wazuh reader

2024-05-09 12:24:44 +02:00 · 2024-05-09 12:24:44 +02:00 · d3bf7caff3
commit d3bf7caff3
parent 45c767a9ce
3 changed files with 85 additions and 0 deletions
--- a/wazuh-notify-go/init.go
+++ b/wazuh-notify-go/init.go
@ -31,4 +31,5 @@ func initNotify() {
 	flag.StringVar(&inputParams.Targets, "targets", "", "is a list of targets to send notifications to. Default is \"discord\".")

 	flag.Parse()
+	inputParams.Targets = configParams.Targets
 }
--- a/wazuh-notify-go/main.go
+++ b/wazuh-notify-go/main.go
@ -1,15 +1,27 @@
 package main

 import (
+	"bufio"
+	"encoding/json"
+	"os"
 	"strings"
 	"wazuh-notify/notification"
 	"wazuh-notify/types"
 )

 var inputParams types.Params
+var wazuhData types.WazuhMessage

 func main() {
 	initNotify()
+
+	reader := bufio.NewReader(os.Stdin)
+
+	json.NewDecoder(reader).Decode(&wazuhData) //todo for later
+
+	text, _ := reader.ReadString('\n') //todo for testing
+	inputParams.Message = text
+
 	for _, target := range strings.Split(inputParams.Targets, ",") {
 		switch target {
 		case "discord":
--- a/wazuh-notify-go/types/wazuh.go
+++ b/wazuh-notify-go/types/wazuh.go
@ -0,0 +1,72 @@
+package types
+
+type WazuhMessage struct {
+	Version    int        `json:"version"`
+	Origin     Origin     `json:"origin"`
+	Command    string     `json:"command"`
+	Parameters Parameters `json:"parameters"`
+}
+
+type Origin struct {
+	Name   string `json:"name"`
+	Module string `json:"module"`
+}
+
+type Parameters struct {
+	ExtraArgs []interface{} `json:"extra_args"`
+	Alert     Alert         `json:"alert"`
+	Program   string        `json:"program"`
+}
+
+type Alert struct {
+	Timestamp string  `json:"timestamp"`
+	Rule      Rule    `json:"rule"`
+	Agent     Agent   `json:"agent"`
+	Manager   Manager `json:"manager"`
+	ID        string  `json:"id"`
+	FullLog   string  `json:"full_log"`
+	Decoder   Decoder `json:"decoder"`
+	Data      Data    `json:"data"`
+	Location  string  `json:"location"`
+}
+
+type Rule struct {
+	Level       int      `json:"level"`
+	Description string   `json:"description"`
+	ID          string   `json:"id"`
+	Mitre       Mitre    `json:"mitre"`
+	Info        string   `json:"info"`
+	Firedtimes  int      `json:"firedtimes"`
+	Mail        bool     `json:"mail"`
+	Groups      []string `json:"groups"`
+	PciDss      []string `json:"pci_dss"`
+	Gdpr        []string `json:"gdpr"`
+	Nist80053   []string `json:"nist_800_53"`
+	Tsc         []string `json:"tsc"`
+}
+
+type Mitre struct {
+	ID        []string `json:"id"`
+	Tactic    []string `json:"tactic"`
+	Technique []string `json:"technique"`
+}
+
+type Agent struct {
+	ID   string `json:"id"`
+	Name string `json:"name"`
+}
+
+type Manager struct {
+	Name string `json:"name"`
+}
+
+type Decoder struct {
+	Name string `json:"name"`
+}
+
+type Data struct {
+	Protocol string `json:"protocol"`
+	Srcip    string `json:"srcip"`
+	ID       string `json:"id"`
+	URL      string `json:"url"`
+}