand new table, allowing for full column customization so you can pick and choose the information that is most relevant to you. We've also made sure our tags system was made front and center, allowing you to control your devices in a powerful and dynamic way. Quickly take control of your devices when necessary, and keep a watchful eye on any outstanding patches or ongoing alerts, all displayed front and center from the device list.

We've added documentation to our ever-growing and well-loved support channels. While we take pride that Level is simple and easy-to-use, sometimes a quick look at how to accomplish a specific task or tips on how to best utilize tags and policies is a welcome addition to any application. With detailed breakdowns and video walkthroughs for most major tasks in our application, we believe you'll find any answer you are looking for in our documentation.

• Alerting now has more accurate disk usage alerts.
• Disk partitions across all platforms have improved alerting, file exploring, and system metrics.
• Improved streaming robustness with Windows by now being able to adapt to unconventional environments (i.e. machines running other RMMs or management solutions).
• Windows now has better support for responding to display changes mid-stream.
• macOS process listing is faster and more reliable.

• Fixed a mouse control issue in multi-monitor setups.
• Fixed an issue when creating notifications for users would leave behind a zombie process.
• Fixed an issue in Windows where some machines could not retreive update history.
• Fixed i18n issues with Windows that led some to a degraded streaming experience.
• Fixed a bug in Windows with session enumeration.
• Fixed race conditions in Windows where several stream restarts might happen at the start of a stream session.
• Fixed an issue with macOS where input key combinations weren't handled properly.

Patch management has arrived! One of the most important IT tasks in any organization, patch policies insure that your endpoints and most important organizaton data are safe from serious security risks. Reduce system-related failures and save on costs associated with poor patch management by utilizing our unique tag-based system, our advanced scheduling system, and even the ability to schedule patch installations for offline devices.

With Level's patch management system, you can control device updates on a global level, or choose to install updates on an individual device. Users can view pending updates, choose which updates to download and install manually, and even get the full update history for the life of a device. Currently, Windows is the only support we offer, but expect to see MacOS and Linux support following shortly thereafter.

• An indicator has been added to show which side of a remote connection is connected peer-to-peer versus relay.
• Improved table paging, sorting, and searching response time.
• Improved the accuracy of our disk usage alerting on both Windows and MacOS.

• Fixed an integration issue with the Windows service manager that was affecting some of our users.
• Removed the dependency for winmgmt for our Windows implementation.
• Fixed an integration issue with launchd on MacOS where sometimes the service manager would have issues interacting with a service.

Firefox users rejoice! We firmly believe in the power of being able to access your devices from anywhere, in any browser. Firefox users make up a substantial percentage of browsers used, so we made sure to add support across our entire application to accommodate. We think we look pretty good running with our independent browser friends!

Our world-class security and privacy doesn't just extend to the techs using our app. Now end-users on a device will be informed when a tech from your team has begun a remote access session on the device. We believe it is important to make both users of Level and end-users receiving aid feel comfortable with our product.

• Alerts can now be set to trigger immediately when a threshold has been met.
• Remote access clipboard functionality has been improved.
• Active device groups have been made visually more distinctive.

• Fixed an issue where monitors were not sorting properly.
• Fixed disk usage calculation on Macs.

We've added monitoring policies to the Level toolset. Be informed of the status of your devices when you need to be by setting up robust monitoring policies. Using the power of our tagging system, structure and organize policies that work best for you and your team. Policies can be setup to track some of the most critical device health measurements, including CPU usage, memory usage, processes and services, and more.

Once in place, alerts will start to process when a monitor has reached a threshold breach for a duration you specify. This allows you and your team to act quickly, troubleshooting your critical devices as the need arises and staying informed without the need to dig into every machine's details. Talk about a time-saver.

• Clipboard functionality has been improved and support for large volumes of text have been added.
• Process management has been expanded to include the process display names and memory usage in MBs. Improvements have been made to the CPU usage calculations and more intelligent methods of enumerating processes in general.
• Support has been added to remote control for screen savers, now fluidly handled by the agent during a session.

• Fixed an issue with process management in which processes weren't being ended correctly.
• The Level agent will now rotate logs to ensure they don't consume too much disk space.

You can now manage processes running on your endpoints without the need to remote control them. Review CPU and memory usage of your individual processes with live, up-to-date details. View running processes, search for specific processes, and terminate processes—all from behind the scenes.

What would process management be without service management? Manage services completely without disrupting your end-users. View running and stopped services, search for a specific service to manage, and start, stop, or restart any service as needed. You can even change the startup type as needed.

Being able to manage processes and services through the app is a great experience, but we didn't stop there. Sometimes these actions need to be done while actively controlling a device, and we've made that easy too. Use the quick access sidebar while remote controlling your endpoints to take decisive action on processes and services without disrupting the end-user.

• Tables have been improved. Sorting data is easier than ever, and the ability to rearrange and resize your columns puts you in control. Curently used in the new processes and services management, expect all tables to receive the same treatment over time.
• The Manage page for a device has been split out to make the various management functions quickly accessible from anywhere on a device's overview page.
• Various performance enchantments made across the app and agent... and no, that's not a typo. +3 stamina to all endpoints. 🧙‍♂️

• The installation process has been made more robust, preventing failed or half-way installs.
• Fixed an issue where the agent could get in a bad state that blocked program updates.