diff --git a/source/user-manual/manager/manual-integration.rst b/source/user-manual/manager/manual-integration.rst
index 8dba82d668..b12244c721 100644
--- a/source/user-manual/manager/manual-integration.rst
+++ b/source/user-manual/manager/manual-integration.rst
@@ -28,7 +28,12 @@ The integrations are configured on the Wazuh manager ``ossec.conf`` file. You ca
+
+
+
+
+
@@ -51,7 +56,14 @@ The following considerations must be taken into account when the filters are set
.. note::
It is recommended to carefully check the groups and rule identifiers mentioned above, as defining them incorrectly will result in expected alerts not being sent to the integration.
-The full configuration reference for the Integrator daemon can be found :ref:`here `.
+You can find the full configuration reference for the Integrator daemon in the :ref:`Integration ` section of our Reference guide.
+
+Optional settings
+^^^^^^^^^^^^^^^^^
+
+The `Integrator` daemon uses the `optional settings` fields to tailor the integration behavior.
+
+You can find the full configuration reference for the Integrator daemon in the :ref:`Integration ` section of our Reference guide.
Slack
-----
@@ -74,7 +86,7 @@ To set up this integration, follow these steps.
.. note::
- You can set a JSON object with customization fields using the :ref:`options ` tag. Visit the `Slack API reference `__ for information about available customization fields.
+ You can set a JSON object with customization fields using the ``options`` tag. Visit the `Slack API reference `__ for information about available customization fields.
#. Restart the Wazuh manager to apply the changes.
@@ -111,7 +123,7 @@ To set up this integration, do the following.
.. note::
- You can set a JSON object with customization fields using the :ref:`options ` tag. Visit the `PagerDuty API reference `__ for information about available customization fields.
+ You can set a JSON object with customization fields using the ``options`` tag. Visit the `PagerDuty API reference `__ for information about available customization fields.
#. Restart the Wazuh manager to apply the changes.
@@ -179,7 +191,7 @@ To set up this integration, do the following.
.. note::
- You can set a JSON object with customization fields using the :ref:`options ` tag. Visit the `Shuffle API reference `__ for information about available customization fields.
+ You can set a JSON object with customization fields using the ``options`` tag. Visit the `Shuffle API reference `__ for information about available customization fields.
#. Restart the Wazuh manager to apply the changes.
diff --git a/source/user-manual/reference/ossec-conf/integration.rst b/source/user-manual/reference/ossec-conf/integration.rst
index c5fa4fb1c0..3d8240bb9e 100644
--- a/source/user-manual/reference/ossec-conf/integration.rst
+++ b/source/user-manual/reference/ossec-conf/integration.rst
@@ -1,7 +1,7 @@
.. Copyright (C) 2015, Wazuh, Inc.
.. meta::
- :description: Learn how to configure the manager to connect Wazuh to external APIs. Check out the options, optional filters, and configuration examples.
+ :description: Learn how to configure the manager to connect Wazuh to external APIs. Check out the options, optional filters, optional settings, and configuration examples.
.. _reference_ossec_integration:
@@ -56,6 +56,19 @@ This is the key that you would have retrieved from the PagerDuty, VirusTotal, or
| **Allowed values** | PagerDuty/VirusTotal/Maltiverse Api key |
+--------------------+-----------------------------------------+
+alert_format
+^^^^^^^^^^^^
+
+This writes the alert file in the JSON format, which the Integrator uses to fetch fields values.
+
++--------------------+-----------------------------------------------------------+
+| **Default value** | n/a |
++--------------------+-----------------------------------------------------------+
+| **Allowed values** | json |
++--------------------+-----------------------------------------------------------+
+
+.. note:: Set this option as ``json`` for Slack, VirusTotal, Shuffle, and Maltiverse integrations.
+
Optional filters
----------------
@@ -103,18 +116,8 @@ This filters alerts by where the event originated.
| **Allowed values** | Any :ref:`sregex` expression. |
+--------------------+--------------------------------------------------------------+
-alert_format
-^^^^^^^^^^^^
-
-This writes the alert file in the JSON format. The Integrator makes use of this file to fetch fields values.
-
-+--------------------+-----------------------------------------------------------+
-| **Default value** | n/a |
-+--------------------+-----------------------------------------------------------+
-| **Allowed values** | json |
-+--------------------+-----------------------------------------------------------+
-
-.. note:: This option must be set to ``json`` for Slack, VirusTotal, Shuffle, and Maltiverse integrations.
+Optional settings
+-----------------
max_log
^^^^^^^
@@ -129,8 +132,6 @@ The maximum length of an alert snippet that will be sent to the Integrator. Lon
.. note:: This option only applies if ``alert_format`` is not set to ``json``.
-.. _integration_options_tag:
-
options
^^^^^^^
@@ -142,6 +143,28 @@ This overwrites the previous fields or adds customization fields according to th
| **Allowed values** | json |
+--------------------+-----------------------------------------------------------+
+timeout
+^^^^^^^
+
+The timeout (in seconds) to wait for a valid response from the external integration server.
+
++--------------------+-----------------------------------------------------------+
+| **Default value** | 10 |
++--------------------+-----------------------------------------------------------+
+| **Allowed values** | Any positive integer. |
++--------------------+-----------------------------------------------------------+
+
+retries
+^^^^^^^
+
+On timeout, the maximum number of retry attempts for a request to the external integration server.
+
++--------------------+-----------------------------------------------------------+
+| **Default value** | 3 |
++--------------------+-----------------------------------------------------------+
+| **Allowed values** | Any positive integer. |
++--------------------+-----------------------------------------------------------+
+
Configuration example
---------------------
@@ -171,6 +194,8 @@ Configuration example
API_KEY
syscheck
json
+ 30
+ 5
@@ -199,4 +224,4 @@ Configuration example
APIKEY
json
{"data": "Custom data"}
-
\ No newline at end of file
+