I am trying to setup a side by side comparison with our current logging solution. I am unable to update log4net to the latest version (2.0.8) without breaking our current solution. This page https://docs.logentries.com/docs/log4net has slightly different instructions form this page https://insightops.help.rapid7.com/docs/log4net If I use the R7Insight.Log4net then logging to Insight Ops works but breaks our current solution, using logentries.log4net does not work for Insight Ops but our current solution does work. The R7Insights package requires log4net 2.0.8. Is there a way to use the logentries.log4net package to send logs to Insight Ops?
Posted by Nathanael Ness 4 days ago
Hi, When I create a custom campaign on metasploit pro, Adding a USB Key with the default name clickme.exe, when I launch the campaign and double click on clickme.exe, nothing happens and findings doesn't show if I ran that file like how a phishing campaign works. What am I missing here?
Posted by Mike Nia 4 days ago
Hi everyone, I tried several times to use NeXpose but I am stuck at the WebUI which is loading indefinitely. I just have the dashboard and I can't click anywhere. It's "loading sites/scans/groups" but I have nothing since it's the first time I use NeXpose. I have followed the installation guide and selected both scan engine and security console to be installed. I cannot find any errors in the logs. The only weird things is that: - sudo systemctl start nexposeconsole is OK - sudo systemctl start nexposeconsole is KO sudo systemctl start nexposeengine Failed to start nexposeengine.service: Unit nexposeengine.service not found. That is the only clue I have... Someone has faced a similar issue? Best regards, C-137
Posted by gabriel corre 7 days ago
Hi, I am in the process of migrating our current scanning solution to InsightVM. In our present system, we use attributes such as - KNOWNAS\SERVERA - This field is in case the server name is not captured Device Function - Function of the server. I planned to use custom tags for this, is there anyway bulk update servers with individual tags? Thanks
Posted by Bruce Taylor 7 days ago
Our Exchange admin has a concern regarding high CPU utilization for WinPrvSE.exe *32. I couldn't find anything in the documentation that the Nexpose scanning engines would affect this but, I need to confirm to rule it out as there are several possible causes for high CPU load for this. Im 99% sure its not caused by our scanning, just want anyone else's opinion
Posted by kevin Lowrie 9 days ago
We are scanning K8s nodes using the agent to detect container usage. It turns out that the churn of hosts in the QA environment is causing my licensed endpoint count to inflate. At any one time, I have about 200 nodes, however I have thousands in my agent counts. Can I do something on the host during tear down to tell Rapid7 that agent is going away?
Posted by ekelson 10 days ago
I'm doing my first scan and I'm getting an error in the log that says: 2019-07-11T20:54:15 [WARN] [Thread: Scan 4] [Site: Test Site 1] XML protocol fingerprint is not schema compliant: javax.xml.stream.XMLStreamException: org.xml.sax.SAXParseException; lineNumber: 12; columnNumber: 42; cvc-complex-type.4: Attribute 'value' must appear on element 'Param'. It dies after that. I'm only scanning a single host. This is on Windows 10, on a workstation connected to the same LAN as the host in question. In the console, the final error is: Failed (java.io.IOException: The Nmap exit value is not zero: -1073741819 at com.rapid7.nexpose.scan.nmap.Nmap.start(Unknown Source) at com.rapid7.nexpose.scan.nmap.Nmap.run(Unknown Source) at com.rapid7.nexpose.scan.Scan.start(Unknown Source) at com.rapid7.nexpose.scan.Scan.run(Unknown Source) at java.lang.Thread.run(Thread.java:748) )
Posted by Tim Dressel 11 days ago
Hi, For some reason i dont get the right reports when i scan machines for CIS policy compliance. For example the Windows Server 2016 Level one member server. The scan is a succes, but when i generate a report, it does not show the right output. It shows compliance rules for RHEL 6 and 7, while they are defently not selected? Any suggestions would be nice. Thanks!
Posted by ymen 11 days ago
I'm trying to create a Powershell script to login to and logout of a Nexpose connection using the Restful API V3 but I'm struggling with the credentials (always get 401 which eventually locks me out of the console). The script will have to run automatically so interactive login is no good. Does anyone have a working Powershell script so that I can see how to get it working?
Posted by Peter McGranaghan 12 days ago
Has anyone successfully implemented dynamic discovery either through LDAP or DHCP? LDAP appears to be limited in scope since it required a connection for each OU and DHCP does not seem to be working under "directory watch" or "syslog".
Posted by marcos marcal 12 days ago
Hi, I am faced with this conundrum where Vormetric (LSOF utility) is blocking Rapid7 agents installed on our mysql servers. This tends to generate a lot of noise and has forced us to disable the agents on the servers. However, we need to have these agents running to scan for vulnerabilities. Is there a way to configure the agents to ignore accessing specific directories/filesystems? Has anyone come across is this issue and how was it resolved? Eagerly anticipating help. Cheers, Michael
Posted by Michael Damanka 14 days ago