Skip to content

Interpres Application - InsightIDR

  • Type: SIEM/Data Lake
  • Vendor: Rapid7

The Rapid7 InsightIDR App Returns Telemetry, Detections, and Alerts

Vendor setup

  1. Generate a User API Key for a user with InsightIDR Viewer Role.

App Configuration

App Parameters:

  • Region: The code that corresponds to the data storage region assigned to your organization. You can see it as part of the URL you use to access the platfrom: https://{REGION}.idr.insight.rapid7.com. Examples: us, us2, ca, eu ...
  • API Key: API Key
  • Proxy: Proxy Settings. Example: 'https://proxy.example.com:8443'

App Validation

Check there is connectivity (green light) in the integration created.

Implemented Actions

  • Get Available Telemetry: Returns a list of telemetry identifiers with their current status.

  • Get Detections: Returns a list of detections (InsightIDR Rules).

  • Get Alerts: Gets the latest alerts by quering the Incidents and extrating the alerts that generated these.