Hey everyone, has anyone helped integrate InsightVM Rapid7 security alerts via a postgre database connection or through another way?
I have not tried this specific use case, but Cribl 4.1 added postgres as a database option. I hope that can help
I thought there is an API for pulling Alerts from InsightVM
Would that be applicable if the InsightVM was on-prem instead of in the Cloud?
don't see why not
I'll take a look at this. Thank you. <@U01Q3CZ5ABU> and <@U01J549PR6Y>
If I recall correctly, I think last time I did this (2019 or so) I created a report then pulled versions of a report to get new "findings"
which I assume is what you mean by alerts
it can get complicated quickly
I'll have to verify with the customer on this.
Find out how they define a security alert.