You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardexpand all lines: plugins/rapid7_insight_agent/bin/icon_rapid7_insight_agent
+1-1
Original file line number
Diff line number
Diff line change
@@ -6,7 +6,7 @@ from sys import argv
6
6
7
7
Name="Rapid7 Insight Agent"
8
8
Vendor="rapid7"
9
-
Version="3.0.2"
9
+
Version="3.0.3"
10
10
Description="Using the Insight Agent plugin from InsightConnect, you can quarantine, unquarantine and monitor potentially malicious IPs, addresses, hostnames, and devices across your organization"
Copy file name to clipboardexpand all lines: plugins/rapid7_insight_agent/help.md
+1
Original file line number
Diff line number
Diff line change
@@ -461,6 +461,7 @@ Example output:
461
461
462
462
# Version History
463
463
464
+
* 3.0.3 - Updated SDK to the latest version (6.2.5)
464
465
* 3.0.2 - Updated to use latest buildpack to address vulnerabilities | Update `Get Agent Details`: extended output to include `agent` field when no assets are found
465
466
* 3.0.1 - Update 'Get Agent Details' to allow no assets to be returned | SDK bump to latest version
466
467
* 3.0.0 - Update `Get Agent Details` and `Get All Agents by IP` to return the next page token if more pages are available to search | Update `Get Agent Details` to return agent location details | Initial updates for fedramp compliance | Updated SDK to the latest version
Copy file name to clipboardexpand all lines: plugins/rapid7_insight_agent/plugin.spec.yaml
+103-68
Original file line number
Diff line number
Diff line change
@@ -3,77 +3,98 @@ extension: plugin
3
3
products: [insightconnect]
4
4
name: rapid7_insight_agent
5
5
title: Rapid7 Insight Agent
6
-
description: Using the Insight Agent plugin from InsightConnect, you can quarantine, unquarantine and monitor potentially malicious IPs, addresses, hostnames, and devices across your organization
7
-
version: 3.0.2
6
+
description: Using the Insight Agent plugin from InsightConnect, you can quarantine,
7
+
unquarantine and monitor potentially malicious IPs, addresses, hostnames, and devices
- "The agent is used by [Rapid7 InsightIDR](https://www.rapid7.com/products/insightidr/) and [InsightVM](https://www.rapid7.com/products/insightvm/) customers to monitor endpoints."
22
+
- The agent is used by [Rapid7 InsightIDR](https://www.rapid7.com/products/insightidr/)
23
+
and [InsightVM](https://www.rapid7.com/products/insightvm/) customers to monitor
24
+
endpoints.
21
25
requirements:
22
-
- "[Platform API Key](https://docs.rapid7.com/insight/managing-platform-api-keys/)"
23
-
- "Administrator access to InsightIDR"
26
+
- '[Platform API Key](https://docs.rapid7.com/insight/managing-platform-api-keys/)'
27
+
- Administrator access to InsightIDR
24
28
troubleshooting:
25
-
- "If the actions `Get Agent Details` and `Get All Agents by IP` return a `next cursor` value, it is an indication that more pages of data are available to be reviewed. In this instance, it is recommended to run the action multiple times and pass the `next cursor` value, recording all agents found."
29
+
- If the actions `Get Agent Details` and `Get All Agents by IP` return a `next cursor`
30
+
value, it is an indication that more pages of data are available to be reviewed.
31
+
In this instance, it is recommended to run the action multiple times and pass the
- "[Manage Platform API Keys](https://docs.rapid7.com/insight/managing-platform-api-keys/)"
36
+
- '[Manage Platform API Keys](https://docs.rapid7.com/insight/managing-platform-api-keys/)'
30
37
version_history:
31
-
- "3.0.2 - Updated to use latest buildpack to address vulnerabilities | Update `Get Agent Details`: extended output to include `agent` field when no assets are found"
32
-
- "3.0.1 - Update 'Get Agent Details' to allow no assets to be returned | SDK bump to latest version"
33
-
- "3.0.0 - Update `Get Agent Details` and `Get All Agents by IP` to return the next page token if more pages are available to search | Update `Get Agent Details` to return agent location details | Initial updates for fedramp compliance | Updated SDK to the latest version"
34
-
- "2.1.2 - Improve logging | Update SDK"
35
-
- "2.1.1 - `Get All Agents by IP Address`: Fixed issue where action failed when agent did not have a primary address, and extended output to include agent location details | `Get Agent Details`: Extended output to include agent's public IP address and location"
36
-
- "2.1.0 - Updated SDK to the latest version | New action added `Get All Agents by IP Address`"
37
-
- "2.0.1 - Update `Connection Test` to identify if `Region` is incorrect | Update Plugin runtime to version 5"
38
-
- "2.0.0 - Update action `Quarantine Multiple` outputs to Completed and Failed, removed All Operations Successful, replaced output Agent IDs with Hostname"
39
-
- "1.2.0 - New action: `Quarantine Multiple`"
40
-
- "1.1.1 - Quarantine: Fix incorrect behavior for unquarantine when the agent ID is wrong"
41
-
- "1.1.0 - Cloud enabled"
42
-
- "1.0.4 - Add new supported regions for API | Create unit tests for actions Check Agent Status, Quarantine, Get Agent Details"
43
-
- "1.0.3 - Documentation update"
44
-
- "1.0.2 - Fix for a case-sensitive agent hostname"
45
-
- "1.0.1 - Documentation update"
46
-
- "1.0.0 - Initial plugin"
38
+
- 3.0.3 - Updated SDK to the latest version (6.2.5)
39
+
- '3.0.2 - Updated to use latest buildpack to address vulnerabilities | Update `Get
40
+
Agent Details`: extended output to include `agent` field when no assets are found'
41
+
- 3.0.1 - Update 'Get Agent Details' to allow no assets to be returned | SDK bump
42
+
to latest version
43
+
- 3.0.0 - Update `Get Agent Details` and `Get All Agents by IP` to return the next
44
+
page token if more pages are available to search | Update `Get Agent Details` to
description: Agent hostnames to quarantine or unquarantine
262
-
type: "[]string"
283
+
type: '[]string'
263
284
required: true
264
-
example: ["abcdef123", "abcdef123"]
285
+
example: [abcdef123, abcdef123]
265
286
interval:
266
287
title: Interval
267
-
description: Length of time in seconds to try to take action on a device. This is also called Advertisement Period
288
+
description: Length of time in seconds to try to take action on a device.
