message builder refactor

2024-05-27 14:16:50 +02:00 · 2024-05-27 14:16:50 +02:00 · 2bc675b150
commit 2bc675b150
parent c6f365ff54
5 changed files with 55 additions and 96 deletions
--- a/wazuh-notify-go/notification/discord.go
+++ b/wazuh-notify-go/notification/discord.go
@ -6,46 +6,17 @@ import (
 	"log"
 	"net/http"
 	"os"
-	"slices"
 	"strconv"
-	"strings"
-	"time"
+	"wazuh-notify/services"
 	"wazuh-notify/types"
 )

 func SendDiscord(params types.Params) {

-	var embedDescription string
-
-	if slices.Contains(strings.Split(params.General.FullAlert, ","), "discord") {
-		fullAlert, _ := json.MarshalIndent(params.WazuhMessage, "", "  ")
-		fullAlertString := strings.ReplaceAll(string(fullAlert), `"`, "")
-		fullAlertString = strings.ReplaceAll(fullAlertString, "{", "")
-		fullAlertString = strings.ReplaceAll(fullAlertString, "}", "")
-		fullAlertString = strings.ReplaceAll(fullAlertString, "[", "")
-		fullAlertString = strings.ReplaceAll(fullAlertString, "]", "")
-		fullAlertString = strings.ReplaceAll(fullAlertString, " ,", "")
-
-		embedDescription = "\n\n ```" +
-			fullAlertString +
-			"```\n\n" +
-			"Priority: " + strconv.Itoa(params.Priority) + "\n" +
-			"Tags: " + params.Tags + "\n\n" +
-			params.General.Click
-	} else {
-		embedDescription = "\n\n" +
-			"**Timestamp: **" + time.Now().Format(time.DateTime) + "\n" +
-			"**Agent:** " + params.WazuhMessage.Parameters.Alert.Agent.Name + "\n" +
-			"**Event id:** " + params.WazuhMessage.Parameters.Alert.Rule.ID + "\n" +
-			"**Rule:** " + params.WazuhMessage.Parameters.Alert.Rule.Description + "\n" +
-			"**Description: **" + params.WazuhMessage.Parameters.Alert.FullLog + "\n" +
-			"**Threat level:** " + strconv.Itoa(params.WazuhMessage.Parameters.Alert.Rule.Level) + "\n" +
-			"**Times fired:** " + strconv.Itoa(params.WazuhMessage.Parameters.Alert.Rule.Firedtimes) +
-			"\n\n" +
+	embedDescription := services.BuildMessage(params, "discord", params.MarkdownEmphasis.Discord) +
 		"**Priority:** " + strconv.Itoa(params.Priority) + "\n" +
 		"**Tags:** " + params.Tags + "\n\n" +
 		params.General.Click
-	}

 	message := types.DiscordMessage{
 		Username: params.General.Sender,
--- a/wazuh-notify-go/notification/ntfy.go
+++ b/wazuh-notify-go/notification/ntfy.go
@ -1,42 +1,21 @@
 package notification

 import (
-	"encoding/json"
 	"net/http"
 	"os"
-	"slices"
 	"strconv"
 	"strings"
-	"time"
+	"wazuh-notify/services"
 	"wazuh-notify/types"
 )

 func SendNtfy(params types.Params) {

-	var payload string
+	req, _ := http.NewRequest(
+		"POST",
+		os.Getenv("NTFY_URL"),
+		strings.NewReader(services.BuildMessage(params, "ntfy", params.MarkdownEmphasis.Ntfy)))

-	if slices.Contains(strings.Split(params.General.FullAlert, ","), "discord") {
-		fullAlert, _ := json.MarshalIndent(params.WazuhMessage, "", "  ")
-		fullAlertString := strings.ReplaceAll(string(fullAlert), `"`, "")
-		fullAlertString = strings.ReplaceAll(fullAlertString, "{", "")
-		fullAlertString = strings.ReplaceAll(fullAlertString, "}", "")
-		fullAlertString = strings.ReplaceAll(fullAlertString, "[", "")
-		fullAlertString = strings.ReplaceAll(fullAlertString, "]", "")
-		fullAlertString = strings.ReplaceAll(fullAlertString, " ,", "")
-
-		payload = "\n\n ```" +
-			fullAlertString +
-			"```"
-	} else {
-		payload = time.Now().Format(time.RFC3339) + "\n\n" +
-			"**Agent:** " + params.WazuhMessage.Parameters.Alert.Agent.Name + "\n" +
-			"**Event id:** " + params.WazuhMessage.Parameters.Alert.Rule.ID + "\n" +
-			"**Description:** " + params.WazuhMessage.Parameters.Alert.Rule.Description + "\n" +
-			"**Threat level:** " + strconv.Itoa(params.WazuhMessage.Parameters.Alert.Rule.Level) + "\n" +
-			"**Times fired:** " + strconv.Itoa(params.WazuhMessage.Parameters.Alert.Rule.Firedtimes) + "\n"
-	}
-
-	req, _ := http.NewRequest("POST", os.Getenv("NTFY_URL"), strings.NewReader(payload))
 	req.Header.Set("Content-Type", "text/markdown")

 	if params.General.Sender != "" {
--- a/wazuh-notify-go/notification/slack.go
+++ b/wazuh-notify-go/notification/slack.go
@ -6,49 +6,18 @@ import (
 	"log"
 	"net/http"
 	"os"
-	"slices"
 	"strconv"
-	"strings"
-	"time"
+	"wazuh-notify/services"
 	"wazuh-notify/types"
 )

