added filter based on description

.github/workflows/golang.yml

@@ -32,3 +32,4 @@ jobs:
         tag_name: Golang-vx.x.x
         files: |
           wazuh-notify-go/wazuh-notify
+          wazuh-notify-go/wazuh-notify-config.toml

wazuh-notify-go/go.mod

@@ -1,6 +1,6 @@
 module wazuh-notify
 
-go 1.22
+go 1.23
 
 require (
 	github.com/BurntSushi/toml v1.4.0

wazuh-notify-go/services/filters.go

@@ -22,4 +22,11 @@ func Filter(params types.Params) {
 			os.Exit(0)
 		}
 	}
+	for _, description := range params.General.ExcludedDescription {
+		if strings.Contains(params.WazuhMessage.Parameters.Alert.FullLog, description) {
+			log.Log("excluded based on description")
+			log.CloseLogFile()
+			os.Exit(0)
+		}
+	}
 }

wazuh-notify-go/types/params.go

@@ -13,12 +13,13 @@ type Params struct {
 }
 
 type General struct {
-	Targets        string `toml:"targets"`
-	FullAlert      string `toml:"full_alert"`
-	ExcludedRules  string `toml:"excluded_rules"`
-	ExcludedAgents string `toml:"excluded_agents"`
-	Sender         string `toml:"sender"`
-	Click          string `toml:"click"`
+	Targets             string   `toml:"targets"`
+	FullAlert           string   `toml:"full_alert"`
+	ExcludedRules       string   `toml:"excluded_rules"`
+	ExcludedAgents      string   `toml:"excluded_agents"`
+	Sender              string   `toml:"sender"`
+	Click               string   `toml:"click"`
+	ExcludedDescription []string `toml:"exclude_descriptions"`
 }
 type PriorityMap struct {
 	ThreatMap        []int `toml:"threat_map"`

wazuh-notify-go/wazuh-notify-config.toml

@@ -14,6 +14,12 @@ full_alert = ""
 excluded_rules = "99999, 00000"
 excluded_agents = "99999"
 
+# Exclude specific rules by string contained in description
+# These settings provide an easier way to disable events from firing the notifiers.
+exclude_descriptions = [
+    ""
+]
+
 # The next 2 settings are used to add information to the messages.
 sender = "Wazuh (IDS)"
 click = "https://documentation.wazuh.com/"