I have an api user. The user has been given access to a report. The api call to view the report works. When I make the api call to generate the report, I get back a 404 "The resource does not exist or access is prohibited." https://help.rapid7.com/insightvm/en-us/api/index.html#operation/generateReport What needs to be done to allow the user access to generate the report?
Posted by Barry Coleman 4 months ago
When I am scanning the error showed is: Failed (java.io.IOException: The Nmap exit value is not zero: -1073741819 at com.rapid7.nexpose.scan.nmap.Nmap.start(Unknown Source) at com.rapid7.nexpose.scan.nmap.Nmap.run(Unknown Source) at com.rapid7.nexpose.scan.Scan.start(Unknown Source) at com.rapid7.nexpose.scan.Scan.run(Unknown Source) at java.lang.Thread.run(Thread.java:748) )
Posted by akarsh 4 months ago
Maybe there is a really simple way to do this and I have just missed it, but is there a way to edit the legend and not have it just be the query used for the graphing? Functionally it can be a bit difficult for other users to determine which visualizations represent what.
Posted by Andre McLean 4 months ago
Hello, The "SQL Query Export" template isn't there when I go to create a report logged in as a global administrator. How do I enable it? We're running version 6.5.66 Enterprise Edition. Here's our license details: --------------------------------------- LICENSE DETAILS View information about your current license, such as how many Scan Engines you can use and how many assets you can see. License status Activated Expiration xxxxxxx Max. scan engines 2 Licensed assets 256 Max. assets w/hosted engine 0 SCADA scanning - Discovery scanning - PCI reporting Enabled Web application scanning Enabled Policy scanning Enabled Policy Manager - Perpetual License Enabled FDCC scanning - USGCB scanning - CIS scanning - DISA scanning - Custom policy scanning - Policy Editor - Customizable CSV Export - Advanced reporting - Multi-tenancy - Scan Engine Pool - Adaptive Security - Dynamic Discovery - Virtual Scanning - Mobile -
Posted by hlwilliams 4 months ago
Hi Rapid7 team I am Khoa. Current, I install metasploit for a bank in windows server 2012 . I installed and ran but when I update new version of metasploit, it errored service “metasploit Pro Service”. Current. This service not start and not writed log error to file therefore I did’t searched error. I don’t fix this error and i installed old version. How to fix this error when I update new version ?
Posted by Khoa Duy 4 months ago
where( /4624/ OR /4625/ OR /4678/ OR /4769/ OR /4776/ OR /4672/ AND destination_account != "idr_admin") I am trying to eliminate the idr_admin account from the results, but when I run it, I still have that account listed in the returned results. What am I missing?
Posted by Kerry LeBlanc 4 months ago
Hello, I am trying to send test emails from Metasploit Pro Social Engineering campaign. I'm using SendGrid. What are the settings for SendGrid? smtp.sendgrid.net? For host and domain (both smtp.sendgrid.net)? When I try that I get a "connection timeout error." I'm using my SendGrid username and password from their website. Like my normal login. So what should I enter for SendGird connected to Metasploit Pro? Please reply. Thanks
Posted by Mike Held 4 months ago
For CIS version 1.0.0 the check looks like 1. Ensure 'logoff' is 'Equals' to 'AUDIT_SUCCESS' This variable is used in Rule "(L1) Ensure 'Audit Logoff' is set to 'Success'" -> "Ensure 'logoff' is 'Equals' to 'AUDIT_SUCCESS' is AUDIT_SUCCESS Example: But for CIS version 1.1.0 the checks looks like 1. Ensure 'logoff' is 'Equals' to 'AUDIT_SUCCESS_FAILURE' This variable is used in Rule "(L1) Ensure 'Audit Logoff' is set to 'Success'" -> "Ensure 'logoff' is 'Equals' to 'AUDIT_SUCCESS_FAILURE' is AUDIT_SUCCESS Example: 2. Ensure 'logoff' is 'Equals' to 'AUDIT_SUCCESS' This variable is used in Rule "(L1) Ensure 'Audit Logoff' is set to 'Success'" -> "Ensure 'logoff' is 'Equals' to 'AUDIT_SUCCESS' is Example: The QUESTION here is why if you setup 'Audit Logoff' to 'Success' for CIS version 1.0.0 the policy report shows the rule as passed but for CIS version 1.1.0 the rule failed? Why there are 2 checks in the CIS version 1.1.0 policy? How can you ensure that the result is passed for CIS version 1.1.0? Thank you in advance
Posted by Adrian Borlea 4 months ago
I cannot believe i have to ask this of an enterprise platform, but I see no way to report on progress of a remediation effort. Take BlueKeep for example: vulnerable assets are Server 2008r2 and below and Windows 7 and below. I know how many assets I have that fit this criteria (for example 100) and I know how many of them are still vulnerable (for example 10). I see no way to report on the percentage of assets that have been remediated (90%) so i can report it up to management. Projects are worthless because it only reports on assets that are currently vulnerable and not assets in my environment that have the potential to be vulnerable and have already been remediated. am i wrong?
Posted by MARC HIEMER 4 months ago
Hi Fairly new to InsightIDR so apologies if I'm missing something. I have set up an ActiveSync & OWA Event Source according the tutorial in the help section, and it is running OK, but I want to check it is actually working. I can't see anything in the Raw Logs. It has been running now for around 2 hours. I have OWA disabled by default so was wondering if an alert would be triggered if I attempted to connect to it multiple times ?? Or does it not work like that ? Activesync is turned on so I would expect to see something here. There are logs in the folder that I have specified and the folder is shared out with the same credentials as was set in the Event Source. I also have a similar issue with a event source on my Kaspersky security centre. Thats been running OK for 2 weeks but no logs ? I feel I am missing something ?? Thanks Matthew
Posted by Matthew Hinchliffe 4 months ago
Hi, After getting a meterpreter session I type IRB, but instead of getting: "The 'client' variable hold the Meterpreter client", I get: "you are in the "client" (session) object. Thus, I can't interact with the user! Would love to get any help from you guys.. thanks! :)
Posted by Uri Binah 4 months ago