InsightVM Reports

vanessa_villalpando · March 25, 2022, 5:12pm

Anyone know an easy way to remove reports that have never ran in InsightVM? In bulk maybe?

steve_passino · March 28, 2022, 12:35pm

Hi Vanessa,

One way this could be accomplished would be through a script using apiV3. In words, the script would need to do the following:

Determine the list of report id’s that need to be deleted.
The full list of report id’s is provided with the api/3/reports endpoint.
The report history is provided at the api/3/reports/{report id}/history endpoint. If the report has never
run, the resources array from this endpoint will be empty.
Once you have the list if report id’s to delete - then, just read through that list and send a delete to api/3/reports/{report id}

You can interact with the api with many different scripting languages and documentation is available from within your console user interface from the main page using the help drop down in the upper right.

vanessa_villalpando · March 28, 2022, 2:57pm

Thank you steve, is there a video on InsightVM API? I see your steps but I always though API required a software, I see the api documentation where it says :

Specification

An OpenAPI v2 specification (also known as Swagger 2) of this API is available. Tools such as swagger-codegen can be used to generate an API client in the language of your choosing using this specification document.

Download the specification: Download

steve_passino · March 28, 2022, 4:00pm

I am not aware of a video but the following blog post contains more detail : Your Guide to InsightVM’s RESTful API | Rapid7 Blog

Essentially, apiV3 is a full restful api, and is not tied to any one scripting language, so you can communicate with apiV3 with powershell, ruby, python - whatever is most appropriate within your environment.

steve_passino · March 28, 2022, 4:53pm

I am not a developer - but my understanding about the links you referenced (swagger-codegen) is that is something that could be used to build api code to interact with the apiV3 of insightVM. It’s not required to use it in order to interact with the api - it’s just an additional tool available, probably more for building an internal application for multiple teams to use that interacts with apiV3.

As an example, you could have a bash script like the following :

url=https://192.168.0.146:3780/api/3/reports
#Functions
get_login()
{
   echo -n "enter user id : "
   read user
   echo -n "enter password : "
   read -s pass
   str=`echo -n ${user}:${pass}|base64`
}
get_info ()
{
   curl -k -X GET \
     ${url} \
     -u ${user}:${pass} \
     -H 'Cache-Control: no-cache' \
     -H 'Postman-Token: 79be7a21-f156-2ec3-ef47-e5f072ccdd71'
}
#Main
get_login
get_info

Or a ruby script that does the same thing :

#!/usr/bin/env ruby
require 'httparty'
require 'json'
require 'highline/import'

# Defaults: Change to suit your environment.
default_name = 'steve'
default_con = '192.168.0.146'
#
nxconsole = ask('Enter your console IP:  ') { |q| q.default = default_con }
user = ask('Enter your username:  ') { |q| q.default = default_name }
pass = ask('Enter your password:  ') { |q| q.echo = '*' }
#


              auth = {:username => user, :password => pass}
              url = "https://#{nxconsole}:3780/api/3/reports"
              response = HTTParty.get(url,:basic_auth => auth,:verify => false,:timeout => 900)
              parsed = JSON.parse(response.read_body)
              pp parsed

They both do the same thing - but the apiV3 is not tied to any particular scripting language.