klein-projects/wazuh-notify
2
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases 2 Wiki Activity

ntfy change

Browse Source
This commit is contained in:
Darius 2024-05-27 13:59:28 +02:00
parent 9a1f982ea6
commit c6f365ff54
2 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
wazuh-notify-config.toml
View File

@ -24,26 +24,31 @@ click = "https://documentation.wazuh.com/"
[[priority_map]] [[priority_map]]
threat_map = [15, 14, 13, 12] threat_map = [15, 14, 13, 12]
mention_threshold = 1 mention_threshold = 1
notify_threshold = 1
color = 0xec3e40 # Red, SEVERE color = 0xec3e40 # Red, SEVERE
[[priority_map]] [[priority_map]]
threat_map = [11, 10, 9] threat_map = [11, 10, 9]
mention_threshold = 1 mention_threshold = 1
notify_threshold = 1
color = 0xff9b2b # Orange, HIGH color = 0xff9b2b # Orange, HIGH
[[priority_map]] [[priority_map]]
threat_map = [8, 7, 6] threat_map = [8, 7, 6]
mention_threshold = 5 mention_threshold = 5
notify_threshold = 5
color = 0xf5d800 # Yellow, ELEVATED color = 0xf5d800 # Yellow, ELEVATED
[[priority_map]] [[priority_map]]
threat_map = [5, 4] threat_map = [5, 4]
mention_threshold = 20 mention_threshold = 20
notify_threshold = 5
color = 0x377fc7 # Blue, GUARDED color = 0x377fc7 # Blue, GUARDED
[[priority_map]] [[priority_map]]
threat_map = [3, 2, 1, 0] threat_map = [3, 2, 1, 0]
mention_threshold = 20 mention_threshold = 20
notify_threshold = 5
color = 0x01a465 # Green, LOW color = 0x01a465 # Green, LOW
################ End of priority mapping ################################## ################ End of priority mapping ##################################

12
wazuh-notify-go/notification/ntfy.go
View File

@ -29,15 +29,15 @@ func SendNtfy(params types.Params) {
"```" "```"
} else { } else {
payload = time.Now().Format(time.RFC3339) + "\n\n" + payload = time.Now().Format(time.RFC3339) + "\n\n" +
"Agent: " + params.WazuhMessage.Parameters.Alert.Agent.Name + "\n" + "**Agent:** " + params.WazuhMessage.Parameters.Alert.Agent.Name + "\n" +
"Event id: " + params.WazuhMessage.Parameters.Alert.Rule.ID + "\n" + "**Event id:** " + params.WazuhMessage.Parameters.Alert.Rule.ID + "\n" +
"Description: " + params.WazuhMessage.Parameters.Alert.Rule.Description + "\n" + "**Description:** " + params.WazuhMessage.Parameters.Alert.Rule.Description + "\n" +
"Threat level: " + strconv.Itoa(params.WazuhMessage.Parameters.Alert.Rule.Level) + "\n" + "**Threat level:** " + strconv.Itoa(params.WazuhMessage.Parameters.Alert.Rule.Level) + "\n" +
"Times fired: " + strconv.Itoa(params.WazuhMessage.Parameters.Alert.Rule.Firedtimes) + "\n" "**Times fired:** " + strconv.Itoa(params.WazuhMessage.Parameters.Alert.Rule.Firedtimes) + "\n"
} }
req, _ := http.NewRequest("POST", os.Getenv("NTFY_URL"), strings.NewReader(payload)) req, _ := http.NewRequest("POST", os.Getenv("NTFY_URL"), strings.NewReader(payload))
req.Header.Set("Content-Type", "text/plain") req.Header.Set("Content-Type", "text/markdown")
if params.General.Sender != "" { if params.General.Sender != "" {
req.Header.Add("Title", params.General.Sender) req.Header.Add("Title", params.General.Sender)