wazuh-notify/wazuh-notify-go/services/init.go

package services

import (
	"bufio"
	"encoding/json"
	"flag"
	"github.com/joho/godotenv"
	"gopkg.in/yaml.v2"
	"os"
	"path"
	"slices"
	"strings"
	"wazuh-notify/log"
	"wazuh-notify/types"
)

var inputParams types.Params
var configParams types.Params
var wazuhData types.WazuhMessage

func InitNotify() types.Params {
	BaseFilePath, _ := os.Executable()
	BaseDirPath := path.Dir(BaseFilePath)

	log.OpenLogFile(BaseDirPath)

	err := godotenv.Load(path.Join(BaseDirPath, "../../etc/.env"))
	if err != nil {
		log.Log("env failed to load")
		godotenv.Load(path.Join(BaseDirPath, ".env"))
	} else {
		log.Log("env loaded")
	}

	yamlFile, err := os.ReadFile(path.Join(BaseDirPath, "../../etc/wazuh-notify-config.yaml"))
	if err != nil {
		log.Log("yaml failed to load")
		yamlFile, err = os.ReadFile(path.Join(BaseDirPath, "wazuh-notify-config.yaml"))
	}
	err = yaml.Unmarshal(yamlFile, &configParams)
	if err != nil {
		print(err)
	}

	log.Log("yaml loaded")
	configParamString, _ := json.Marshal(configParams)
	log.Log(string(configParamString))

	flag.StringVar(&inputParams.Url, "url", "", "is the webhook URL of the Discord server. It is stored in .env.")
	flag.StringVar(&inputParams.Click, "click", configParams.Click, "is a link (URL) that can be followed by tapping/clicking inside the message. Default is https://google.com.")
	flag.IntVar(&inputParams.Priority, "priority", 0, "is the priority of the message, ranging from 1 (highest), to 5 (lowest). Default is 5.")
	flag.StringVar(&inputParams.Sender, "sender", configParams.Sender, "is the sender of the message, either an app name or a person. The default is \"Security message\".")
	flag.StringVar(&inputParams.Tags, "tags", "", "is an arbitrary strings of tags (keywords), seperated by a \",\" (comma). Default is \"informational,testing,hard-coded\".")
	flag.StringVar(&inputParams.Targets, "targets", "", "is a list of targets to send notifications to. Default is \"discord\".")

	flag.Parse()

	log.Log("params loaded")
	inputParamString, _ := json.Marshal(inputParams)
	log.Log(string(inputParamString))

	inputParams.Targets = configParams.Targets
	inputParams.FullMessage = configParams.FullMessage
	inputParams.ExcludedAgents = configParams.ExcludedAgents
	inputParams.ExcludedRules = configParams.ExcludedRules
	inputParams.PriorityMaps = configParams.PriorityMaps

	wazuhInput()

	return inputParams
}

func wazuhInput() {
	reader := bufio.NewReader(os.Stdin)

	json.NewDecoder(reader).Decode(&wazuhData)

	for i, _ := range configParams.PriorityMaps {
		if slices.Contains(configParams.PriorityMaps[i].ThreatMap, wazuhData.Parameters.Alert.Rule.Level) {
			inputParams.Color = inputParams.PriorityMaps[i].Color
			if inputParams.WazuhMessage.Parameters.Alert.Rule.Firedtimes >= inputParams.PriorityMaps[i].MentionThreshold {
				inputParams.Mention = "@here"
			}
			inputParams.Priority = 5 - i
		}
	}

	inputParams.Tags += strings.Join(wazuhData.Parameters.Alert.Rule.Groups, ",")

	inputParams.WazuhMessage = wazuhData

	Filter()

	log.Log("Wazuh data loaded")
	inputParamString, _ := json.Marshal(inputParams)
	log.Log(string(inputParamString))
}
semi-final python go final 2024-05-09 15:27:45 +02:00			`package services`
go functional mirror added 2024-05-08 01:56:48 +02:00
			`import (`
semi-final python go final 2024-05-09 15:27:45 +02:00			`"bufio"`
			`"encoding/json"`
go functional mirror added 2024-05-08 01:56:48 +02:00			`"flag"`
			`"github.com/joho/godotenv"`
			`"gopkg.in/yaml.v2"`
			`"os"`
file location fix 2024-05-09 17:52:16 +02:00			`"path"`
alot of ifs to loop 2024-05-13 16:03:00 +02:00			`"slices"`
priority + tags fix 2024-05-09 21:00:24 +02:00			`"strings"`
semi-final python go final 2024-05-09 15:27:45 +02:00			`"wazuh-notify/log"`
go functional mirror added 2024-05-08 01:56:48 +02:00			`"wazuh-notify/types"`
			`)`

semi-final python go final 2024-05-09 15:27:45 +02:00			`var inputParams types.Params`
go functional mirror added 2024-05-08 01:56:48 +02:00			`var configParams types.Params`
semi-final python go final 2024-05-09 15:27:45 +02:00			`var wazuhData types.WazuhMessage`
go functional mirror added 2024-05-08 01:56:48 +02:00
semi-final python go final 2024-05-09 15:27:45 +02:00			`func InitNotify() types.Params {`
fix path 2024-05-09 23:19:59 +02:00			`BaseFilePath, _ := os.Executable()`
			`BaseDirPath := path.Dir(BaseFilePath)`
import fix 2024-05-09 23:20:52 +02:00
fix path 2024-05-09 23:19:59 +02:00			`log.OpenLogFile(BaseDirPath)`
file location fix 2024-05-09 17:52:16 +02:00
fix path 2024-05-09 23:19:59 +02:00			`err := godotenv.Load(path.Join(BaseDirPath, "../../etc/.env"))`
go functional mirror added 2024-05-08 01:56:48 +02:00			`if err != nil {`
semi-final python go final 2024-05-09 15:27:45 +02:00			`log.Log("env failed to load")`
fix path 2024-05-09 23:19:59 +02:00			`godotenv.Load(path.Join(BaseDirPath, ".env"))`
semi-final python go final 2024-05-09 15:27:45 +02:00			`} else {`
			`log.Log("env loaded")`
go functional mirror added 2024-05-08 01:56:48 +02:00			`}`

