API Docs Developer Portal System Status Try for Free

Rapid7 InsightIDR

Efficiently integrate Rapid7 InsightIDR API for incident management with Squadcast - Streamline incident response and enhance collaboration.

Rapid7 InsightIDR is your security center for incident detection and response, authentication monitoring, and endpoint visibility. InsightIDR identifies unauthorized access from external and internal threats and highlights suspicious activity so you don’t have to weed through thousands of data streams.

Route detailed monitoring alerts from Rapid7 InsightIDR to the right users in Squadcast.

How to integrate Rapid7 InsightIDR with Squadcast

In Squadcast: Using Rapid7 InsightIDR as an Alert Source

  1. Navigate to Services -> Service Overview -> select or search for your Service. Expand the accordion -> In the Alert Sources section, click Add.

2. Select Rapid7 InsightIDR. Copy the displayed Webhook URL to configure it within Rapid7 InsightIDR. Finish by clicking Add Alert Source -> Done.

Important:

When an alert source turns Active, it’ll show up under Configured Alert Sources. You can either generate a test alert from the integration or wait for a real-time alert to be generated by the Alert Source. An Alert Source is active if there is a recorded incident via that Alert Source for the Service.

In Rapid7 InsightIDR: Create a Squadcast Webhook

Configure your Universal Webhook Data Exporter

  1. From your InsightIDR dashboard, select Data Collection on the left-hand menu

  2. When the Data Collection page appears, click the Setup Event Source drop-down and choose Add Event Source

  3. From the Security Data section, click the Data Exporter icon

The Add Event Source panel appears

  • Choose your Collector and select Universal Webhook for Data Exporter. Give the Event Source a meaningful name

  • Paste the previously copied Squadcast URL under the URL

  • If the secret is not already provided, enter the Secret field

  • There is no requirement by Squadcast to add any Additional Headers

  • Enable the checkbox option Alerts under Data Export Types

  • Click Save

That is it, you are good to go! Now, whenever there is an alert in the Rapid7 InsightIDR, an incident will be triggered in Squadcast for the same.

FAQ

Q: If an alert gets resolved in Rapid7 InsightIDR, does it send auto-resolve signals to Squadcast?

A: No, Rapid7 InsightIDR does not send auto-resolve signals for resolved alerts to Squadcast. Hence, Squadcast incidents from Rapid7 InsightIDR should be resolved manually.

Have any other questions? Ask the community.

PreviousPRTG Network MonitorNextRapidSpike

Last updated