Rapid7 Insight VM

the rapid7 insight vm connector facilitates seamless integration with swimlane turbine, enabling automated vulnerability management and security processes rapid7 insightvm is a powerful vulnerability management tool that provides comprehensive visibility into the security posture of your assets this connector enables swimlane turbine users to automate asset discovery, vulnerability assessment, and reporting tasks within their security workflows by integrating with rapid7 insightvm, users can streamline vulnerability management processes, enhance asset visibility, and expedite remediation efforts, all from within the swimlane platform the connector's actions facilitate real time security analytics and proactive risk management, empowering users to maintain a robust security posture prerequisites to effectively utilize the rapid7 insight vm connector with swimlane turbine, ensure you have the following prerequisites http basic authentication with the following parameters url the base endpoint for the rapid7 insight vm api username your insight vm account username password your insight vm account password capabilities the rapid7 insightvm connector has the following capabilities get scan details create tag get tag get tags create report for report generation report download report generation get affected assets get all assets get all vulnerabilities get asset vulnerabilities get solution get vulnerability get vulnerability solutions create report for report generation notes filters the following filter elements may be defined for non templatized report formats format categories severity statuses arf xm csv export ✓ ✓ ✓ cyberscope xml database export nexpose simple xml ✓ ✓ oval xml qualys xml ✓ ✓ scap xml ✓ ✓ sql query ✓ ✓ ✓ xccdf csv xccdf xml ✓ ✓ xml export ✓ ✓ ✓ xml export v2 ✓ ✓ ✓ the following filter elements may be defined for templatized report formats template categories severity statuses audit report ✓ ✓ baseline comparison basic vulnerability check results ✓ ✓ ✓ executive overview highest risk vulns pci attestation v12 pci executive summary v12 pci vuln details v12 policy details ✓ ✓ ✓ policy eval policy summary ✓ ✓ ✓ prioritized remediations ✓ ✓ ✓ prioritized remediations with details ✓ ✓ ✓ r7 discovered assets ✓ ✓ ✓ r7 vulnerability exceptions ✓ ✓ ✓ remediation plan ✓ ✓ report card ✓ ✓ risk scorecard ✓ ✓ ✓ rule breakdown summary ✓ ✓ ✓ top policy remediations ✓ ✓ ✓ top policy remediations with details ✓ ✓ ✓ top riskiest assets ✓ ✓ ✓ top vulnerable assets ✓ ✓ ✓ vulnerability trends ✓ ✓ ✓ scope the following scope elements may be defined for non templatized report formats format assets sites asset groups tags scans arf xml ✓ ✓ ✓ ✓ ✓ csv export ✓ ✓ ✓ ✓ ✓ cyberscope xml ✓ ✓ ✓ ✓ ✓ database export ✓ nexpose simple xml ✓ ✓ ✓ ✓ ✓ oval xml ✓ ✓ ✓ ✓ qualys xml ✓ ✓ ✓ ✓ ✓ scap xml ✓ ✓ ✓ ✓ ✓ xccdf csv ✓ xccdf xml ✓ ✓ ✓ ✓ ✓ xml export ✓ ✓ ✓ ✓ ✓ xml export v2 ✓ ✓ ✓ ✓ ✓ the following scope elements may be defined for templatized report formats template assets sites asset groups tags scans audit report ✓ ✓ ✓ ✓ ✓ baseline comparison ✓ ✓ ✓ ✓ basic vulnerability check results ✓ ✓ ✓ ✓ ✓ executive overview ✓ ✓ ✓ ✓ highest risk vulns ✓ ✓ ✓ ✓ pci attestation v12 ✓ ✓ ✓ ✓ ✓ pci executive summary v12 ✓ ✓ ✓ ✓ ✓ pci vuln details v12 ✓ ✓ ✓ ✓ ✓ policy details ✓ ✓ ✓ ✓ policy eval ✓ ✓ ✓ ✓ policy summary ✓ ✓ ✓ ✓ ✓ prioritized remediations ✓ ✓ ✓ ✓ ✓ prioritized remediations with details ✓ ✓ ✓ ✓ ✓ r7 discovered assets ✓ ✓ ✓ ✓ ✓ r7 vulnerability exceptions ✓ ✓ ✓ ✓ ✓ remediation plan ✓ ✓ ✓ ✓ ✓ report card ✓ ✓ ✓ ✓ ✓ risk scorecard ✓ ✓ ✓ ✓ rule breakdown summary ✓ ✓ ✓ ✓ top policy remediations ✓ ✓ ✓ ✓ top policy remediations with details ✓ ✓ ✓ ✓ top riskiest assets ✓ ✓ ✓ ✓ ✓ top vulnerable assets ✓ ✓ ✓ ✓ ✓ vulnerability trends ✓ ✓ ✓ ✓ if a report supports specifying a scan as the scope and a scan is specified, no other scope elements can be defined in all other cases, many different types of supported scope elements can be specified in any combination all reports except the sql query format require at least one element to be specified as the scope template assets sites asset groups tags scan ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ ✓ create tag action notes create tag receives two optional inputs that requires a specific format filters this input receives a string/text than can be converted to json a reference from rapid7 with all the posibilities can be found https //help rapid7 com/insightvm/en us/api/#section/responses/searchcriteria e g \[{"field" "","lower" "","operator" "","upper" "","value" "","values" \["string"]}] notes you can find information on search criteria https //help rapid7 com/insightvm/en us/api/index html#section/overview/responses configurations http basic authentication authenticates using username and password configuration parameters parameter description type required url a url to the target host string required username username string required password password string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions assets search conducts a comprehensive search for assets in rapid7 insightvm, enabling quick retrieval of specific asset information endpoint url api/3/assets/search method post input