Rapid7

• Prerequisites
• Setup Instructions
  • Step 1: Configure Rapid7 Collector
  • Step 2: Configure Destination in Datable
• Configuration Options
• Troubleshooting
  • Events Not Appearing
  • Connection Issues
• Support

Send security events and logs to Rapid7 InsightIDR for threat detection and incident response.

Prerequisites

• Rapid7 InsightIDR account
• Collector token or API key

Setup Instructions

Step 1: Configure Rapid7 Collector

1. In InsightIDR, set up a Custom Log collector
2. Generate or retrieve the collector token
3. Note the data endpoint

Step 2: Configure Destination in Datable

1. Navigate to Destinations in Datable
2. Select Rapid7
3. Provide configuration:
   • Destination Name: A descriptive name
   • Collector Token: Your Rapid7 token
   • Region: Rapid7 region endpoint
   • Log Set: Target log set name
4. Click Save

Configuration Options

• Event Format: JSON or CEF format
• Timestamp Format: Configure time field
• Custom Fields: Map additional fields
• Compression: Enable compression

Troubleshooting

Events Not Appearing

• Verify collector token is valid
• Check region endpoint is correct
• Review log set configuration

Connection Issues

• Confirm network connectivity
• Check firewall rules
• Verify TLS configuration

Support

For additional support with the Rapid7 integration, please contact the Datable support team.