wazuh-notify/wazuh-notify-config.yaml

---
#start of yaml

# This is the yaml config file for both the wazuh-ntfy-notifier.py and wazuh-discord-notifier.py.
# The yaml needs to be in the same folder as the wazuh-ntfy-notifier.py and wazuh-discord-notifier.py

targets: "discord, ntfy"
full_message: "discord, ntfy"

# Exclude rules that are listed in the ossec.conf active response definition.

excluded_rules: "5401, 5403"
excluded_agents: "999"

# Priority mapping from 0-15 (Wazuh events: threat levels) to 1-5 ( in notification)
# https://documentation.wazuh.com/current/user-manual/ruleset/rules-classification.html

priority_5: [ 15,14,13,12 ]
priority_4: [ 11,10,9 ]
priority_3: [ 8,7,6 ]
priority_2: [ 5,4 ]
priority_1: [ 3,2,1,0 ]

sender: "Wazuh (IDS)"
click: "https://google.com"


#end of yaml
...
after active-response fixes 2024-05-11 19:59:49 +02:00			`---`
			`#start of yaml`

			`# This is the yaml config file for both the wazuh-ntfy-notifier.py and wazuh-discord-notifier.py.`
			`# The yaml needs to be in the same folder as the wazuh-ntfy-notifier.py and wazuh-discord-notifier.py`

			`targets: "discord, ntfy"`
			`full_message: "discord, ntfy"`

			`# Exclude rules that are listed in the ossec.conf active response definition.`

			`excluded_rules: "5401, 5403"`
			`excluded_agents: "999"`

			`# Priority mapping from 0-15 (Wazuh events: threat levels) to 1-5 ( in notification)`
			`# https://documentation.wazuh.com/current/user-manual/ruleset/rules-classification.html`

			`priority_5: [ 15,14,13,12 ]`
			`priority_4: [ 11,10,9 ]`
			`priority_3: [ 8,7,6 ]`
			`priority_2: [ 5,4 ]`
			`priority_1: [ 3,2,1,0 ]`

			`sender: "Wazuh (IDS)"`
			`click: "https://google.com"`


			`#end of yaml`
			`...`