289
+
This is also called Advertisement Period
268
290
type: int
269
291
default: 604800
270
292
example: 604800
@@ -280,28 +302,32 @@ actions:
280
302
failed:
281
303
title: Failed
282
304
description: List of unsuccessfully quarantined hosts
283
-
type: "[]quarantine_multiple_error"
284
-
example: [{"hostname": "abcdef123", "error": "Hostname could not be found"}]
305
+
type: '[]quarantine_multiple_error'
306
+
example: [{hostname: abcdef123, error: Hostname could not be found}]
285
307
required: false
286
308
completed:
287
309
title: Completed
288
310
description: List of successfully quarantined hosts
289
-
type: "[]string"
290
-
example: ["abcdef123"]
311
+
type: '[]string'
312
+
example: [abcdef123]
291
313
required: false
292
314
get_agent_details:
293
315
title: Get Agent Details
294
-
description: Find and display detailed information about a device. If additional pages of agents are available, the action should be run again with the returned next cursor
316
+
description: Find and display detailed information about a device. If additional
317
+
pages of agents are available, the action should be run again with the returned
318
+
next cursor
295
319
input:
296
320
agent:
297
321
title: Agent
298
-
description: IP address, MAC address, or hostname of the device to get information from
322
+
description: IP address, MAC address, or hostname of the device to get information
323
+
from
299
324
type: string
300
325
required: true
301
326
example: Example-Hostname
302
327
next_cursor:
303
328
title: Next Cursor
304
-
description: The next page cursor to continue an existing query and search additional pages of agents
329
+
description: The next page cursor to continue an existing query and search
330
+
additional pages of agents
305
331
type: string
306
332
required: false
307
333
example: 9de5069c5afe602b2ea0a04b66beb2c0
@@ -314,36 +340,43 @@ actions:
314
340
required: false
315
341
next_cursor:
316
342
title: Next Cursor
317
-
description: The next page cursor, if available, to continue the query and search additional pages of agents
343
+
description: The next page cursor, if available, to continue the query and
344
+
search additional pages of agents
318
345
type: string
319
346
required: false
320
347
example: 9de5069c5afe602b2ea0a04b66beb2c0
321
348
get_all_agents_by_ip:
322
349
title: Get All Agents by IP Address
323
-
description: This action is used to find all agents that share the same public or private IP address and display details about them. If additional pages of agents are available, the action should be run again with the returned next cursor
350
+
description: This action is used to find all agents that share the same public
351
+
or private IP address and display details about them. If additional pages of
352
+
agents are available, the action should be run again with the returned next
353
+
cursor
324
354
input:
325
355
ip_address:
326
356
title: IP Address
327
-
description: The public or private IP address for all the agents to be searched for
357
+
description: The public or private IP address for all the agents to be searched
358
+
for
328
359
type: string
329
360
required: true
330
361
example: 192.168.0.1
331
362
next_cursor:
332
363
title: Next Cursor
333
-
description: The next page cursor to continue an existing query and search additional pages of agents
364
+
description: The next page cursor to continue an existing query and search
Copy file name to clipboardexpand all lines: plugins/rapid7_insight_agent/setup.py
+1-1
Original file line number
Diff line number
Diff line change
@@ -3,7 +3,7 @@
3
3
4
4
5
5
setup(name="rapid7_insight_agent-rapid7-plugin",
6
-
version="3.0.2",
6
+
version="3.0.3",
7
7
description="Using the Insight Agent plugin from InsightConnect, you can quarantine, unquarantine and monitor potentially malicious IPs, addresses, hostnames, and devices across your organization",
0 commit comments