Integrate InsightVM Rapid7 security alerts

Eli

Hey everyone, has anyone helped integrate InsightVM Rapid7 security alerts via a postgre database connection or through another way?

Raanan Dagan

I have not tried this specific use case, but Cribl 4.1 added postgres as a database option. I hope that can help

JP Bourget

I thought there is an API for pulling Alerts from InsightVM

Eli

Would that be applicable if the InsightVM was on-prem instead of in the Cloud?

JP Bourget

don't see why not

Eli

I'll take a look at this. Thank you. <@U01Q3CZ5ABU&gt; and <@U01J549PR6Y&gt;

JP Bourget

If I recall correctly, I think last time I did this (2019 or so) I created a report then pulled versions of a report to get new "findings"

JP Bourget

which I assume is what you mean by alerts

JP Bourget

it can get complicated quickly

Eli

I'll have to verify with the customer on this.

JP Bourget

Find out how they define a security alert.