0x221E/siem-integrations
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Patch: Disable example wazuh request

Browse Source
This commit is contained in:
0x221E
2026-01-28 13:16:45 +01:00
parent ff493fd8eb
commit cb461b53a5
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
custom-iris.py
View File

@@ -23,7 +23,7 @@ def main():
alert_json = json.load(f)
except Exception as e:
sys.exit(1)
"""
alert_json = {
"timestamp": "2026-01-28T10:15:10.292+0000",
"rule": {
@@ -67,19 +67,19 @@ def main():
"name": "wazuh.manager"
},
"id": "1769595310.407300",
"full_log": "43.138.192.98 - - [28/Jan/2026:10:15:09 +0000] \"GET /wp-json/ HTTP/1.1\" 404 181 \"-\" \"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36\"",
"full_log": " - - [28/Jan/2026:10:15:09 +0000] \"GET /wp-json/ HTTP/1.1\" 404 181 \"-\" \"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/\"",
"decoder": {
"name": "web-accesslog"
},
"data": {
"protocol": "GET",
"srcip": "43.138.192.98",
"srcip": "43.*.*.*",
"id": "404",
"url": "/wp-json/"
},
"location": "/var/log/nginx/access.log"
}
"""
client = iris_api.IrisClient(hook_url, api_key)
processor = alert.AlertProcessor()
formatted_alert = processor.process(alert_json)