 func SendSlack(params types.Params) {

-	var embedDescription string
-
-	if slices.Contains(strings.Split(params.General.FullAlert, ","), "slack") {
-		fullAlert, _ := json.MarshalIndent(params.WazuhMessage, "", "  ")
-		fullAlertString := strings.ReplaceAll(string(fullAlert), `"`, "")
-		fullAlertString = strings.ReplaceAll(fullAlertString, "{", "")
-		fullAlertString = strings.ReplaceAll(fullAlertString, "}", "")
-		fullAlertString = strings.ReplaceAll(fullAlertString, "[", "")
-		fullAlertString = strings.ReplaceAll(fullAlertString, "]", "")
-		fullAlertString = strings.ReplaceAll(fullAlertString, " ,", "")
-
-		embedDescription = "\n\n ```" +
-			fullAlertString +
-			"```\n\n" +
-			"Priority: " + strconv.Itoa(params.Priority) + "\n" +
-			"Tags: " + params.Tags + "\n\n" +
-			params.General.Click
-	} else {
-		embedDescription = "\n\n" +
-			"*Timestamp:* " + time.Now().Format(time.DateTime) + "\n" +
-			"*Agent:* " + params.WazuhMessage.Parameters.Alert.Agent.Name + "\n" +
-			"*Event id:* " + params.WazuhMessage.Parameters.Alert.Rule.ID + "\n" +
-			"*Rule:* " + params.WazuhMessage.Parameters.Alert.Rule.Description + "\n" +
-			"*Description:* " + params.WazuhMessage.Parameters.Alert.FullLog + "\n" +
-			"*Threat level:* " + strconv.Itoa(params.WazuhMessage.Parameters.Alert.Rule.Level) + "\n" +
-			"*Times fired:* " + strconv.Itoa(params.WazuhMessage.Parameters.Alert.Rule.Firedtimes) +
-			"\n\n" +
+	message := types.SlackMessage{
+		Text: services.BuildMessage(params, "slack", params.MarkdownEmphasis.Slack) +
 			"*Priority:* " + strconv.Itoa(params.Priority) + "\n" +
 			"*Tags:* " + params.Tags + "\n\n" +
-			params.General.Click
-	}
-
-	message := types.SlackMessage{
-		Text: embedDescription,
+			params.General.Click,
 	}

 	payload := new(bytes.Buffer)
--- a/wazuh-notify-go/services/init.go
+++ b/wazuh-notify-go/services/init.go
@ -64,6 +64,7 @@ func InitNotify() types.Params {
 	inputParams.General.ExcludedAgents = configParams.General.ExcludedAgents
 	inputParams.General.ExcludedRules = configParams.General.ExcludedRules
 	inputParams.PriorityMap = configParams.PriorityMap
+	inputParams.MarkdownEmphasis = configParams.MarkdownEmphasis

 	wazuhInput()

--- a/wazuh-notify-go/services/messageBuilder.go
+++ b/wazuh-notify-go/services/messageBuilder.go
@ -0,0 +1,39 @@
+package services
+
+import (
+	"encoding/json"
+	"fmt"
+	"slices"
+	"strconv"
+	"strings"
+	"time"
+	"wazuh-notify/types"
+)
+
+func BuildMessage(params types.Params, target string, emphasis string) string {
+
+	if slices.Contains(strings.Split(params.General.FullAlert, ","), target) {
+		fullAlert, _ := json.MarshalIndent(params.WazuhMessage, "", "  ")
+		fullAlertString := strings.ReplaceAll(string(fullAlert), `"`, "")
+		fullAlertString = strings.ReplaceAll(fullAlertString, "{", "")
+		fullAlertString = strings.ReplaceAll(fullAlertString, "}", "")
+		fullAlertString = strings.ReplaceAll(fullAlertString, "[", "")
+		fullAlertString = strings.ReplaceAll(fullAlertString, "]", "")
+		fullAlertString = strings.ReplaceAll(fullAlertString, " ,", "")
+
+		return "\n\n ```" +
+			fullAlertString +
+			"```\n\n"
+	} else {
+		return "\n\n" +
+			fmt.Sprintf("%sTimestamp:%s ", emphasis, emphasis) + time.Now().Format(time.DateTime) + "\n" +
+			fmt.Sprintf("%sAgent:%s ", emphasis, emphasis) + params.WazuhMessage.Parameters.Alert.Agent.Name + "\n" +
+			fmt.Sprintf("%sEvent id:%s ", emphasis, emphasis) + params.WazuhMessage.Parameters.Alert.Rule.ID + "\n" +
+			fmt.Sprintf("%sRule:%s ", emphasis, emphasis) + params.WazuhMessage.Parameters.Alert.Rule.Description + "\n" +
+			fmt.Sprintf("%sDescription:%s ", emphasis, emphasis) + params.WazuhMessage.Parameters.Alert.FullLog + "\n" +
+			fmt.Sprintf("%sThreat level:%s ", emphasis, emphasis) + strconv.Itoa(params.WazuhMessage.Parameters.Alert.Rule.Level) + "\n" +
+			fmt.Sprintf("%sTimes fired:%s ", emphasis, emphasis) + strconv.Itoa(params.WazuhMessage.Parameters.Alert.Rule.Firedtimes) +
+			"\n\n"
+
+	}
+}