argument name type required description match string optional parameter for assets search filters array optional parameter for assets search filters field string optional parameter for assets search filters operator string optional parameter for assets search filters value string optional value for the parameter input example {"json body" {"match" "all","filters" \[{"field" "host name","operator" "is","value" "win uag2lhc1t75 swimlane us"}]}} output parameter type description status code number http status code of the response reason string response reason phrase resources array output field resources resources addresses array output field resources addresses resources addresses ip string output field resources addresses ip resources addresses mac string output field resources addresses mac resources assessedforpolicies boolean output field resources assessedforpolicies resources assessedforvulnerabilities boolean output field resources assessedforvulnerabilities resources history array output field resources history resources history date string date value resources history scanid number unique identifier resources history type string type of the resource resources history version number output field resources history version resources hostname string name of the resource resources hostnames array name of the resource resources hostnames name string name of the resource resources hostnames source string name of the resource resources id number unique identifier resources ip string output field resources ip resources links array output field resources links resources links href string output field resources links href resources links rel string output field resources links rel resources mac string output field resources mac resources os string output field resources os resources oscertainty string output field resources oscertainty output example {"status code" 200,"response headers" {"x frame options" "sameorigin","x ua compatible" "ie=edge,chrome=1","x content type options" "nosniff","x xss protection" "1; mode=block","cache control" "no store, must revalidate","content type" "application/json;charset=utf 8","transfer encoding" "chunked","content encoding" "gzip","vary" "accept encoding","date" "fri, 06 jan 2023 19 19 17 gmt","server" "security console"},"reason" "ok","json body" {"resources" \[{}],"page" {"number" 0,"size" 10,"totalres create report for report generation generates a customizable report within rapid7 insight vm to facilitate subsequent reporting processes endpoint url api/3/reports method post input argument name type required description bureau string optional parameter for create report for report generation component string optional parameter for create report for report generation database object optional response data database credentials object optional response data database credentials username string optional response data database host string optional response data database name string optional response data database port number optional response data database vendor string optional response data email object optional parameter for create report for report generation email access string optional parameter for create report for report generation email additional string optional parameter for create report for report generation email additionalrecipients array optional parameter for create report for report generation email assetaccess boolean optional parameter for create report for report generation email owner string optional parameter for create report for report generation email smtp object optional parameter for create report for report generation email smtp global boolean optional parameter for create report for report generation email smtp relay string optional parameter for create report for report generation email smtp sender string optional parameter for create report for report generation enclave string optional parameter for create report for report generation filters object optional parameter for create report for report generation filters categories object optional parameter for create report for report generation filters categories excluded array optional parameter for create report for report generation filters categories included array optional parameter for create report for report generation filters categories links array optional parameter for create report for report generation input example {"json body" {"bureau" "bureau","component" "component","database" {"credentials" {"username" "admin"},"host" "database acme com","name" "database","port" 3306,"vendor" "mysql"},"email" {"access" "zip","additional" "file","additionalrecipients" \["string"],"assetaccess"\ true,"owner" "file","smtp" {"global"\ true,"relay" "mail acme com","sender" "john smith\@acme com"}},"enclave" "enclave","filters" {"categories" {"excluded" \["string"],"included" \["string"],"links" \[{"href" "https //hostname 3780/api/3/ ","rel" "self"}]},"severity" "","statuses" \["vulnerable"]},"format" "pdf","frequency" {"repeat" {"dayofweek" "","every" "date of month","interval" 1,"lastdayofmonth"\ true,"weekofmonth" ""},"start" "2018 03 01t04 31 56z"},"language" "en us","name" "monthly corporate site summary","organization" "acme, inc ","owner" 1,"policy" 789,"query" "select from dim asset order by ip address asc","scope" {"assetgroups" \[0],"assets" \[0],"scan" 68,"sites" \[0],"tags" \[0]},"storage" {"location" "monthly reports/site/corporate"},"template" "executive overview","timezone" "america/los angeles","users" "7","version" "2 3 0"}} output parameter type description status code number http status code of the response reason string response reason phrase status number status value message string response message links array output field links links href string output field links href links rel string output field links rel output example {"status" 123,"message" "string","links" \[{"href" "string","rel" "string"}]} create tag creates a new asset tag in rapid7 insight vm for effective organization and categorization of assets endpoint url api/3/tags method post input argument name type required description name string optional name of the resource type string optional type of the resource input example {"json body" {"name" "my tag","type" "criticality"}} output parameter type description status code number http status code of the response reason string response reason phrase status number status value message string response message links array output field links links href string output field links href links rel string output field links rel output example {"status code" 500,"response headers" {"x frame options" "sameorigin","x ua compatible" "ie=edge,chrome=1","x content type options" "nosniff","x xss protection" "1; mode=block","cache control" "no store, must revalidate","content type" "application/json;charset=utf 8","transfer encoding" "chunked","content encoding" "gzip","vary" "accept encoding","date" "tue, 09 may 2023 17 19 56 gmt","connection" "close","server" "security console"},"reason" "internal server error","json body" {"status" 500,"m get affected assets retrieve a list of assets affected by a specified vulnerability using its unique identifier in rapid7 insight vm endpoint url api/3/vulnerabilities/{{id}}/assets method get input argument name type required description path parameters id string required parameters for the get affected assets action input example {"path parameters" {"id" "ssh default account admin password password"}} output parameter type description status code number http status code of the response reason string response reason phrase links array output field links links href string output field links href links rel string output field links rel output example {"status code" 200,"response headers" {"x frame options" "sameorigin","x ua compatible" "ie=edge,chrome=1","x content type options" "nosniff","x xss protection" "1; mode=block","cache control" "no store, must revalidate","content type" "application/json;charset=utf 8","transfer encoding" "chunked","content encoding" "gzip","vary" "accept encoding","date" "mon, 09 jan 2023 16 40 56 gmt","server" "security console"},"reason" "ok","json body" {"links" \[{}]}} get all assets fetches a comprehensive list of all assets within the rapid7 insight vm environment, providing an overview of networked devices endpoint url api/3/assets method get input argument name type required description parameters page number optional the index of the page (zero based) to retrieve parameters size number optional the number of records per page to retrieve parameters sort string optional the criteria to sort the records by, in the format property\[,asc desc] input example {"parameters" {"page" 0,"size" 10}} output parameter type description status code number http status code of the response reason string response reason phrase resources array output field resources resources addresses array output field resources addresses resources addresses ip string output field resources addresses ip resources addresses mac string output field resources addresses mac resources assessedforpolicies boolean output field resources assessedforpolicies resources assessedforvulnerabilities boolean output field resources assessedforvulnerabilities resources history array output field resources history resources history date string date value resources history scanid number unique identifier resources history type string type of the resource resources history version number output field resources history version resources hostname string name of the resource resources hostnames array name of the resource resources hostnames name string name of the resource resources hostnames source string name of the resource resources id number unique identifier resources ip string output field resources ip resources links array output field resources links resources links href string output field resources links href resources links rel string output field resources links rel resources mac string output field resources mac resources rawriskscore number score value resources riskscore number score value output example {"status code" 200,"response headers" {"x frame options" "sameorigin","x ua compatible" "ie=edge,chrome=1","x content type options" "nosniff","x xss protection" "1; mode=block","cache control" "no store, must revalidate","content type" "application/json;charset=utf 8","transfer encoding" "chunked","content