Skip to main content
Sign in

Creating an extended integration for Rapid7 InsightVM assets

Caroline Maguire
  • April 07, 2022 16:13
  • Updated

Let Oomnitza be your single source of truth!

You'll get complete visibility of your assets as data from Rapid7 InsightVM is automatically transformed into consumable information and actionable insights.

Connect Oomnitza and Rapid7 InsightVM in minutes

Get the information and insights that you need to reduce costs and the time that you spend on administration tasks such as:

  • Configurable dashboards and list views of key asset and software information
  • Configurable reports to share information about assets and software with your colleagues and management such as corporate-wide reports that detail the distribution and status of the assets and software in your environment
  • Configurable workflows that you can easily create to automate tasks such as:
    • Assigning tags to assets
    • Getting asset tags and asset details
    • Deleting assets and asset tags

Navigation

small_blue_link.svgSetting your Rapid7 Subdomain as a global variable

small_blue_link.svgAdding the credentials

small_blue_link.svgCreating the asset integration

small_blue_link.svgCreating custom mappings

small_blue_link.svg Creating workflows

Creating asset workflows with the API block

Assign Tag to Asset

Delete Asset

Delete Tag from Asset

Get Asset Details

Get Asset Tags

Before you start

Best practice
For the integration with Oomnitza, create a dedicated user account.

To stream Rapid7 InsightVM asset and user data into Oomnitza, you must add your Rapid7 authentication credentials to the vault in Oomnitza. 

To create the integrations with Oomnitza, you need to know:

  • The email address of a Rapid7 user with administrator privileges
  • The Rapid7 port number and host name. If you don't know the Rapid7 port number and host name, contact Rapid7 Support. 

small_blue_link.svg For more information, see INSIGHTVM API (V3) 

Setting your Rapid7 API host name and port as a global variable

To save time entering information when you integrate Rapid7, you can add the API port number and API host name as global variables in Oomnitza.

  1. In Oomnitza, click Settings > Global Settings.
  2. Click Add new variable (+). 
  3. Enter Rapid7.Rapid7 API Port as the variable name.
  4. Enter the port number.
  5. Click SAVE.
  6. Repeat step 1 and 2.
  7. Enter Rapid7.Rapid7 API Host as the variable name.
  8.  Enter the host name.
  9. Click SAVE.

Adding the credentials

To authorize connections between Oomnitza and Rapid7, complete these steps:

  1. Log into Oomnitza.
  2. Click Settings > Credentials, and then click Add new credential (+).
  3. Add the information details.
  4. Click the AUTHORIZATION tab.
  5. As authorization type, ensure that Basic Auth is selected .
  6. Enter the email address of a Rapid7 user with administrator privileges.
  7. Enter a password.
  8. Click CREATE

You use the credentials that you added to create and customize your Rapid7 integrations with Oomnitza.

Creating the asset integration

To configure the integration for the Rapid7 Asset Load, complete the following steps:

  1. From the menu, select Settings.
  2. Click Integrations List View small_SettingsListView.svg.
  3. On the Integrations page, scroll down to the Extended section for Assets.
  4. Click NEW INTEGRATION.
  5. In the New Asset Integration sidebar, click Rapid7.
  6. To integrate Oomnitza with the Rapid7 Asset Load, click APPLY and then click NEXT twice.

On the connect page, complete the following steps to connect the integration:

  1. Enter a descriptive name for the integration such as Rapid7 Assets. That'll be the name of the integration that is shown on the Integrations page.
  2. Select Cloud as the installation type.
  3. From the Credentials list, select the credentials from the Oomnitza vault that you added for the connection.
  4. From the Integration Preferences list, select Create & Update
  5. Enter the name of the user of the integration.
  6. Enter the Rapid7 API host name. The format of the URL is https://<host>:<port>/api/3 . You enter the host part of the URL.
  7. Enter the Rapid7 API port number. The format of the URL is https://<host>:<port>/api/3 . You enter the number that is shown after the colon (:).
  8. Click Next.

Creating custom mappings

Map Rapid7 fields to Oomnitza fields to get the asset information that you need. For the field mapping, it is recommended to follow these steps:

  1. Click SMART MAPPINGS.
  2. You must create a custom mapping for the Rapid7 Id field. To do this, complete these steps:
    1. Click the down arrow on the Id field.
    2. Select Add new Oomnitza assets field.
    3. Change the name of the Id field to Rapid7 Device ID
    4. Click CREATE
  3. Create custom mappings to map any other field that you want to add to Oomnitza:
    1. Click the down arrow on the field that you want to map.
    2. Select Add new Oomnitza assets field.
    3. Change the name of the field.
    4. Click CREATE
  4. Assign a sync key to the Rapid7 Device ID field.
  5. Click NEXT

