intrusion detection - How to send OSSec Notification to a HTTP URL -


currently see email notification can sent alerts in ossec. there way make http call in case of alert?

i couldn't find direct way send ossec notification webhook url. but, got working of logstash, use log parsing , indexing. added logstash output following configuration:

 output {   if [type] == "ossec_alert" {     http {       http_method => "post"       url => "https://mythhpwebhook.com?key=1234"       content_type => "application/json"       mapping => ["subject", "ossec alert: %{signature}", "message", "%{message}"]     }   } } 

not: message , signature variable filter applied ossec input.


Comments

Popular posts from this blog

Payment information shows nothing in one page checkout page magento -

tcpdump - How to check if server received packet (acknowledged) -