encoding" "gzip","vary" "accept encoding","date" "fri, 06 jan 2023 18 19 53 gmt","server" "security console"},"reason" "ok","json body" {"resources" \[{"addresses" \[{"ip" "10 32 0 162","mac" "0 get asset retrieves detailed information for a specified asset using its unique asset id in rapid7 insight vm endpoint url /api/3/assets/{{asset id}} method get input argument name type required description path parameters asset id number required parameters for the get asset action input example {"path parameters" {"asset id" 37}} output parameter type description status code number http status code of the response reason string response reason phrase addresses array output field addresses addresses ip string output field addresses ip addresses mac string output field addresses mac assessedforpolicies boolean output field assessedforpolicies assessedforvulnerabilities boolean output field assessedforvulnerabilities configurations array output field configurations configurations name string name of the resource configurations value string value for the parameter history array output field history history date string date value history scanid number unique identifier history type string type of the resource history version number output field history version hostname string name of the resource hostnames array name of the resource hostnames name string name of the resource hostnames source string name of the resource id number unique identifier ids array unique identifier ids id string unique identifier ids source string unique identifier ip string output field ip links array output field links output example {"status code" 200,"response headers" {"x frame options" "sameorigin","x ua compatible" "ie=edge,chrome=1","x content type options" "nosniff","x xss protection" "1; mode=block","cache control" "no store, must revalidate","content type" "application/json;charset=utf 8","transfer encoding" "chunked","content encoding" "gzip","vary" "accept encoding","date" "tue, 23 may 2023 18 41 25 gmt","server" "security console"},"reason" "ok","json body" {"addresses" \[{}],"assessedforpolicies"\ true,"assessedfo get asset vulnerability retrieve all vulnerabilities for a specified asset in rapid7 insight vm, including exceptions, by providing an asset id endpoint url api/3/assets/{{asset id}}/vulnerabilities method get input argument name type required description path parameters asset id number required parameters for the get asset vulnerability action parameters page number optional parameters for the get asset vulnerability action parameters size number optional parameters for the get asset vulnerability action input example {"parameters" {"page" 64,"size" 10},"path parameters" {"asset id" 37}} output parameter type description status code number http status code of the response reason string response reason phrase resources array output field resources resources id string unique identifier resources instances number output field resources instances resources links array output field resources links resources links href string output field resources links href resources links rel string output field resources links rel resources links id string unique identifier resources results array result of the operation resources results port number result of the operation resources results proof string result of the operation resources results protocol string result of the operation resources results since string result of the operation resources results status string status value resources since string output field resources since resources status string status value page object output field page page number number output field page number page size number output field page size page totalresources number output field page totalresources page totalpages number output field page totalpages links array output field links links href string output field links href links rel string output field links rel output example {"status code" 200,"response headers" {"x frame options" "sameorigin","x ua compatible" "ie=edge,chrome=1","x content type options" "nosniff","x xss protection" "1; mode=block","cache control" "no store, must revalidate","content type" "application/json;charset=utf 8","transfer encoding" "chunked","content encoding" "gzip","vary" "accept encoding","date" "mon, 09 jan 2023 21 00 46 gmt","server" "security console"},"reason" "ok","json body" {"resources" \[{}],"page" {"number" 0,"size" 10,"totalres get scan retrieves detailed information for a specific scan in rapid7 insight vm using the provided scan id endpoint url api/3/scans/{{id}} method get input argument name type required description path parameters id number required parameters for the get scan action input example {"path parameters" {"id" 2}} output parameter type description status code number http status code of the response reason string response reason phrase assets number output field assets engineid number unique identifier engineids array unique identifier enginename string name of the resource id number unique identifier links array output field links links href string output field links href links rel string output field links rel links id number unique identifier scanname string name of