InsightVM Cloud and Console Plugins

InsightConnect integrates with two InsightVM interfaces: the Insight Cloud and the Security Console. The InsightVM Cloud Plugin uses the InsightVM Cloud API and the InsightVM Integrations API, where the InsightVM Console Plugin uses the InsightVM v3 API.

The InsightVM Cloud Plugin generally supports:

Jump to InsightVM Cloud plugin connection configuration.

The InsightVM Console Plugin supports most all functionality available on the security console, including:

  • Site configuration, site management, site-based scanning, and scan data retrieval
  • Asset search, asset tag management, asset group management, and asset vulnerability and remediation data retrieval
  • Vulnerability exception management

Jump to InsightVM Console plugin connection configuration.

Complete list of InsightVM Plugin Actions

To see all available actions with the InsightVM plugins, see the Actions and Triggers in the Documentation tab of the Extension Library listings for the InsightVM Cloud and InsightVM Console plugins.

InsightVM Cloud Plugin Connection Configuration

The InsightVM Cloud plugin requires:

To create an InsightVM Cloud Plugin connection:

  • From InsightConnect's home page, navigate to Settings > Plugins & Tools > Connections, click Add Connection, and select the Rapid7 InsightVM Cloud plugin from the Plugins list
  • From the workflow builder, add an action step, select the plugin, select an action, and click Add a New Connection in the Choose a Connection step
  • From the workflow import wizard, click Add a New Connection in the Configure Details step for the plugin

Once you've reached the connection configuration screen:

  1. Name the connection
  2. Choose an Orchestrator that can communicate with the InsightVM Cloud API (https://.api.insight.rapid7.com/vm//)
  3. Create a new credential, name the credential, and enter your Insight User API Key (alternatively, select an existing credential)
  4. Select your region (in most cases, your InsightVM region will match your InsightConnect region and can be checked in your browser URL)
  5. Click Save and check your connection to confirm it succeeds

InsightVM Console Plugin Connection Configuration

The InsightVM Console plugin requires:

  • The username and password for an InsightVM console account
  • The URL of your InsightVM Console (e.g., https://consoleserver.acme.com:3780)

User Account Privileges and Logging

Remember your InsightConnect connection to InsightVM will inherit all privileges of the InsightVM Console user account configured in the connection. Use of the least privilege model is recommended. All actions taken by this account will be logged according to your logging configuration in InsightVM.

To create an InsightVM Console Plugin connection:

  • From InsightConnect's home page, navigate to Settings > Plugins & Tools > Connections, click Add Connection, and select the Rapid7 InsightVM Console plugin from the Plugins list
  • From the workflow builder, add an action step, select the plugin, select an action, and click Add a New Connection in the Choose a Connection step
  • From the workflow import wizard, click Add a New Connection in the Configure Details step for the plugin

Once you've reached the connection configuration screen:

  1. Name the connection
  2. Choose an Orchestrator that can communicate with the InsightVM Console
  3. Create a new credential, name the credential, and enter your InsightVM account username and password (alternatively, select an existing credential)
  4. Enter your InsightVM console URL (eg, https://consoleserver.acme.com:3780)
  5. Click Save and check your connection to confirm it succeeds

Troubleshooting

The most common issue with InsightVM Console connections is connectivity between the Orchestrator and the InsightVM Console. Check your connection test for a network timeout error (eg, Connectivity test to InsightVM Console failed: No response received). This may indicate network connectivity issues between your InsightConnect Orchestrator and InsightVM Console. Work with a network administrator to establish connectivity.