Merge remote-tracking branch 'origin/master'

wazuh-notify-go/notification/discord.go

@@ -45,45 +45,14 @@ func SendDiscord(params types.Params) {
 			params.Click
 	}
 
-	var color int
-	var mention string
-
-	switch params.Priority {
-	case 1:
-		color = params.PriorityMaps[4].Color
-		if params.WazuhMessage.Parameters.Alert.Rule.Firedtimes >= params.PriorityMaps[4].MentionThreshold {
-			mention = "@here"
-		}
-	case 2:
-		color = params.PriorityMaps[3].Color
-		if params.WazuhMessage.Parameters.Alert.Rule.Firedtimes >= params.PriorityMaps[3].MentionThreshold {
-			mention = "@here"
-		}
-	case 3:
-		color = params.PriorityMaps[2].Color
-		if params.WazuhMessage.Parameters.Alert.Rule.Firedtimes >= params.PriorityMaps[2].MentionThreshold {
-			mention = "@here"
-		}
-	case 4:
-		color = params.PriorityMaps[1].Color
-		if params.WazuhMessage.Parameters.Alert.Rule.Firedtimes >= params.PriorityMaps[1].MentionThreshold {
-			mention = "@here"
-		}
-	case 5:
-		color = params.PriorityMaps[0].Color
-		if params.WazuhMessage.Parameters.Alert.Rule.Firedtimes >= params.PriorityMaps[0].MentionThreshold {
-			mention = "@here"
-		}
-	}
-
 	message := types.Message{
 		Username: params.Sender,
-		Content:  mention,
+		Content:  params.Mention,
 		Embeds: []types.Embed{
 			{
 				Title:       params.Sender,
 				Description: embedDescription,
-				Color:       color,
+				Color:       params.Color,
 			},
 		},
 	}

wazuh-notify-go/services/init.go

@@ -8,6 +8,7 @@ import (
 	"gopkg.in/yaml.v2"
 	"os"
 	"path"
+	"slices"
 	"strings"
 	"wazuh-notify/log"
 	"wazuh-notify/types"
@@ -74,12 +75,20 @@ func wazuhInput() {
 
 	json.NewDecoder(reader).Decode(&wazuhData)
 
-	inputParams.Priority = mapPriority()
-
 	inputParams.Tags += strings.Join(wazuhData.Parameters.Alert.Rule.Groups, ",")
 
 	inputParams.WazuhMessage = wazuhData
 
+	for i, _ := range configParams.PriorityMaps {
+		if slices.Contains(configParams.PriorityMaps[i].ThreatMap, wazuhData.Parameters.Alert.Rule.Level) {
+			inputParams.Color = inputParams.PriorityMaps[i].Color
+			if inputParams.WazuhMessage.Parameters.Alert.Rule.Firedtimes >= inputParams.PriorityMaps[i].MentionThreshold {
+				inputParams.Mention = "@here"
+			}
+			inputParams.Priority = 5 - i
+		}
+	}
+
 	Filter()
 
 	log.Log("Wazuh data loaded")

wazuh-notify-go/services/mapping.go

@@ -1,22 +0,0 @@
-package services
-
-import "slices"
-
-func mapPriority() int {
-	if slices.Contains(configParams.PriorityMaps[4].ThreatMap, wazuhData.Parameters.Alert.Rule.Level) {
-		return 1
-	}
-	if slices.Contains(configParams.PriorityMaps[3].ThreatMap, wazuhData.Parameters.Alert.Rule.Level) {
-		return 2
-	}
-	if slices.Contains(configParams.PriorityMaps[2].ThreatMap, wazuhData.Parameters.Alert.Rule.Level) {
-		return 3
-	}
-	if slices.Contains(configParams.PriorityMaps[1].ThreatMap, wazuhData.Parameters.Alert.Rule.Level) {
-		return 4
-	}
-	if slices.Contains(configParams.PriorityMaps[0].ThreatMap, wazuhData.Parameters.Alert.Rule.Level) {
-		return 5
-	}
-	return 0
-}

wazuh-notify-go/types/types.go

@@ -10,6 +10,8 @@ type Params struct {
 	FullMessage    string `yaml:"full_message,omitempty"`
 	ExcludedRules  string `yaml:"excluded_rules,omitempty"`
 	ExcludedAgents string `yaml:"excluded_agents,omitempty"`
+	Color          int
+	Mention        string
 	WazuhMessage   WazuhMessage
 	PriorityMaps   []PriorityMap `yaml:"priority_map"`
 }