Merge remote-tracking branch 'origin/TOML' into TOML

wazuh-notify-go/go.mod

@@ -3,8 +3,6 @@ module wazuh-notify
 go 1.22
 
 require (
+	github.com/BurntSushi/toml v1.4.0
 	github.com/joho/godotenv v1.5.1
-	gopkg.in/yaml.v2 v2.4.0
 )
-
-require github.com/BurntSushi/toml v1.4.0 // indirect

wazuh-notify-go/main.go

@@ -10,10 +10,11 @@ import (
 )
 
 func main() {
+	//Read config file and .env
 	configParams := services.ReadConfig()
-
+	//Parse command line flags
 	inputParams := services.ParseFlags(configParams)
-
+	//Parse wazuh input data from stdin
 	Params := services.ParseWazuhInput(inputParams)
 
 	for _, target := range strings.Split(Params.General.Targets, ", ") {

wazuh-notify-go/services/config.go

@@ -12,12 +12,12 @@ import (
 func ReadConfig() types.Params {
 
 	var configParams types.Params
-
+	//Get Path of executable location
 	baseFilePath, _ := os.Executable()
 	baseDirPath := path.Dir(baseFilePath)
-
+	//Open log file and set first message
 	log.OpenLogFile(baseDirPath)
-
+	//Load .env into environment variables
 	err := godotenv.Load(path.Join(baseDirPath, "../../etc/.env"))
 	if err != nil {
 		log.Log("env failed to load")
@@ -25,7 +25,7 @@ func ReadConfig() types.Params {
 	} else {
 		log.Log("env loaded")
 	}
-
+	//Read config file
 	tomlFile, err := os.ReadFile(path.Join(baseDirPath, "../../etc/wazuh-notify-config.toml"))
 	if err != nil {
 		log.Log("toml failed to load")

wazuh-notify-go/services/flags.go

@@ -7,17 +7,14 @@ import (
 )
 
 func ParseFlags(params types.Params) types.Params {
-
+	//Set command line flags
-	flag.StringVar(&params.Url, "url", "", "is the webhook URL of the Discord server. It is stored in .env.")
 	flag.StringVar(&params.General.Click, "click", params.General.Click, "is a link (URL) that can be followed by tapping/clicking inside the message. Default is https://google.com.")
-	flag.IntVar(&params.Priority, "priority", 0, "is the priority of the message, ranging from 1 (highest), to 5 (lowest). Default is 5.")
 	flag.StringVar(&params.General.Sender, "sender", params.General.Sender+" Golang", "is the sender of the message, either an app name or a person. The default is \"Security message\".")
-	flag.StringVar(&params.Tags, "tags", "", "is an arbitrary strings of tags (keywords), seperated by a \",\" (comma). Default is \"informational,testing,hard-coded\".")
 	flag.StringVar(&params.General.Targets, "targets", params.General.Targets, "is a list of targets to send notifications to. Default is \"discord\".")
-
+	//Get flag values
 	flag.Parse()
 
-	log.Log("params loaded")
+	log.Log("flags loaded")
 
 	return params
 }

wazuh-notify-go/services/wazuhData.go

@@ -13,23 +13,26 @@ import (
 func ParseWazuhInput(params types.Params) types.Params {
 
 	var wazuhData types.WazuhMessage
-
+	//Read stdin
 	reader := bufio.NewReader(os.Stdin)
-
+	//Decode stdin to wazuhData
 	json.NewDecoder(reader).Decode(&wazuhData)
-
+	//Parse tags
 	params.Tags += strings.Join(wazuhData.Parameters.Alert.Rule.Groups, ",")
 
 	params.WazuhMessage = wazuhData
-
+	//Map priority and color based on config
 	for i := range params.PriorityMap {
 		if slices.Contains(params.PriorityMap[i].ThreatMap, wazuhData.Parameters.Alert.Rule.Level) {
+			//Check notify threshold
 			if params.WazuhMessage.Parameters.Alert.Rule.Firedtimes%params.PriorityMap[i].NotifyThreshold != 0 {
 				log.Log("threshold not met")
 				log.CloseLogFile()
 				os.Exit(0)
 			}
+			//Set color based on config map
 			params.Color = params.PriorityMap[i].Color
+			//Check mention threshold
 			if params.WazuhMessage.Parameters.Alert.Rule.Firedtimes >= params.PriorityMap[i].MentionThreshold {
 				params.Mention = "@here"
 			}
@@ -38,7 +41,7 @@ func ParseWazuhInput(params types.Params) types.Params {
 	}
 
 	log.Log("Wazuh data loaded")
-
+	//Filter messages based on rules defined in config
 	Filter(params)
 
 	return params

wazuh-notify-go/targets/discord/discord.go

@@ -11,11 +11,11 @@ import (
 )
 
 func SendDiscord(params types.Params) {
-
+	//Build message content
 	embedDescription := services.BuildMessage(params, "discord", params.MarkdownEmphasis.Discord) +
 		"**Tags:** " + params.Tags + "\n\n" +
 		params.General.Click
-
+	//Build message
 	message := DiscordMessage{
 		Username: params.General.Sender,
 		Content:  params.Mention,
@@ -29,12 +29,12 @@ func SendDiscord(params types.Params) {
 	}
 
 	payload := new(bytes.Buffer)
-
+	//Parse message to json
 	err := json.NewEncoder(payload).Encode(message)
 	if err != nil {
 		return
 	}
-
+	//Send message to webhook
 	_, err = http.Post(os.Getenv("DISCORD_URL"), "application/json", payload)
 	if err != nil {
 		log.Fatalf("An Error Occured %v", err)

wazuh-notify-go/targets/ntfy/ntfy.go

@@ -10,14 +10,14 @@ import (
 )
 
 func SendNtfy(params types.Params) {
-
+	//Create request and build message
 	req, _ := http.NewRequest(
 		"POST",
 		os.Getenv("NTFY_URL"),
 		strings.NewReader(" "+services.BuildMessage(params, "ntfy", params.MarkdownEmphasis.Ntfy)))
 
 	req.Header.Set("Content-Type", "text/markdown")
-
+	//Set headers if not empty
 	if params.General.Sender != "" {
 		req.Header.Add("Title", params.General.Sender)
 	}
@@ -30,6 +30,6 @@ func SendNtfy(params types.Params) {
 	if params.Priority != 0 {
 		req.Header.Add("Priority", strconv.Itoa(params.Priority))
 	}
-
+	//Send request
 	http.DefaultClient.Do(req)
 }

wazuh-notify-go/targets/slack/slack.go

@@ -11,7 +11,7 @@ import (
 )
 
 func SendSlack(params types.Params) {
-
+	//Build message
 	message := SlackMessage{
 		Text: services.BuildMessage(params, "slack", params.MarkdownEmphasis.Slack) +
 			"*Tags:* " + params.Tags + "\n\n" +
@@ -19,12 +19,12 @@ func SendSlack(params types.Params) {
 	}
 
 	payload := new(bytes.Buffer)
-
+	//Parse message to json
 	err := json.NewEncoder(payload).Encode(message)
 	if err != nil {
 		return
 	}
-
+	//Send message to webhook
 	_, err = http.Post(os.Getenv("SLACK_URL"), "application/json", payload)
 	if err != nil {
 		log.Fatalf("An Error Occured %v", err)