Tracking information for asset loads 

When the integration is run, you can track the name of the credentials that were used and the source of the data. To do this, you map the following fields to Oomnitza:   

  • Connect: Credentials
  • Connect: Rapid7 API Host
  • Connect: Rapid7 API Port

Custom mappings

Connector Sync Time
Fingerprint Product
Host Name
Id
Ip
Is Assessed For Policies
Is Assessed For Vulnerabilities
Mac
Os
Os Fingerprint Architecture
Os Fingerprint Cpe Edition
Os Fingerprint Cpe Language
Os Fingerprint Cpe Other
Os Fingerprint Cpe Part
Os Fingerprint Cpe Product
Os Fingerprint Cpe Sw Edition
Os Fingerprint Cpe Target HW
Os Fingerprint Cpe Target SW
Os Fingerprint Cpe Update
Os Fingerprint Cpe V2.2
Os Fingerprint Cpe V2.3
Os Fingerprint Cpe Vendor
Os Fingerprint Cpe Version
Os Fingerprint Description
Os Fingerprint Family
Os Fingerprint Id
Os Fingerprint System Name
Os Fingerprint Type
Os Fingerprint Vendor
Os Fingerprint Version
Raw Risk Score
Risk Score
Type
Vulnerabilities Critical
Vulnerabilities Exploits
Vulnerabilities Malware Kits
Vulnerabilities Moderate
Vulnerabilities Severe
Vulnerabilities Total

blue_link.svg Learn more about mapping

 

When you've completed mapping Rapid7 fields to Oomnitza fields, click NEXT.   

Schedule

By default, data is streamed to Oomnitza once every day.

You can configure the schedule to meet your needs such as changing the interval or changing the time so that the data is streamed when your system isn't busy.

  1. Configure your schedule.
  2. Click FINISH.

Result

A new tile is created for the integration on the Integrations page. 

What to do next

If you want to see what information is collected now, click the tile on the Integrations page and click RUN NOW.

If you want to change the integration settings, you can click a navigation link on the page, such as 4 Mappings, and edit the settings.

edit-integration.svg 

Tip
To view the information that is collected about your mobile assets, click Assets

Creating workflows

Creating asset workflows with the API block

To reduce your workload and automate complex and repetitive tasks, you can create workflows with the API block by following the steps in Creating asset workflows with the API blockTo locate the available presets, enter Rapid7 in the Select Preset search fieldSelect your preset of choice and for every preset enter the following information in the Configure section:

  • Your Rapid7 API host name and port number, which is derived from the global variable Rapid7.Rapid7 API Host and Rapid7.Rapid7 API Port that you configured in Setting your Rapid7 Subdomain as a global variable. Alternatively, you can enter this information manually.
  • You credentials, which you created in Adding the credentials.
  • The Rapid7 Tag ID. The Rapid7 Tag ID is assumed to be stored in the Rapid7 Device ID field that you created in Custom mappings. To manually modify the tag id, complete the following steps:
    1. Click the Advanced Mode button located in the upper right of the window.
    2. In the Information tab, replace the variable {{rapid7_device_id} in the URL field with the user id. 

The Rapid7 API block workflow comes with the following presets for assets:

Assign Tag to Asset
Delete Asset
Delete Tag from Asset
Get Asset Details
Get Asset Tags

Using the Rapid7 Assign Tag to Asset Preset

The Assign Tag to Asset preset  allows you to assign a tag to an asset.

For further information see Rapid7 REST API documentation: Tag Asset.

Using the Rapid7 Delete Asset Preset

The Delete Asset preset allows you to delete an asset. 

For further information see Rapid7 REST API documentation: Delete Asset.

Using the Rapid7 Delete Tag from Asset Preset

The Delete Tag from Asset preset allows you to delete a tag from an asset.

For further information see Rapid7 REST API documentation: Delete Asset Tag.

Using the Rapid7 Get Asset Details Preset

The Get Asset Details preset returns the details of an asset.

For further information see Rapid7 REST API documentation: Get Asset Details.

Using the Rapid7 Get Asset Tags Preset

The Get Asset Tags returns all tags on an asset.

For further information see Rapid7 REST API documentation: Get Asset Tags.

For further information on workflows see:
small_blue_link.svg Understanding workflows
small_blue_link.svg Workflow block overview

Unleash the power of Oomnitza

To get valuable actionable insights that help you manage your assets, learn how to:

      • Configure dashboards for your users and software
      • Configure custom reports about your users and software
      • Create workflows to automate tasks

See small_blue_link.svg Getting started for more information.

Did you know
You can also create extended connector integrations for Rapid7 Users.
small_blue_link.svg Creating an extended integration for Rapid7 users

Related articles

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk