Rapid7 Nexpose Tag Report Setup Guide

Summary: How to set up a tag report in Rapid7 Nexpose.

Rapid7 Nexpose Overview

Rapid7 Nexpose provides vulnerability management software to discover and prioritize vulnerabilities found in your environment. RiskSense supports the Nexpose CSV-formatted tag export report. This report allows the user to import their defined tags from Nexpose to RiskSense.

Rapid7 Nexpose CSV-Formatted Tag Export Report Setup

Log into the Nexpose web application.

Nexpose Tag Report - Login Screen

Navigate to the Reports dashboard and click the blue New button.

Nexpose Tag Report - New Button Location

Enter a report title (e.g., CSV Tag Report-RiskSense) and select the SQL Query Export template from the Export tab.

Nexpose Tag Report - SQL Query Export

Click the Query box. Copy the query from this document’s appendix and paste it into the Define a SQL Query dialog that appears.

Nexpose Tag Report - SQL Query Export Configuration

After pasting the CSV tag query from the appendix, click the Validate button to confirm the query is valid and then click Done.

Nexpose Tag Report - Define a SQL Query

The following screen appears after validating the query and clicking the Done button.

Nexpose Tag Report - SQL Query Export Configuration - Post Validation

Next, schedule the CSV tag export’s run frequency.

Nexpose Tag Report - Schedule Run Frequency

Once the cadence has been established, click either Save & Run the Report or Save the Report.

Nexpose Tag Report - Save and Run the Report

Appendix: Query

WITH custom_tags AS
  (SELECT asset_id, CSV(tag_name ORDER BY tag_name) AS custom_tags
   FROM dim_tag
   JOIN dim_tag_asset USING (tag_id)
   WHERE tag_type = 'CUSTOM'
   GROUP BY asset_id),
location_tags AS
  (SELECT asset_id, CSV(tag_name ORDER BY tag_name) AS location_tags
   FROM dim_tag
   JOIN dim_tag_asset USING (tag_id)
   WHERE tag_type = 'LOCATION'
   GROUP BY asset_id),
owner_tags AS
  (SELECT asset_id, CSV(tag_name ORDER BY tag_name) AS owner_tags
   FROM dim_tag
   JOIN dim_tag_asset USING (tag_id)
   WHERE tag_type = 'OWNER'
   GROUP BY asset_id),
criticality_tags AS
  (SELECT asset_id, CSV(tag_name ORDER BY tag_name) AS criticality_tags
   FROM dim_tag
   JOIN dim_tag_asset USING (tag_id)
   WHERE tag_type = 'CRITICALITY'
   GROUP BY asset_id)
SELECT asset_id,
       ct.custom_tags,
       lt.location_tags,
       ot.owner_tags,
       crt.criticality_tags
FROM dim_asset
LEFT OUTER JOIN custom_tags ct USING (asset_id)
LEFT OUTER JOIN location_tags lt USING (asset_id)
LEFT OUTER JOIN owner_tags ot USING (asset_id)
LEFT OUTER JOIN criticality_tags crt USING (asset_id)