InsightConnect Documentation

Plugins

Learn more about plugins

Plugins are integrations built by the InsightConnect team. They include built-in parameters for configuration. View a list of your existing plugins on the "Plugins" page in the "Settings" section, and import as many as your security stack requires.

Plugins can include triggers, actions, and connection types. These are pre-built and only require that you configure connections or variables.

How to Use Plugins

Refer to this page to learn more about adding plugins to your workflows.

Most Popular Plugins

Out of our 240+ plugins, some are more commonly used. Read more about these here.

Full List of Plugins

InsightConnect supports 242 plugins and counting:

  • AWS Athena
  • AWS CloudTrail
  • AWS CloudWatch
  • AWS EC2
  • AWS IAM
  • AWS Inspector
  • AWS S3
  • AWS SQS
  • AbuseIPDB
  • Active Directory LDAP
  • Amazon Web Services
  • Awk
  • Azure Compute
  • BHR
  • Barracuda Web Application Firewall
  • Base64
  • Basename
  • Bitbucket
  • Blockade
  • Bluecoat Labs
  • Box
  • CEF
  • CRITs
  • CSV
  • Cacador
  • Carbon Black Defense
  • Carbon Black Live Response
  • Carbon Black Protection
  • Cb Response
  • Chaosreader
  • Checkpoint Sand Blast
  • Cisco Firepower
  • Cisco ISE
  • Cisco Umbrella Enforcement
  • Cisco Umbrella Investigate
  • Cloud Shark
  • CloudLock
  • Collective Intelligence Framework
  • Compression
  • Confluence
  • Cortex
  • Craigslist
  • Cuckoo Sandbox
  • Cymon
  • Cymru #totalhash
  • Datetime
  • Diff
  • Dig
  • Digital Ocean
  • Dirname
  • Docker Engine
  • DomainTools
  • Dumbno
  • Duo Admin API
  • Duo Auth API
  • Dynamo DB
  • EC2 Investigations
  • EML
  • ElastAlert
  • Elasticsearch
  • ExtractIt
  • FTP
  • Facebook Threat Exchange
  • Finger
  • Foremost
  • FreeGeoIP
  • FreeIPA
  • FullContact
  • GeoIP2 Precision
  • Get URL
  • GitHub
  • GitHub Enterprise
  • GitLab
  • Gmail API
  • Google Apps Admin
  • Google Cloud Compute
  • Google Cloud Pub Sub
  • Google Directory
  • Google Drive
  • Google Rapid Response
  • Google Safe Browsing
  • Google Search
  • Grafana
  • Graphite
  • Grep
  • HTML
  • HashIt
  • HaveIBeenPwned
  • HipChat
  • Hybrid Analysis
  • IBM BigFix
  • ICSI Certificate Notary
  • IDNA
  • IMAP
  • IPInfo
  • IPIntel
  • IPStack
  • IPify
  • Ifconfig.co
  • Imperva SecureSphere
  • InfluxDB
  • JIRA
  • JQ
  • JSON
  • JSON Edit
  • Jenkins
  • Kafka
  • Kolide
  • Komand
  • LastPass Enterprise
  • Logstash
  • MAC Address Vendor Lookup
  • MISP
  • MalwareConfig
  • Malwr
  • Markdown
  • Math
  • McAfee ESM
  • McAfee ePO
  • Meraki
  • Microsoft Exchange
  • Microsoft SCCM
  • MxToolBox DNS
  • MyIP
  • NFS
  • Netmiko
  • Network Total
  • New Relic
  • Nexpose Enterprise
  • Nmap
  • NumVerify
  • OSSEC
  • OTRS
  • Office 365
  • Office365 Admin
  • Okta
  • OpenVAS
  • PDF Generator
  • PDF Reader
  • PagerDuty
  • Palo Alto PAN-OS
  • Palo Alto Wildfire
  • PassiveTotal
  • Pastebin
  • Phabricator
  • PhishMe Intelligence
  • PhishTank
  • Ping
  • Port Knocking
  • PowerShell
  • Presto
  • Proofpoint URL Defense
  • Python 2 Script
  • Python 3 Script
  • QRadar Security Intelligence Platform
  • Qualys Policy Compliance (PC) Scans
  • Qualys Reports
  • Qualys SSL Labs
  • Qualys Security Content Automation Protocol (SCAP) Scans
  • Qualys Vulnerability Management Scans
  • REST
  • RPM
  • RSS
  • Rapid7 InsightOps
  • Rapid7 InsightVM
  • Rapid7 Metasploit
  • Rapid7 Vulnerability & Exploit Database
  • Recorded Future
  • Red Canary
  • Redhat Security Advisories
  • Redis
  • Request Tracker
  • Resilient Incident
  • SHAttered
  • SMTP Mailer
  • SQL
  • SQLmap
  • SSH
  • Screenshot Machine
  • Sed
  • Sentry
  • ServiceNow
  • Shodan
  • Sketchify
  • Slack
  • Sleep
  • Snort Labs IP Reputation
  • Sophos Central
  • Sophos XG Firewall
  • Splunk
  • Statsd
  • Subnet
  • Sumo Logic
  • Symantec Business Critical Services
  • Syslog Forwarder
  • Syslog Listener
  • TSV
  • Tcpdump
  • Tcpxtract
  • Team Cymru ASN
  • Team Cymru Bogon
  • Team Cymru MHR
  • Tenable Nessus
  • TenableIO
  • TheHive
  • Threat Connect
  • Threat Crowd
  • Threat Miner
  • Threat Quotient
  • Threat Stack
  • Timers
  • Tr
  • Traceroute
  • Trello
  • TruffleHog
  • Try Bro
  • Tshark
  • Twilio
  • Twitter
  • Type Converter
  • Typo Squatter
  • URL Expander
  • URL Extractor
  • UUID
  • Uniq
  • Unshorten.me
  • VMRay Sandbox
  • Viper
  • VirusTotal
  • VirusTotal Yara
  • VxStream Sandbox
  • Wazuh OSSEC
  • Whois
  • WordPress
  • ZenHub
  • Zendesk
  • ZeuS Tracker
  • minFraud
  • p0f
  • urlQuery
  • urlscan.io

Plugins


Learn more about plugins

Suggested Edits are limited on API Reference Pages

You can only suggest edits to Markdown body content, but not to the API spec.