Slackbot to automate ad-hoc scanning and reporting in InsightVM.
Clone or download

InsightVM Slack Bot



Slackbot to automate ad-hoc scanning and reporting in insightvm. In Slack, simply send a message like @insightvm_bot scan and see the bot schedule the scan, run it, and report back the results. You can also just set up a direct chat with the bot if you don't want to spam your channel. Use the same syntax to schedule a scan. The scan targets must match how they are intered in the site config (IPs or Hostnames).

Getting Started

Create A Bot In Slack

This guide sums bot creation up pretty simply.


# Scan Single IP/Hostname (as defined in site config)
@nexpose_bot scan

# Scan Multipe IPs/Hostnames (up to 5)
@nexpose_bot scan
@nexpose_bot scan,

# Scan An Asset That Is In Multiple Sites (pick the one you want asset to be scanned as)
@nexpose_bot scan site id:123

# Scan a full site
@nexpose_bot scan site 123

# Submit a false positive
@nexpose_bot fp apache-httpd-cve-2017-15710

Installation and Development

Set up virtual environment

git clone
cd insightvm_slackbot
virtualenv -p /usr/bin/python3 .venv
source .venv/bin/activate
pip install -r requirements/common.txt
# For Dev
pip install -r requirements/dev.txt

Install helpers package

python install

Update credentials and options for the bot.

cd keys/
cp secrets.json.empty secrets.json
vim secrets.json

All values are required.

log_level higher is LESS verbose. Must be 1-5 inclusive. log_location is the path/to/logfile where you want to log. workers is the way that we rate limit scans initiated by the bot. Use this setting to limit the number of concurrent scans the bot can invoke.



Or As A Service

# Create a symlink
cd /lib/systemd/system/
ln -s /path/to/insightvm_bot/insightvm-bot.service insightvm-bot.service
cd -
chown root:root /lib/systemd/system/insightvm-bot.service
systemctl daemon-reload

# Enable / disable at startup
systemctl enable insightvm-bot
systemctl disable insightvm-bot

# Service commands
systemctl status insightvm-bot
systemctl restart insightvm-bot
systemctl start insightvm-bot
systemctl stop insightvm-bot


  • Validate user has insightvm access (to site/asset) - may require global admin user as slackbot.