I am trying the InsightVM in our environment. The console installed without any issues and its local scan engine is working.
I tried installing a distributed scan engine in another network. Used the same installer and selected ‘scan engine only’. During the setup I provided the ID and shared secret. Did the ‘test connection’ and it succeeded. I installed it with the engine to console option.
After waiting a little the machine containing my scan engine showed up under Rapid7 Insight agents but it never shows up as scan engine. Obviously I am not able to add a site to it.
I ran the post installation engine to console afterwards which tells me it is connected but did not make any difference.
Any advise would be appreciated
I now see that the scan engine does show up in https://insight.rapid7.com/, but it still does not show in my local security console. The insight portal tells me to run ‘pair to platform …’. When I run that in the command console it tells me it is not a valid command.
The steps listed on these guides are really what you need for the Scan Engine deployment
I suggest you start testing this Distributed Scan engine deployment of yours by selecting to use Engine-to-Console communication method. For me that’s the fastest setup I can work with.
Going back to your entry, seems like you’ve done it well if the testing during the Engine installation succeeded. What communication direction did you selected tho?
After your engine installation, make sure the service is running as expected → systemctl status nexposeengine.service
Note: Make sure the communication requirement is in place.
Then wait for a couple of minutes (2mins perhaps) then it should appear in your IVM Security Console under Administration > Engines > Manage > Scan Engines. The scan engine name need some modification the first time it reported to the console though. You can edit that name however you want. See below:
Hope that helps a little.
did you do this part? I always forget this:
consoles.xml file generated on your Scan Engine host in the previous step contains an entry for the Security Console that added the Scan Engine. You must enable the console to complete the pairing.
Hi Pete an Nowel,
Thanks for the replies. I did check the consoles.xml and the certficate in it was empty. I installed the scan engine again, same issue.
I think the issue was that I did not yet configure a hostname and port forward for insightvm to access the scan console on my network. Even though the distributed scan engine was able to access the console on port 40815.
After making sure InsightVM can connect to the local scan console webinterface I reinstalled the scan engine again and now it shows up in my console .