- What is Discovered and Monitored
- Event Types
- Settings for Access Credentials
Rapid7 Nexpose API
Scan name, Scanned Host Name, Host OS, Vulnerability category, Vulnerability name, Vulnerability severity, Vulerability CVE Id and Bugtraq Id, Vulnerability CVSS Score, Vulnerability Consequence
In ADMIN > Device Support > Event Types, search for "rapid7" to see the event types associated with this device.
There are no predefined rules for this device.
There are no predefined reports for this device.
- Log into the device manger for your vulnerability scanner with administrative credentials.
- Go to Administration > General > User Configuration, and create a user that FortiSIEM can use to access the device.
- Go to Reports > General > Report Configuration.
- Create a report with the Report Format set to Simple XML Report Version 1.0 or NeXpose XML Report Version 2.0.
FortiSIEM can pull reports only in these formats.
Settings for Rapid7 Nexpose API Access Credentials
Set these Access Method Definition values to allow FortiSIEM to communicate with your device.
|Device Type||Rapid7 NeXpose Security Scanner|
|Access Protocol||Rapid7 NeXpose API|
|Pull Interval (minutes)||60|
|User Name||A user who can access the device over the API|
|Password||The password associated with the user|