Integrate InsightVM Rapid7 security alerts

Eli · September 2023

Hey everyone, has anyone helped integrate InsightVM Rapid7 security alerts via a postgre database connection or through another way?

Raanan Dagan · September 2023

I have not tried this specific use case, but Cribl 4.1 added postgres as a database option. I hope that can help

JP Bourget · September 2023

I thought there is an API for pulling Alerts from InsightVM

Eli · September 2023

Would that be applicable if the InsightVM was on-prem instead of in the Cloud?

JP Bourget · September 2023

don't see why not

Eli · September 2023

I'll take a look at this. Thank you. <@U01Q3CZ5ABU> and <@U01J549PR6Y>

JP Bourget · September 2023

If I recall correctly, I think last time I did this (2019 or so) I created a report then pulled versions of a report to get new "findings"

JP Bourget · September 2023

which I assume is what you mean by alerts

JP Bourget · September 2023

it can get complicated quickly

Eli · September 2023

I'll have to verify with the customer on this.

JP Bourget · September 2023

Find out how they define a security alert.

Answers