Difference between revisions of "Rapid7 InsightVM"
Jump to navigation
Jump to search
| Line 65: | Line 65: | ||
* <code>Asset</code> '''(MANDATORY)''' - The IP or Name of the Asset to scan; | * <code>Asset</code> '''(MANDATORY)''' - The IP or Name of the Asset to scan; | ||
* <code>TemplateID</code> '''(MANDATORY)''' - The identifier of the scan template; | * <code>TemplateID</code> '''(MANDATORY)''' - The identifier of the scan template; | ||
| − | * <code>Name</code> - The user-driven scan name for the scan | + | * <code>Name</code> - The user-driven scan name for the scan. |
====Output Parameters==== | ====Output Parameters==== | ||
| Line 102: | Line 102: | ||
* <code>vModerate</code> - The number of Moderate Vulnerabilities detected by the Scan; | * <code>vModerate</code> - The number of Moderate Vulnerabilities detected by the Scan; | ||
* <code>vSevere</code> - The number of Severe Vulnerabilities detected by the Scan; | * <code>vSevere</code> - The number of Severe Vulnerabilities detected by the Scan; | ||
| − | * <code>vTotal</code> - The total number of Vulnerabilities detected by the Scan | + | * <code>vTotal</code> - The total number of Vulnerabilities detected by the Scan. |
</div></div> | </div></div> | ||
| Line 120: | Line 120: | ||
* <code>IgnoreBadCerts</code> '''(MANDATORY)''' - When set to true, the IgnoreBadCerts input parameter will allow the operation to function even if the SSL certificate on your InsightVM deployment is self-certified or expired; | * <code>IgnoreBadCerts</code> '''(MANDATORY)''' - When set to true, the IgnoreBadCerts input parameter will allow the operation to function even if the SSL certificate on your InsightVM deployment is self-certified or expired; | ||
| − | * <code>HostName</code> - The HostName of the Asset to retrieve | + | * <code>HostName</code> - The HostName of the Asset to retrieve; |
* <code>IPAddress</code> - The IP Address of the Asset to retrieve. | * <code>IPAddress</code> - The IP Address of the Asset to retrieve. | ||
| Line 135: | Line 135: | ||
* <code>vModerate</code> - The number of Moderate Vulnerabilities on the Asset; | * <code>vModerate</code> - The number of Moderate Vulnerabilities on the Asset; | ||
* <code>vSevere</code> - The number of Severe Vulnerabilities on the Asset; | * <code>vSevere</code> - The number of Severe Vulnerabilities on the Asset; | ||
| − | * <code>vTotal</code> - The total number of Vulnerabilities on the Asset | + | * <code>vTotal</code> - The total number of Vulnerabilities on the Asset. |
</div></div> | </div></div> | ||
| + | <div class="mw-collapsible mw-collapsed" data-collapsetext="Show Less" data-expandtext="Read More" style="width:1050px"> | ||
| + | ===Create Tag=== | ||
| + | <div class="mw-collapsible-content"> | ||
| + | Creates a new Tag. See the [https://help.rapid7.com/insightvm/en-us/api/index.html#operation/createTag InsightVM operation documentation] for more information. | ||
| + | |||
| + | ====Extra Credentials==== | ||
| + | |||
| + | This operation requires an extra credential to be provided: | ||
| + | |||
| + | Credential Reference: credential1 | ||
| + | Credential Keysafe Key Type: Username + Password | ||
| + | |||
| + | ====Input Parameters==== | ||
| + | |||
| + | * <code>IgnoreBadCerts</code> '''(MANDATORY)''' - When set to true, the IgnoreBadCerts input parameter will allow the operation to function even if the SSL certificate on your InsightVM deployment is self-certified or expired; | ||
| + | * <code>Color</code> - Color of the new Tag; | ||
| + | * <code>Name</code> '''(MANDATORY)''' - The Name of the new Tag; | ||
| + | * <code>RiskModifier</code> - The Risk Modifier value of the new Tag; | ||
| + | * <code>Type</code> '''(MANDATORY)''' - The Type of the new Tag. | ||
| + | |||
| + | ====Output Parameters==== | ||
| + | |||
| + | * <code>errors</code> - Any errors returned by the operation; | ||
| + | * <code>outcome</code> - Outcome of the operation. Can be OK or FAIL; | ||
| + | * <code>id</code> - The ID of the Tag. | ||
| + | </div></div> | ||
| + | |||
