Rapid7 InsightIDR Integration
The Universal Webhook Data Exporter allows you to integrate Rapid7 Platform products with Binalyze AIR to respond in a specified way when events trigger on the Rapid7 Platform.
Step 1 - Creating A webhook for Rapid7 InsightIDR
- Visit the Webhooks page in Binalyze AIR,
- Click the "+ New Webhook" button in the upper right corner,
- Provide a self-explanatory name,
- Select "Rapid7 InsightIDR Webhook Parser" as the parser for this webhook,
- Select an Acquisition Profile when the trigger activates this webhook,
- Select the Ignore option or leave with its default value (defaults to 24 hours for recurrent alerts for a single endpoint),
- Provide other settings such as Evidence Repository, CPU Limit, Compression & Encryption to use or let AIR configure them automatically based on the matching policy
- Click the "Save" button.
Step 2: Create Triggers for InsightIDR
- From your dashboard, select Data Collection on the left-hand menu.
- When the Data Collection page appears, click the Setup Event Source dropdown and choose Add Event Source.
- From the “Security Data” section, click the Data Exporter icon. The “Add Event Source” panel appears.
- Choose your collector and event source. You can also name your event source if you want.
- Provide the URL that you previously configured.
Last modified 2mo ago