Rapid7 Nexpose Warehouse

  • Updated on Feb 13, 2025
  • Published on Mar 8, 2022
  • 3 minute(s) read
Prev Next

Rapid7 Nexpose Warehouse fetches device information directly from an external data warehouse.

Types of Assets Fetched

This adapter fetches the following types of assets:

  • Devices

Parameters

  1. PostgreSQL Server (required) - The hostname of the Rapid7 Nexpose PostgreSQL server.
  2. Port (required, default: 5432) - The port used for the connection.
  3. Database (required) - The name of the database.
  4. User Name and Password (required) - The credentials for a user account that has the permissions to fetch assets.
  5. Do not fetch devices with no MAC address and no hostname - Select whether to exclude fetching devices without MAC address and without hostname.
    • If enabled, Axonius will only fetch devices having MAC address or hostname.
    • If disabled, Axonius will fetch devices even if those do not have MAC address and no hostname.
  6. Enable SSL (optional) - Toggle on to enable SSL connection. You can upload custom certificates including Root Certificate File, Client Certificate File, or Client Private Key File.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

connection parameters


Advanced Settings

Note:

Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

  1. Use psycopg2 (optional) - Select whether to use Psycopq 2.
  2. Vulnerabilities severity value include list (optional) - Enter one or more comma-separated vulnerability severity values to include in the fetch.
  3. Parse Rapid7 tags as fields (optional) - Select to parse Rapid7 tags as fields.
  4. Keep large raw fields (optional) - Select to include large raw fields in the fetch.
  5. Exclude devices without IP, hostname and MAC address - Select this option to exclude devices with no MAC address, no hostname and no IP address from the fetch. If the devices have none of these fields it is not fetched.
  6. Exclude devices without last seen and hostname - Select this option to exclude devices in which Last Seen and hostname information is unavailable.
  7. Assets to fetch - By default Axonius fetches data about all asset types. Clear asset types that you don't want to fetch. Devices are always fetched and if no values are selected all assets are fetched.
  8. Fetch Solution Fix - Toggle on to fetch the solution fix for the vulnerabilities fetched.
  9. Fetch Remediation Date when available - Toggle on to fetch the Remediation Date information for each vulnerability belonging to an asset when the date is available.
    • When Fetch Remediation Date when available is selected, the Remediated vulnerabilities comparison date option appears. You can choose a date to limit how many days back the query for Vulnerability Remediation checks.
    • When Fetch Remediation Date when available is selected, the Remediated vulnerabilities comparison days option appears. You can set the number of days in the past to check for remediated dates on vulnerabilities.
  10. Enable complex query fetch - Toggle on this option to enable the adapter to utilize complex queries to fetch data from the database. This reduces overall memory consumption of the adapter.
  11. Only fetch Vulnerabilities seen on devices in the last X number of day(s) - Enter a number of days. This setting enables the system to fetch only vulnerabilities that were seen on devices by Rapid7 Nexpose Warehouse in the number of days set. This allows the system to pull a recent history of the devices' vulnerabilities rather than the entire system history every fetch. This option is only enabled when Enable complex query fetch is enabled.
  12. Parse vulnerabilities only from successful fetch - Select this to only parse vulnerability assets if their fetch is successful. If the fetch partially or completely fails, only vulnerabilities from the last successful fetch are parsed.
  13. Insert both CVE and Plugin as vulnerable software - Select this option to parse each CVE ID and plugin ID in the vulnerability as vulnerable software.
Note:

To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.

Troubleshooting

Make sure you perform monthly maintenance and tuning on your On-Premise Rapid7 Postgresql database as explained by Rapid7. This ensures optimzed Axonius fetch performance.


Related articles