Hi All,
Is it possible to export all detection rules from InsightIDR?
I’m not looking for all info out of them but being able to export name / LEQL query would be handy for some reporting.
I think the leql is not possible:
You should be able to do it via the API for the basic rule from what I can see here: SIEM | © Rapid7
If you raise a support ticket we should be able to provide an export
David
Nice, this is super helpful. Do you know if any plans to do similar with the MITRE ATTACK mapping page? This would be great
This is something we would like to deliver at some stage, but it is not on the near to medium term roadmap.