Queries for the Rapid7InsightVMCloudAssets table

For information on using these queries in the Azure portal, see Log Analytics tutorial. For the REST API, see Query.

Rapid7 InsightVM Cloud Assets

Summarizes Rapid7 assets.

source  
| project
    TimeGenerated                  = now(),
    AssessedForPolicies            = tobool(assessed_for_policies),
    AssessedForVulnerabilities     = tobool(assessed_for_vulnerabilities),
    CredentialAssessments          = tostring(credential_assessments),
    CriticalVulnerabilities        = todouble(critical_vulnerabilities),
    Exploits                       = todouble(exploits),
    HostName                       = tostring(host_name),
    Id                             = tostring(id),
    Ip                             = tostring(ip),
    LastAssessedForVulnerabilities = todatetime(last_assessed_for_vulnerabilities),
    LastScanEnd                    = todatetime(last_scan_end),
    LastScanStart                  = todatetime(last_scan_start),
    Mac                            = tostring(mac),
    MalwareKits                    = todouble(malware_kits),
    ModerateVulnerabilities        = todouble(moderate_vulnerabilities),
    New                            = tostring(new),
    OsArchitecture                 = tostring(os_architecture),
    OsDescription                  = tostring(os_description),
    OsFamily                       = tostring(os_family),
    OsName                         = tostring(os_name),
    OsSystemName                   = tostring(os_system_name),
    OsType                         = tostring(os_type),
    OsVendor                       = tostring(os_vendor),
    OsVersion                      = tostring(os_version),
    Remediated                     = tostring(remediated),
    RiskScore                      = todouble(risk_score),
    Same                           = tostring(same),
    SevereVulnerabilities          = todouble(severe_vulnerabilities),
    Tags                           = tostring(tags),
    TotalVulnerabilities           = todouble(total_vulnerabilities),
    UniqueIdentifiers              = tostring(unique_identifiers),
    AssetType                      = tostring(type)