the resource scantype string type of the resource starttime string time value startedbyusername string name of the resource status string status value vulnerabilities object output field vulnerabilities vulnerabilities critical number output field vulnerabilities critical vulnerabilities moderate number output field vulnerabilities moderate vulnerabilities severe number output field vulnerabilities severe vulnerabilities total number output field vulnerabilities total output example {"status code" 200,"response headers" {"x frame options" "sameorigin","x ua compatible" "ie=edge,chrome=1","x content type options" "nosniff","x xss protection" "1; mode=block","cache control" "no store, must revalidate","content type" "application/json;charset=utf 8","transfer encoding" "chunked","content encoding" "gzip","vary" "accept encoding","date" "mon, 09 jan 2023 16 38 18 gmt","server" "security console"},"reason" "ok","json body" {"assets" 0,"engineid" 3,"engineids" \[3],"enginename" "l get solution retrieve detailed information for a specific solution in rapid7 insight vm using the solution id endpoint url api/3/solutions/{{id}} method get input argument name type required description path parameters id string required parameters for the get solution action input example {"path parameters" {"id" "1"}} output parameter type description status code number http status code of the response reason string response reason phrase status number status value message string response message links array output field links links href string output field links href links rel string output field links rel output example {"status" 123,"message" "string","links" \[{"href" "string","rel" "string"}]} get tag retrieves detailed information for a specified tag in rapid7 insight vm using the tag's unique identifier endpoint url api/3/tags/{{id}} method get input argument name type required description path parameters id string required parameters for the get tag action input example {"path parameters" {"id" "1"}} output parameter type description status code number http status code of the response reason string response reason phrase color string output field color created string output field created id number unique identifier links array output field links links href string output field links href links rel string output field links rel name string name of the resource riskmodifier string output field riskmodifier source string output field source type string type of the resource output example {"status code" 200,"response headers" {"x frame options" "sameorigin","x ua compatible" "ie=edge,chrome=1","x content type options" "nosniff","x xss protection" "1; mode=block","cache control" "no store, must revalidate","content type" "application/json;charset=utf 8","transfer encoding" "chunked","content encoding" "gzip","vary" "accept encoding","date" "fri, 06 jan 2023 20 16 31 gmt","server" "security console"},"reason" "ok","json body" {"color" "default","created" "2020 03 25t19 47 10 179z", get tags retrieves a list of configured tags from rapid7 insight vm without requiring an id endpoint url api/3/tags method get input argument name type required description parameters name string optional parameters for the get tags action parameters type string optional parameters for the get tags action parameters sort string optional parameters for the get tags action input example {"parameters" {"name" "","type" "criticality","sort" "asc"}} output parameter type description status code number http status code of the response reason string response reason phrase resources array output field resources resources color string output field resources color resources created string output field resources created resources id number unique identifier resources links array output field resources links resources links href string output field resources links href resources links rel string output field resources links rel resources name string name of the resource resources riskmodifier string output field resources riskmodifier resources source string output field resources source resources type string type of the resource page object output field page page number number output field page number page size number output field page size page totalresources number output field page totalresources page totalpages number output field page totalpages links array output field links links href string output field links href links rel string output field links rel output example {"status code" 200,"response headers" {"x frame options" "sameorigin","x ua compatible" "ie=edge,chrome=1","x content type options" "nosniff","x xss protection" "1; mode=block","cache control" "no store, must revalidate","content type" "application/json;charset=utf 8","transfer encoding" "chunked","content encoding" "gzip","vary" "accept encoding","date" "fri, 06 jan 2023 20 11 11 gmt","server" "security console"},"reason" "ok","json body" {"resources" \[{"color" "default","created" "2020 03 25t1 get vulnerabilities retrieve a comprehensive list of vulnerabilities from rapid7 insight vm for analysis and action endpoint url api/3/vulnerabilities method get input argument name type required description parameters sort string