Integrate Vulnerability Management (InsightVM) with Rapid7 Agent (Insight Agent)
The Rapid7 Agent (Insight Agent) gives you endpoint visibility and detection by collecting live system information including basic asset identification information, running processes, and logs from your assets. The Agent then sends this data back to the Insight platform for analysis. As an Vulnerability Management (InsightVM) user you can force the Rapid7 Agent (Insight Agent) to be immediately assessed and integrated into Vulnerability Management (InsightVM). The Rapid7 Agent (Insight Agent) checks in with the Command Platform (Insight Platform) every 6 hours by default. If you do not want to wait for the next scheduled check-in and would prefer to check-in instantly, perform the following steps for any Windows, Mac or Linux asset:
Integration requirements
- Local administrative access to the Rapid7 Agent (Insight Agent) asset.
- Administrative access to the Vulnerability Management (InsightVM) Security Console.
Rapid7 Agent (Insight Agent) Immediate Check-in
- Stop the Rapid7 Agent (Insight Agent) service.
- Remove the
<install_dir>/config/agent.jobs.tem_realtime.json & <install_dir>/snapshots
directories. - Start the Rapid7 Agent (Insight Agent) service. You will need the Security Console to pull down the Agent assessment from the Command Platform (Insight Platform).
- Log in to the Security Console as an admin.
- On the Administration page, in the Console > Troubleshooting section, click Run commands.
- Execute the command “import agent-assets”.
- In the nsc.log file located at
<install_dir>/rapid7/nexpose/nsc/logs/nsc.log
, search for the Agent ID of the asset to confirm that it is being integrated into your database.