fix path 2024-05-09 23:19:59 +02:00			`yamlFile, err := os.ReadFile(path.Join(BaseDirPath, "../../etc/wazuh-notify-config.yaml"))`
file location fix 2024-05-09 17:52:16 +02:00			`if err != nil {`
			`log.Log("yaml failed to load")`
fix path 2024-05-09 23:19:59 +02:00			`yamlFile, err = os.ReadFile(path.Join(BaseDirPath, "wazuh-notify-config.yaml"))`
file location fix 2024-05-09 17:52:16 +02:00			`}`
mentions added priority map refactor 2024-05-13 14:44:32 +02:00			`err = yaml.Unmarshal(yamlFile, &configParams)`
			`if err != nil {`
			`print(err)`
			`}`
yaml update 2024-05-08 15:09:35 +02:00
semi-final python go final 2024-05-09 15:27:45 +02:00			`log.Log("yaml loaded")`
log improve 2024-05-09 23:27:21 +02:00			`configParamString, _ := json.Marshal(configParams)`
			`log.Log(string(configParamString))`
semi-final python go final 2024-05-09 15:27:45 +02:00
			`flag.StringVar(&inputParams.Url, "url", "", "is the webhook URL of the Discord server. It is stored in .env.")`
yaml update 2024-05-08 15:09:35 +02:00			`flag.StringVar(&inputParams.Click, "click", configParams.Click, "is a link (URL) that can be followed by tapping/clicking inside the message. Default is https://google.com.")`
go functional mirror added 2024-05-08 01:56:48 +02:00			`flag.IntVar(&inputParams.Priority, "priority", 0, "is the priority of the message, ranging from 1 (highest), to 5 (lowest). Default is 5.")`
yaml update 2024-05-08 15:09:35 +02:00			`flag.StringVar(&inputParams.Sender, "sender", configParams.Sender, "is the sender of the message, either an app name or a person. The default is \"Security message\".")`
go functional mirror added 2024-05-08 01:56:48 +02:00			`flag.StringVar(&inputParams.Tags, "tags", "", "is an arbitrary strings of tags (keywords), seperated by a \",\" (comma). Default is \"informational,testing,hard-coded\".")`
			`flag.StringVar(&inputParams.Targets, "targets", "", "is a list of targets to send notifications to. Default is \"discord\".")`

			`flag.Parse()`
semi-final python go final 2024-05-09 15:27:45 +02:00
file location fix 2024-05-09 17:52:16 +02:00			`log.Log("params loaded")`
log improve 2024-05-09 23:27:21 +02:00			`inputParamString, _ := json.Marshal(inputParams)`
			`log.Log(string(inputParamString))`

wazuh reader 2024-05-09 12:24:44 +02:00			`inputParams.Targets = configParams.Targets`
exclude rules added full message added 2024-05-10 14:23:54 +02:00			`inputParams.FullMessage = configParams.FullMessage`
			`inputParams.ExcludedAgents = configParams.ExcludedAgents`
			`inputParams.ExcludedRules = configParams.ExcludedRules`
mentions added priority map refactor 2024-05-13 14:44:32 +02:00			`inputParams.PriorityMaps = configParams.PriorityMaps`
semi-final python go final 2024-05-09 15:27:45 +02:00
priority + tags fix 2024-05-09 21:00:24 +02:00			`wazuhInput()`

semi-final python go final 2024-05-09 15:27:45 +02:00			`return inputParams`
			`}`

			`func wazuhInput() {`
			`reader := bufio.NewReader(os.Stdin)`

			`json.NewDecoder(reader).Decode(&wazuhData)`

alot of ifs to loop 2024-05-13 16:03:00 +02:00			`for i, _ := range configParams.PriorityMaps {`
			`if slices.Contains(configParams.PriorityMaps[i].ThreatMap, wazuhData.Parameters.Alert.Rule.Level) {`
			`inputParams.Color = inputParams.PriorityMaps[i].Color`
			`if inputParams.WazuhMessage.Parameters.Alert.Rule.Firedtimes >= inputParams.PriorityMaps[i].MentionThreshold {`
			`inputParams.Mention = "@here"`
			`}`
			`inputParams.Priority = 5 - i`
			`}`
			`}`
priority + tags fix 2024-05-09 21:00:24 +02:00
			`inputParams.Tags += strings.Join(wazuhData.Parameters.Alert.Rule.Groups, ",")`
semi-final python go final 2024-05-09 15:27:45 +02:00
			`inputParams.WazuhMessage = wazuhData`
log improve 2024-05-09 23:27:21 +02:00
exclude rules added full message added 2024-05-10 14:23:54 +02:00			`Filter()`

log improve 2024-05-09 23:27:21 +02:00			`log.Log("Wazuh data loaded")`
			`inputParamString, _ := json.Marshal(inputParams)`
			`log.Log(string(inputParamString))`
go functional mirror added 2024-05-08 01:56:48 +02:00			`}`