| + | <div class="mw-collapsible mw-collapsed" data-collapsetext="Show Less" data-expandtext="Read More" style="width:1050px"> | ||
| + | ===Add Asset Tag=== | ||
| + | <div class="mw-collapsible-content"> | ||
| + | Adds a Tag to an Asset. See the [https://help.rapid7.com/insightvm/en-us/api/index.html#operation/addAssetTag InsightVM operation documentation] for more information. | ||
| + | |||
| + | ====Extra Credentials==== | ||
| + | |||
| + | This operation requires an extra credential to be provided: | ||
| + | |||
| + | Credential Reference: credential1 | ||
| + | Credential Keysafe Key Type: Username + Password | ||
| + | |||
| + | ====Input Parameters==== | ||
| + | |||
| + | * <code>IgnoreBadCerts</code> '''(MANDATORY)''' - When set to true, the IgnoreBadCerts input parameter will allow the operation to function even if the SSL certificate on your InsightVM deployment is self-certified or expired; | ||
| + | * <code>AssetID</code> '''(MANDATORY)''' - The ID of the Asset; | ||
| + | * <code>TagID</code> '''(MANDATORY)''' - The ID of the Tag. | ||
| + | |||
| + | ====Output Parameters==== | ||
| + | |||
| + | * <code>errors</code> - Any errors returned by the operation; | ||
| + | * <code>outcome</code> - Outcome of the operation. Can be OK or FAIL; | ||
| + | </div></div> | ||
[[Category:ITOM]] | [[Category:ITOM]] | ||
Revision as of 12:24, 8 April 2020
| Home > Administration > IT Operations Management > ITOM Package Library > Hyper-V | Index |
IntroductionThe Rapid7 InsightVM package for Hornbill's IT Operations Management (ITOM) contains operations to automate vulnerability management operations within Rapid7 InsightVM deployments. |
|
Target Environment Requirements
Script Execution Machine Requirements
- If the script execution policy on the machine executing these operations is set to Restricted, then this will need to be updated to something less restrictive. See the PowerShell Documentation for more information.
KeySafe Configuration
When creating SIS jobs for operations contained within this package, they need to be run on the target machine as a user who has the correct privileges within your environment, and will require an additional KeySafe Key to hold the account credentials to connect to InsightVM.
To configure your Target Machine account authentication in KeySafe:
- In the Admin console, navigate to: System > Security > KeySafe;
- Click on + then select
Username + Password; - Give the KeySafe Key a Title (this is the name/identifier for the target machine account as you will see it when creating an IT Automation Job, or adding an IT Automation node to a Business Process or Runbook);
- Optionally add a description;
- Populate the Username field with the domain/local account username for the account being used on the target machine;
- Populate the Password field with the password for the above account;
- Select Create Key to save.
To configure your InsightVM account authentication in KeySafe:
- In the Admin console, navigate to: System > Security > KeySafe;
- Click on + then select
Username + Password; - Give the KeySafe Key a Title (this is the name/identifier for the target machine account as you will see it when creating an IT Automation Job, or adding an IT Automation node to a Business Process or Runbook);
- Optionally add a description;
- Populate the Username field with the Username of the InsightVM account that ITOM will use to perform the operations;
- Populate the Password field with the password for the above account;
- Endpoint - this should be populated with the API Endpoint for your Rapid7 InsightVM deployment. For example: https://{your.insightvm.hostname}:3780 where {your.insightvm.hostname} should be replaced by the host domain of the InsightVM server, and 3780 is the default port for making API calls to the server;
- Select Create Key to save.
Package Operations
The Rapid7 InsightVM package contains the following operations, than can be used to create ITOM Jobs directly, or included in your Business Processes and/or IT Operations Management Rubooks.
Start Scan
Starts a Scan against a Host on a Site. See the InsightVM operation documentation for more information.
