Merge remote-tracking branch 'origin/master'

2024-05-18 21:26:23 +02:00 · 2024-05-18 21:26:23 +02:00 · 5fa2bc0338
commit 5fa2bc0338
parent 09329e0bc2 09f26a10dc
4 changed files with 15 additions and 57 deletions
--- a/wazuh-notify-go/notification/discord.go
+++ b/wazuh-notify-go/notification/discord.go
@ -45,45 +45,14 @@ func SendDiscord(params types.Params) {
 			params.Click
 	}

-	var color int
-	var mention string
-
-	switch params.Priority {
-	case 1:
-		color = params.PriorityMaps[4].Color
-		if params.WazuhMessage.Parameters.Alert.Rule.Firedtimes >= params.PriorityMaps[4].MentionThreshold {
-			mention = "@here"
-		}
-	case 2:
-		color = params.PriorityMaps[3].Color
-		if params.WazuhMessage.Parameters.Alert.Rule.Firedtimes >= params.PriorityMaps[3].MentionThreshold {
-			mention = "@here"
-		}
-	case 3:
-		color = params.PriorityMaps[2].Color
-		if params.WazuhMessage.Parameters.Alert.Rule.Firedtimes >= params.PriorityMaps[2].MentionThreshold {
-			mention = "@here"
-		}
-	case 4:
-		color = params.PriorityMaps[1].Color
-		if params.WazuhMessage.Parameters.Alert.Rule.Firedtimes >= params.PriorityMaps[1].MentionThreshold {
-			mention = "@here"
-		}
-	case 5:
-		color = params.PriorityMaps[0].Color
-		if params.WazuhMessage.Parameters.Alert.Rule.Firedtimes >= params.PriorityMaps[0].MentionThreshold {
-			mention = "@here"
-		}
-	}
-
 	message := types.Message{
 		Username: params.Sender,
-		Content:  mention,
+		Content:  params.Mention,
 		Embeds: []types.Embed{
 			{
 				Title:       params.Sender,
 				Description: embedDescription,
-				Color:       color,
+				Color:       params.Color,
 			},
 		},
 	}
--- a/wazuh-notify-go/services/init.go
+++ b/wazuh-notify-go/services/init.go
@ -8,6 +8,7 @@ import (
 	"gopkg.in/yaml.v2"
 	"os"
 	"path"
+	"slices"
 	"strings"
 	"wazuh-notify/log"
 	"wazuh-notify/types"
@ -74,12 +75,20 @@ func wazuhInput() {

 	json.NewDecoder(reader).Decode(&wazuhData)

-	inputParams.Priority = mapPriority()
-
 	inputParams.Tags += strings.Join(wazuhData.Parameters.Alert.Rule.Groups, ",")

 	inputParams.WazuhMessage = wazuhData

+	for i, _ := range configParams.PriorityMaps {
+		if slices.Contains(configParams.PriorityMaps[i].ThreatMap, wazuhData.Parameters.Alert.Rule.Level) {
+			inputParams.Color = inputParams.PriorityMaps[i].Color
+			if inputParams.WazuhMessage.Parameters.Alert.Rule.Firedtimes >= inputParams.PriorityMaps[i].MentionThreshold {
+				inputParams.Mention = "@here"
+			}
+			inputParams.Priority = 5 - i
+		}
+	}
+
 	Filter()

 	log.Log("Wazuh data loaded")
--- a/wazuh-notify-go/services/mapping.go
+++ b/wazuh-notify-go/services/mapping.go
@ -1,22 +0,0 @@
-package services
-
-import "slices"
-
-func mapPriority() int {
-	if slices.Contains(configParams.PriorityMaps[4].ThreatMap, wazuhData.Parameters.Alert.Rule.Level) {
-		return 1
-	}
-	if slices.Contains(configParams.PriorityMaps[3].ThreatMap, wazuhData.Parameters.Alert.Rule.Level) {
-		return 2
-	}
-	if slices.Contains(configParams.PriorityMaps[2].ThreatMap, wazuhData.Parameters.Alert.Rule.Level) {
-		return 3
-	}
-	if slices.Contains(configParams.PriorityMaps[1].ThreatMap, wazuhData.Parameters.Alert.Rule.Level) {
-		return 4
-	}
-	if slices.Contains(configParams.PriorityMaps[0].ThreatMap, wazuhData.Parameters.Alert.Rule.Level) {
-		return 5
-	}
-	return 0
-}
--- a/wazuh-notify-go/types/types.go
+++ b/wazuh-notify-go/types/types.go
@ -10,6 +10,8 @@ type Params struct {
 	FullMessage    string `yaml:"full_message,omitempty"`
 	ExcludedRules  string `yaml:"excluded_rules,omitempty"`
 	ExcludedAgents string `yaml:"excluded_agents,omitempty"`
+	Color          int
+	Mention        string
 	WazuhMessage   WazuhMessage
 	PriorityMaps   []PriorityMap `yaml:"priority_map"`
 }