InsightCloudSec Docs

Welcome to the InsightCloudSec Docs!

InsightCloudSec by Rapid7 (formerly DivvyCloud) is a Cloud-Native Security Platform that provides real-time analysis and automated remediation for continuous security and compliance for your multi-cloud environment.

For questions reach out to us through [email protected].

Take Me to the Docs!    Release Notes

Bots - FAQ & Quick Reference

How do I create a Bot?

Bots can be created in one of three ways:

What permissions do I need to create a Bot?

In order to create Bots, basic users will require "Editor" or "Admin" rights under Permissions Entitlements.

  • If you only have "View" permissions, your Bot inherits your permissions and will not be able to take any lifecycle actions (e.g., start, stop, edit, etc.) on resources.
  • If you have "Modify" permissions, some additional actions are available.
  • In order to "Delete", specific delete permissions are required.

Check out the full User Entitlements Matrix.

How do I copy an existing Bot?

  • Locate the Bot you are interested in copying, open the Bot by clicking on the name from the Bot Listing page, and in the details, copy the “Bot Configuration” JSON code.

  • In BotFactory open the “templates” capability and paste the JSON you just copied from the previous Bot Configuration to make a copy of the previous Bot.

How do I remove a Bot?

You can select “Archive” from the Actions menu next to the name of an individual Bot. You can also select multiple Bots from the Bot Listing page and select the trash icon to archive multiple Bots at once.

What does archiving do?

Archiving permanently disables a Bot. The Bot’s history and metadata are retained, but scheduled events and noncompliance data are purged.

How do I see a Bot's recent actions?

From the Bot listing page, click on the name of the Bot you want to review and select the “Audit” tab. This displays a log, in the form of an API trail, of actions your selected Bot has taken. Audit shows successful and failed actions and who initiated the action.

What happens to a Bot (or Bots) if the cloud account is removed from InsightCloudSec?

These Bots are not automatically deleted (there is no way for InsightCloudSec to automatically check for changes like this).

  • These Bots will remain active and operate on their defined schedules but return 0 resource results.
  • Customers will need to pause or delete these Bots manually.

What happens to a Bot if the linked Insight is edited?

For example if an additional filter is added...

  • The Bot configuration will automatically update to include the new filter.
  • The Bot will continue to run.

What happens to a Bot if the linked Insight is deleted?

When the Insight is deleted, a message will appear showing any linked Bots.
Associated Bots will be put into a paused state.

Updated about a month ago

Bots - FAQ & Quick Reference

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.