Agent Attributes for InsightVM
You can configure each of your Insight Agents with custom attributes that InsightVM will import as asset tags. This attribute functionality allows you to label and group your deployed agents in InsightVM in ways that are meaningful to your organization. Attribute configuration and assignment can take place either during an Insight Agent command line installation or at a later time by modifying the attributes.json
file in each agent installation directory.
Attribute character requirements
Your custom attributes can contain the following characters:
- Upper and lowercase alphabetical characters
(A-Z, a-z)
- Numbers
(0-9)
- Underscores
_
- Dashes
-
- Equal signs
=
How to configure attributes during an Insight Agent installation
Command line installation required
Attribute configuration and assignment during Insight Agent installations is only supported with the command line installation method.
If you want to configure and assign attributes to Insight Agents at install time, you can do so by modifying the standard installation command with the additional formatting shown in the following operating system examples. If you want to specify multiple attributes at the same time, separate each attribute name with a comma.
Mac and Linux
For Mac and Linux assets, modify the standard configuration command with the --attributes
option. List your attributes inside the quotation marks:
1sudo ./configure_agent.sh --attributes "attribute1,attribute2,attribute3,attribute4"
Windows
For Windows assets, modify the standard install command with the CUSTOMATTRIBUTES
option. Substitute <installerType>
with x86_64
for most Windows architectures or arm64
for Windows ARM64 and list your attributes inside the quotation marks:
1msiexec /i agentinstaller-<installerType>.msi CUSTOMATTRIBUTES="attribute1,attribute2,attribute3,attribute4"
How to configure attributes using attributes.json
You can also configure and assign new attributes or update existing attribute associations for an asset by modifying its attributes.json
file in the Insight Agent installation directory. The Insight Agent installer creates this file for you automatically if you elect to assign attributes during the initial installation. By default, this file is placed in the following locations according to the asset's operating system:
- Mac and Linux -
/opt/rapid7/ir_agent/components/insight_agent/common/attributes.json
- Windows -
C:\Program Files\Rapid7\Insight Agent\components\insight_agent\common\attributes.json
What if my Insight Agent installation directory doesn't have this file?
If you didn't configure any attributes during the installation phase described earlier, you are free to create the attributes.json
manually and fill in any attributes as needed. Take care to place the file in the correct directory according to your asset's operating system or InsightVM will not be able to import the attributes defined by the file.
Attribute update characteristics
InsightVM will take action on updates in attributes.json
as necessary whenever the Insight Agent sends assessment data to the Insight Platform according to its normal communication schedule:
- If new attributes are defined in
attributes.json
, InsightVM will import these as new tags and associate them with the asset. - If previously defined attributes are removed from
attributes.json
, InsightVM will disassociate the corresponding tags from the asset.- InsightVM will never delete asset tags from the Security Console in response to changes in
attributes.json
. If you wish to delete asset tags entirely, you must do so manually.
- InsightVM will never delete asset tags from the Security Console in response to changes in
Example attributes.json structure
The following example shows how each of your attributes.json
files must be formatted:
json
1{2"attributes": "attribute1,attribute2,attribute3,attribute4"3}
Note that multiple attributes are separated with commas in the same manner as the command line installation method.
What if my attributes.json file has a "version" key in it?
attributes.json
file that were generated during the installation of the Insight Agent include a version
key with a baseline value. This key-value pair is not used during an InsightVM import process, so feel free to ignore it.