optional parameters for the get vulnerabilities action input example {"parameters" {"sort" "asc"}} output parameter type description status code number http status code of the response reason string response reason phrase resources array output field resources resources added string output field resources added resources categories array output field resources categories resources cvss object output field resources cvss resources cvss links array output field resources cvss links resources cvss links href string output field resources cvss links href resources cvss links rel string output field resources cvss links rel resources cvss v2 object output field resources cvss v2 resources cvss v2 accesscomplexity string output field resources cvss v2 accesscomplexity resources cvss v2 accessvector string output field resources cvss v2 accessvector resources cvss v2 authentication string output field resources cvss v2 authentication resources cvss v2 availabilityimpact string output field resources cvss v2 availabilityimpact resources cvss v2 confidentialityimpact string unique identifier resources cvss v2 exploitscore number score value resources cvss v2 impactscore number score value resources cvss v2 integrityimpact string output field resources cvss v2 integrityimpact resources cvss v2 score number score value resources cvss v2 vector string output field resources cvss v2 vector resources denialofservice boolean output field resources denialofservice resources description object output field resources description resources description html string output field resources description html resources description text string output field resources description text resources exploits number output field resources exploits output example {"status code" 200,"response headers" {"x frame options" "sameorigin","x ua compatible" "ie=edge,chrome=1","x content type options" "nosniff","x xss protection" "1; mode=block","cache control" "no store, must revalidate","content type" "application/json;charset=utf 8","transfer encoding" "chunked","content encoding" "gzip","vary" "accept encoding","date" "mon, 09 jan 2023 14 20 00 gmt","server" "security console"},"reason" "ok","json body" {"resources" \[{"added" "2013 01 15","categories" \["defau get vulnerabilities solutions retrieve potential solutions for remediation of a specified vulnerability in rapid7 insight vm, identified by its unique id endpoint url api/3/vulnerabilities/{{id}}/solutions method get input argument name type required description path parameters id string required parameters for the get vulnerabilities solutions action input example {"path parameters" {"id" "inconclusive host"}} output parameter type description status code number http status code of the response reason string response reason phrase links array output field links links href string output field links href links rel string output field links rel resources array output field resources output example {"status code" 200,"response headers" {"x frame options" "sameorigin","x ua compatible" "ie=edge,chrome=1","x content type options" "nosniff","x xss protection" "1; mode=block","cache control" "no store, must revalidate","content type" "application/json;charset=utf 8","transfer encoding" "chunked","content encoding" "gzip","vary" "accept encoding","date" "mon, 09 jan 2023 21 20 40 gmt","server" "security console"},"reason" "ok","json body" {"links" \[{},{}],"resources" \["contact admin"]}} get vulnerability retrieve detailed vulnerability findings for a specific asset in rapid7 insight vm using the provided 'id' endpoint url api/3/vulnerabilities/{{id}} method get input argument name type required description path parameters id string required parameters for the get vulnerability action input example {"path parameters" {"id" "ssh default account admin password password"}} output parameter type description status code number http status code of the response reason string response reason phrase added string output field added categories array output field categories cvss object output field cvss cvss links array output field cvss links cvss links href string output field cvss links href cvss links rel string output field cvss links rel cvss v2 object output field cvss v2 cvss v2 accesscomplexity string output field cvss v2 accesscomplexity cvss v2 accessvector string output field cvss v2 accessvector cvss v2 authentication string output field cvss v2 authentication cvss v2 availabilityimpact string output field cvss v2 availabilityimpact cvss v2 confidentialityimpact string unique identifier cvss v2 exploitscore number score value cvss v2 impactscore number score value cvss v2 integrityimpact string output field cvss v2 integrityimpact cvss v2 score number score value cvss v2 vector string output field cvss v2 vector denialofservice boolean output field denialofservice description object output field description description html string output field description html description text string output field description text exploits number output field exploits id string unique identifier output example {"status code" 200,"response headers" {"x frame options" "sameorigin","x ua compatible" "ie=edge,chrome=1","x content type