I am new to Rapid7 Agents, and currently I have deployed R7 Agents on 3000 workstations, and we have more than 2 million vulnerabilities. But whenever I prepare a report, it maxes out my MS Excel, as Excel only supports 1048576 rows.
Is there an easy way to prepare a report from Rapid7 with agents? I tried to prepare the four asset dynamic groups, but it did not work out as IP is Dynamic.
My plan was to create three Tags based on a list of 1000 workstations each and then use them to export the report. Is this the right approach? The only concern I have is whether these Tags are static in nature or dynamic?
Tomorrow, if the remediation team fixes vulnerabilities on the workstation, So the snapshot will be updated under tags and ultimately reflect the correct vulnerability count on my report?
What report are you trying to run would be the first question. I assume given the count that youre running something like the basic vulberability checks in which case i would not suggest to try and export the entire database like that.
Realistically i would say a better thing to do is figure out why you need to export that info? For example, who is that report going to? Do they actually need all of the info or just the aggregated counts, etc.
@john_hartman We use a custom template that gives us six columns: IP,hostname, CVSS score, vulnerability title , proof, and solution.
Remediation managers want to see complete information in one single report for workstations. Then he disseminated that report based on CVSSV3 to the critical,high medium, and low to SCCM teams to resolve these vulnerabilities.
So we have to provide the complete report for workstation. Let me know if I missed your question.
So with that in mind then I would suggest keeping with your original idea of creating Tags to break up the amount of systems per report. Tags can absolutely be dynamic in nature if you give them dynamic criteria. Click Create > Dynamic Asset Group which will take you to the filtered asset search page. From there, create your filters and hit search and verify that the assets returned are what you expect. Now just click “ADD TAGS” and designate your tags. Using this method gives the tag dynamic criteria on whatever your search criteria was.
Given that you are trying to export ALL vulnerabilities per every asset in that group I assume there’s going to be some tweaking to get the counts right but there’s several different ways to create those groups either by subnet, OS type, geographic region, etc
