Quick Actions

Quick Actions are preconfigured automation actions you can run within InsightConnect to get the answers you need fast. You can leverage Quick Actions with no configuration required, without deploying an Orchestrator or creating a single Connection.

How to use Quick Actions

Quick Actions are available on the Quick Actions page, which can be found on the left hand navigation menu. Quick Actions that are available to run can be found on the Actions tab. To run a Quick Action, select the card of the Quick Action, provide the action input and click the Run button. Each action expects a certain input, such as an IP Address, Email Address, File Hash, Domain, Vulnerability, or some similar indicator.

Actions Tab

Available actions

Quick Actions currently supports the following actions:

  • Look Up IP Address with WHOIS
  • Look Up Domain with WHOIS
  • Look Up IP Address with Threat Crowd
  • Look Up Domain with Threat Crowd
  • Look Up File Hash with Threat Crowd
  • Look Up Email Address with Threat Crowd
  • Look Up Vulnerability with Rapid7 Vulnerability and Exploit Database
  • Look Up Exploit with Rapid7 Vulnerability and Exploit Database

Review Quick Action results

When your action completes, the results display within the Quick Action panel. If you want to take additional actions from here, simply copy any relevant data to your clipboard for use as input in your next action.

Quick Action Results

To view the results of previously run actions, navigate to the History tab of the Quick Actions page. From here, you can view a record of each action that has been run, the date and time of when it was run, the user who ran the action, and the status of the action. To see the inputs and outputs of the action, click the action name.

Quick Action History