options" "nosniff","x xss protection" "1; mode=block","cache control" "no store, must revalidate","content type" "application/json;charset=utf 8","transfer encoding" "chunked","content encoding" "gzip","vary" "accept encoding","date" "mon, 09 jan 2023 15 07 55 gmt","server" "security console"},"reason" "ok","json body" {"added" "2009 05 12","categories" \["default account","s report download downloads a specified report from rapid7 insight vm using the provided report id and instance id endpoint url api/3/reports/{{report id}}/history/{{instance id}}/output method get input argument name type required description path parameters report id string required parameters for the report download action path parameters instance id string required the identifier of the report instance accepts integer as string and value latest input example {"path parameters" {"report id" 7,"instance id" 37}} output parameter type description status code number http status code of the response reason string response reason phrase file object output field file file file string output field file file file file name string name of the resource output example {"status code" 200,"response headers" {"x frame options" "sameorigin","x ua compatible" "ie=edge,chrome=1","x content type options" "nosniff","x xss protection" "1; mode=block","set cookie" "nexposeccsessionid=acf13c7db78999431b71567100b920767eafddd8; path=/; secure; htt ","cache control" "no store, must revalidate","content type" "text/html;charset=utf 8","transfer encoding" "chunked","content encoding" "gzip","vary" "accept encoding","date" "mon, 09 jan 2023 20 08 40 gmt","connection" "close report generation generates a configured report in rapid7 insight vm using the specified 'id' and returns the instance identifier endpoint url api/3/reports/{{id}}/generate method post input argument name type required description path parameters id number required parameters for the report generation action input example {"path parameters" {"id" 7}} output parameter type description status code number http status code of the response reason string response reason phrase links array output field links links href string output field links href links rel string output field links rel id number unique identifier output example {"status code" 200,"response headers" {"x frame options" "sameorigin","x ua compatible" "ie=edge,chrome=1","x content type options" "nosniff","x xss protection" "1; mode=block","cache control" "no store, must revalidate","content type" "application/json;charset=utf 8","transfer encoding" "chunked","content encoding" "gzip","vary" "accept encoding","date" "mon, 09 jan 2023 20 28 34 gmt","server" "security console"},"reason" "ok","json body" {"links" \[{},{}],"id" 9}} start scan initiates a scan in rapid7 insight vm using specified engine, hosts, and template id, with 'id' as the required path parameter endpoint url api/3/sites/{{id}}/scans method post input argument name type required description path parameters id number required parameters for the start scan action engineid number optional unique identifier hosts array optional parameter for start scan name string optional name of the resource templateid string optional unique identifier input example {"json body" {"engineid" 1,"hosts" \["1 1 1 1"],"name" "scan test 1000","templateid" "full audit without web spider"},"path parameters" {"id" 1}} output parameter type description status code number http status code of the response reason string response reason phrase links array output field links links href string output field links href links rel string output field links rel id number unique identifier output example {"status code" 201,"response headers" {"x frame options" "sameorigin","x ua compatible" "ie=edge,chrome=1","x content type options" "nosniff","x xss protection" "1; mode=block","cache control" "no store, must revalidate","location" "https //10 32 0 199 3780/api/3/scans/3","content type" "application/json;charset=utf 8","transfer encoding" "chunked","content encoding" "gzip","vary" "accept encoding","date" "mon, 09 jan 2023 19 10 31 gmt","server" "security console"},"reason" "created","json body" response headers header description example cache control directives for caching mechanisms no store, must revalidate connection http response header connection close content encoding http response header content encoding gzip content type the media type of the resource application/json;charset=utf 8 date the date and time at which the message was originated mon, 09 jan 2023 16 40 56 gmt location the url to redirect a page to https //10 32 0 199 3780/api/3/scans/3 server information about the software used by the origin server security console set cookie http response header set cookie nexposeccsessionid=acf13c7db78999431b71567100b920767eafddd8; path=/; secure; httponly transfer encoding http response header transfer encoding chunked vary http response header vary accept encoding x content type options http response header x content type options nosniff x frame options http response header x frame options sameorigin x ua compatible http response header x ua compatible ie=edge,chrome=1 x xss protection http response header x xss protection 1; mode=block