- Overview
- Configuration
Rapid7
Integrate ADManager Plus with Rapid7 InsightIDR for Enhanced Active Directory Security and Incident Management
SEIM Identity provisioning
Rapid7 InsightIDR is a comprehensive security information and event management (SIEM) solution designed to provide organizations with real-time visibility into their IT environments.Integrate ADManager Plus with Rapid7 InsightIDR to facilitate log forwarding for the analysis and detection of anomalies, threats, vulnerabilities, and other security issues within your Active Directory environment.
Incident management
Log, track, and resolve incidents and reduce downtime quickly and efficiently with a centralized console that offers real-time reporting and monitoring.
Configuration steps
- Log in to your InsightIDR account.
- On the left pane, click the Data Collection tab.
- Navigate to the Event Sources tab and click Add Event Source.
- Select Custom Logs under Raw Data and enter a suitable name for the event source.
- Click the Listen On Network Port option to configure the port number and protocol. Select TCP as the protocol and specify a unique port number and click Save.
In ADManager Plus,
- Navigate to the Admin tab.
- Under System Settings, click Integrations.
- Click Rapid7 located under Log Forwarding.
- Enter the server name and port number configured in Rapid7 InsightIDR in the respective fields and select TCP as the protocol.
- Once done, click Save.