Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable alert forwarding to Fluentd for Analysisd #6691

Merged
merged 5 commits into from
Oct 31, 2023
Merged

Enable alert forwarding to Fluentd for Analysisd #6691

merged 5 commits into from
Oct 31, 2023

Conversation

MarcelKemp
Copy link
Member

Description

This PR adds new functionality added to the fluent-forwarder module, which has been developed in the next issue:

With this development, now we will be able to forward the alerts generated by Wazuh, so that they are sent through a socket to the Fluentd server.

To do this, we will apply the same steps used for LogCollector, but modifying the last configuration where we will define the <forward_to>.

On the other hand, keep in mind that analysisd is jailed, so the sockets must be generated inside /var/ossec.

Checks

Docs building

  • Compiles without warnings.

Code formatting and web optimization

  • Uses three spaces indentation.
  • Adds or updates meta descriptions accordingly.

Writing style

  • Uses present tense, active voice, and semi-formal registry.
  • Uses short, simple sentences.
  • Uses bold for user interface elements, italics for key terms or emphasis, and code font for Bash commands, file names, REST paths, and code.

@MarcelKemp MarcelKemp force-pushed the 6073_fluentd_analysisd_forward branch from 44ecf51 to c232923 Compare October 27, 2023 11:07
@MarcelKemp MarcelKemp self-assigned this Oct 27, 2023
@javimed javimed added the level/task Task issue label Oct 27, 2023
javimed
javimed requested changes Oct 30, 2023
View reviewed changes
source/user-manual/manager/fluent-forwarder.rst Show resolved Hide resolved
source/user-manual/manager/fluent-forwarder.rst Outdated Show resolved Hide resolved
source/user-manual/manager/fluent-forwarder.rst Outdated Show resolved Hide resolved
source/user-manual/manager/fluent-forwarder.rst Outdated Show resolved Hide resolved
source/user-manual/manager/fluent-forwarder.rst Outdated Show resolved Hide resolved
source/user-manual/manager/fluent-forwarder.rst Outdated Show resolved Hide resolved
@MarcelKemp MarcelKemp requested a review from javimed October 30, 2023 18:03
@javimed javimed merged commit d79fa61 into master Oct 31, 2023
@javimed javimed deleted the 6073_fluentd_analysisd_forward branch October 31, 2023 11:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@javimed javimed javimed approved these changes

Assignees

@MarcelKemp MarcelKemp

Labels
level/task Task issue type/enhancement Enhancement issue use cases
Projects
No open projects
Release 4.9.0
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@MarcelKemp @javimed @GabrielEValenzuela