Links

Rapid7 InsightIDR Integration

The Universal Webhook Data Exporter allows you to integrate Rapid7 Platform products with Binalyze AIR to respond in a specified way when events trigger on the Rapid7 Platform.
Step 1 - Creating A webhook for Rapid7 InsightIDR
  • Visit the Webhooks page in Binalyze AIR,
  • Click the "+ New Webhook" button in the upper right corner,
  • Provide a self-explanatory name,
  • Select "Rapid7 InsightIDR Webhook Parser" as the parser for this webhook,
  • Select an Acquisition Profile when the trigger activates this webhook,
  • Select the Ignore option or leave with its default value (defaults to 24 hours for recurrent alerts for a single endpoint),
  • Provide other settings such as Evidence Repository, CPU Limit, Compression & Encryption to use or let AIR configure them automatically based on the matching policy
  • Click the "Save" button.
Step 2: Create Triggers for InsightIDR
  • From your dashboard, select Data Collection on the left-hand menu.
  • When the Data Collection page appears, click the Setup Event Source dropdown and choose Add Event Source.
  • From the “Security Data” section, click the Data Exporter icon. The “Add Event Source” panel appears.
  • Choose your collector and event source. You can also name your event source if you want.
  • Provide the URL that you previously configured.