Skip to main content
Skip table of contents

Rapid7 InsightVM (on-premises)

Rapid7 InsightVM provides visibility and risk prioritization for vulnerabilities found in local, remote, cloud, containerized, and virtual infrastructure. This connector is for the on-premises version of Rapid7 InsightVM, that uses version 3 of the InsightVM API.

Requirements

To use the Rapid7 Connector in Lucidum:

  1. Before configuring the Rapid7 connector in Lucidum, you must create a read-only account in Rapid7 that allows Lucidum to ingest information from Rapid7.

  2. You can then configure the Rapid7 connector in Lucidum and start ingesting data from Rapid7.

NOTE: Lucidum currently supports Rapid7 API Version 3, because Version 3 provides more detailed information than Version 4.

Create a Read-Only Account in Rapid7

To create a read-only username and password credentials:

  1. Login to the Rapid7 administrator panel with an administrator account.

  2. In the users panel, click Create to create a new account

  3. From the General menu option, fill in the user details.

  4. If you have enabled Two Factor Authentication, generate a Two Factor Authentication token

  5. Click the Roles menu option and select the User role.

  6. Click the Site Access menu option and select Allow this user to access all sites.

  7. Click the Asset Group Access menu option and select Allow this user to access all asset groups.

  8. Click Save and log in to the administrator panel. This will create the user.

To enable Two Factor Authentication:

  1. As a Global Administrator, go to the Administration tab.

  2. In the Global and Console Settings section, click the Administer link.

  3. Select Enable two-factor authentication.

Configuring the Rapid7 Connector

To configure Lucidum to ingest data from Rapid7:

  1. Log in to Lucidum.

  2. In the left pane, click Connector.

  3. In the Connector page, click Add Connector.

  4. Scroll until you find the Connector for Rapid7. Click Connect. The Settings page appears.

  5. In the Settings page, enter the following:

    • URL. The URL of the Rapid7 API. For example, https://lucidum02:3780/api/3/

    • Port. Optional. For cloud-hosted versions, the default value is 443. For on-premises versions, the default value is 3780.

    • User name The user name for a user account that has read permission to fetch assets.

    • Password . The password for a user account that has read permission to fetch assets.

    • Token. Optional. For two-factor authentication only. If supplied, the Lucidum connector will use two-factor authentication when communicating with the Rapid7 InsightVM server.

  6. Verify SSL. For future use.

  7. To test the configuration, click Test.

    • If the connector is configured correctly, Lucidum displays a list of services that are accessible with the connector.

    • If the connector is not configured correctly, Lucidum displays an error message.

Source Documentation

Creating a Read-Only Account

https://docs.rapid7.com/insightvm/managing-users-and-authentication

Roles is User.

Site Access is Allow this user to access all sites

Asset Group Access is Allow this user to access all asset groups

API Documentation

https://help.rapid7.com/insightvm/en-us/api/index.html

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.