ligbox/ligbox-ops-platform
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ligbox-ops-platform/specs/002-wazuh-integration/plan.md
Ligbox Spec Hub 3a2c64834b Initial import: ligbox-ops-platform + specs + LAPTOP + obsidian merge (CT130) 
Source: VM122 /opt + obsidian-infra + LAPTOP
Hub: CT130 spec-hub 10.10.10.130
2026-06-19 17:26:41 +00:00

22 lines
640 B
Markdown
Raw Blame History

# Plan: 002-wazuh-integration
## API
- Refactor `_process_ingress(source, body, secret)`
- `POST /api/v1/webhooks/ingress/wazuh` — parse alert JSON nativo
- Manter `/webhooks/onboard` (compat VM112)
- `GET /api/v1/webhooks/events?source=wazuh`
- Env: `WAZUH_WEBHOOK_SECRET`, `WAZUH_MIN_TICKET_LEVEL=10`
## Wazuh VM104
- Script `ligbox-ops.py` em `/var/ossec/integrations/`
- Bloco `<integration>` em `ossec.conf` level 10
- Restart manager
## UI
- Filtro origem em Eventos
- Badge severidade Wazuh em tickets/eventos
- Card Wazuh no dashboard (count eventos wazuh)
## Deploy
- VM122 rebuild api + frontend
- VM104 ossec.conf + script
Reference in a new issue View git blame Copy permalink