Extra Credentials
This operation requires an extra credential to be provided:
Credential Reference: credential1 Credential Keysafe Key Type: Username + Password
Input Parameters
IgnoreBadCerts(MANDATORY) - When set to true, the IgnoreBadCerts input parameter will allow the operation to function even if the SSL certificate on your InsightVM deployment is self-certified or expired;SiteID(MANDATORY) - The ID of the Site to initiate the scan against;EngineID(MANDATORY) - The identifier of the scan engine;Asset(MANDATORY) - The IP or Name of the Asset to scan;TemplateID(MANDATORY) - The identifier of the scan template;Name- The user-driven scan name for the scan.
Output Parameters
errors- Any errors returned by the operation;outcome- Outcome of the operation. Can be OK or FAIL;id- The ID of the Scan.
Get Scan Details
Retrives information about a scan. See the InsightVM operation documentation for more information.
Extra Credentials
This operation requires an extra credential to be provided:
Credential Reference: credential1 Credential Keysafe Key Type: Username + Password
Input Parameters
IgnoreBadCerts(MANDATORY) - When set to true, the IgnoreBadCerts input parameter will allow the operation to function even if the SSL certificate on your InsightVM deployment is self-certified or expired;ScanID(MANDATORY) - The ID of the Scan to retrieve.
Output Parameters
errors- Any errors returned by the operation;outcome- Outcome of the operation. Can be OK or FAIL;id- The ID of the Scan;startTime- The start date and time of the Scan;endTime- The end date and time of the Scan;status- The status of the Scan;vCritical- The number of Critial Vulnerabilities detected by the Scan;vModerate- The number of Moderate Vulnerabilities detected by the Scan;vSevere- The number of Severe Vulnerabilities detected by the Scan;vTotal- The total number of Vulnerabilities detected by the Scan.
Get Asset Details
Retrives information about an asset, when supplied the assets HostName or IP Address. If values for both are provided then the HostName will be used. See the InsightVM operation documentation for more information.
Extra Credentials
This operation requires an extra credential to be provided:
Credential Reference: credential1 Credential Keysafe Key Type: Username + Password
Input Parameters
IgnoreBadCerts(MANDATORY) - When set to true, the IgnoreBadCerts input parameter will allow the operation to function even if the SSL certificate on your InsightVM deployment is self-certified or expired;HostName- The HostName of the Asset to retrieve;IPAddress- The IP Address of the Asset to retrieve.
Output Parameters
errors- Any errors returned by the operation;outcome- Outcome of the operation. Can be OK or FAIL;id- The ID of the Asset;ip- The IP Address of the Asset;hostName- The HostName of the Asset;riskScore- The Risk Score for the Asset;vCritical- The number of Critial Vulnerabilities on the Asset;vExploits- The number of Exploit Vulnerabilities on the Asset;vModerate- The number of Moderate Vulnerabilities on the Asset;vSevere- The number of Severe Vulnerabilities on the Asset;vTotal- The total number of Vulnerabilities on the Asset.
Create Tag
Creates a new Tag. See the InsightVM operation documentation for more information.
Extra Credentials
This operation requires an extra credential to be provided:
Credential Reference: credential1 Credential Keysafe Key Type: Username + Password
Input Parameters
IgnoreBadCerts(MANDATORY) - When set to true, the IgnoreBadCerts input parameter will allow the operation to function even if the SSL certificate on your InsightVM deployment is self-certified or expired;Color- Color of the new Tag;Name(MANDATORY) - The Name of the new Tag;RiskModifier- The Risk Modifier value of the new Tag;Type(MANDATORY) - The Type of the new Tag.
Output Parameters
errors- Any errors returned by the operation;outcome- Outcome of the operation. Can be OK or FAIL;id- The ID of the Tag.
Add Asset Tag
Adds a Tag to an Asset. See the InsightVM operation documentation for more information.
Extra Credentials
This operation requires an extra credential to be provided:
Credential Reference: credential1 Credential Keysafe Key Type: Username + Password
Input Parameters
IgnoreBadCerts(MANDATORY) - When set to true, the IgnoreBadCerts input parameter will allow the operation to function even if the SSL certificate on your InsightVM deployment is self-certified or expired;AssetID(MANDATORY) - The ID of the Asset;TagID(MANDATORY) - The ID of the Tag.
Output Parameters
errors- Any errors returned by the operation;outcome- Outcome of the operation. Can be OK or FAIL;