Skip to main content

runZero

Visualize runZero (previously called Rumble) organizations, users, and assets, map users to employees, discover vulnerable OS assets, and monitor changes through queries and alerts.

Installation

info

For this integration, you can configure the runZero integration using either an Account API Key or a single Export Token. The Export Token has more limited read-only permissions which will limit the data that is collected in JupiterOne.

Configuration in runZero

For this integration, you can configure the runZero integration using either an Account API Key or a single Export Token. The Export Token has more limited read-only permissions which will limit the data that is collected in JupiterOne.

API Key method

This method is recommended for instances where there are multiple organizations that you wish to ingest data into JupiterOne. It also provides a larger set of ingested entities than solely using an Export Token. You must have a runZero Enterprise License to utilize this method.

To configure this integration via API key, follow the below instructions:

Account API Key Generation

  1. Navigate to the runZero Console.
  2. In the navigation bar, go to Account.
  3. On the Account page under the Account API keys section, click Generate API Key.
  4. A new Account API Key will be created. Copy this key as it will be used in JupiterOne.

Export Token Generation

Next, you'll need to generate an export token for each organization whose assets, services, and wireless data you want to include in the JupiterOne graph. The integration will automatically collect these tokens if they are present. Organizations without export tokens will not have assets, services, or wireless data ingested.

  1. Navigate to the runZero Console
  2. In the navigation bar, go to Organizations
  3. Click on the organization in which you want to create an Export Token
  4. Press the Generate Export Token button.
  5. Repeat for all organizations whose data you want to ingest.

Export Token method

This method is typically suggested if there is only a single organization for which you intend to populate data into JupiterOne.

If you wish to utilize an Export Token rather than use API credentials, ensure that you have admin access to the runZero organization and follow the below steps for obtaining your Export Token for use with JupiterOne.

To generate the Export Token:

  1. Navigate to the runZero Console
  2. In the navigation bar, go to Organizations
  3. Click on the organization in which you want to create an Export Token
  4. Press the Generate Export Token button.
  5. Copy your Export Token for use in JupiterOne

Configuration in JupiterOne

To install the runZero integration in JupiterOne, navigate to the Integrations tab in JupiterOne and select runZero. Click New Instance to begin configuring your integration.

Creating a configuration requires the following:

  • The Account Name used to identify the runZero account in JupiterOne. Ingested entities will have this value stored in tag.AccountName when the AccountName toggle is enabled.

  • Description to assist in identifying the integration instance, if desired.

  • Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as DISABLED and manually execute the integration.

  • Lastly, depending on your authentication preference, input either of the following credentials:

    • For configuring the integration with an Account API Key then put the key in the runZero Account API Key field.
    • For configuring the integration with an Export Token, provide the token in the Export Token field.

Click Create once all values are provided to finalize the integration.

Next steps

Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.