If my Wazuh manager is set up as a cluster and my agent is registered on the worker, should I place the Telegram configuration file on the master or on the worker?
Hello. Many thanks for this video, highly appreciated :) ..would it be possible to trigger an active response only after confirmation by telegram for example? Best regards
I do not believe you can do that with the Telegram app explicitly, but you could create a Shuffle workflow that takes advantage of a text message or email trigger. shuffler.io/docs/triggers#user_input
@@dheanova9008 Do you have an agent connected to the manager that would be triggering more level 3 and above alerts? You can also take a look at the /var/ossec/log/integrations.log file to see if there are any errors.
Hi. It doesn't work for me. Tell me, should additional packages be installed on the system? I am using the ova wazuh image, it contains python 2.7.5, maybe this is the reason? Or install pip of a specific version?
@@taylorwalton_socfortress hi, i have installed python3, pip3, and requests package as well. But I still can't get the notification in my Telegram, do you have any solution for this?
Hi thanks for the video i am facing one issue with integration you set the alert value of 3 me also set same value so i will get all alerts but when i chage it to value 10,12 or 15 i didnt get any ssh attacks alerts on telegram how to fix this issue
not working for current wazuh version(
now found just WAZUH group, not OSSEC when CHOWN
chown root:wazuh /var/ossec/integrations/custom-telegram*
chmod 750 /var/ossec/integrations/custom-telegram*
@@hansaja5594 genio!
Clean and very cool session.
its working! thank you
version 4.8
Seu video me ajudou, muito bem explicado e simples
If my Wazuh manager is set up as a cluster and my agent is registered on the worker, should I place the Telegram configuration file on the master or on the worker?
Worked fine, thank you very much!
still worked? I don't why my telegram and slack didn't work
Hi! How do I add the output in the message field: timestamp?
my bot in telegram only sending to private, not send to the group. How can i Fix?
Hi, I'm able to receive the alert but the problem is. The alert is being send to my telegram bot not inside the group chat I created.
Gracias totales!!
Great session
Hello. Many thanks for this video, highly appreciated :) ..would it be possible to trigger an active response only after confirmation by telegram for example? Best regards
I do not believe you can do that with the Telegram app explicitly, but you could create a Shuffle workflow that takes advantage of a text message or email trigger. shuffler.io/docs/triggers#user_input
its working for me, but only in windows server. Linux os is not working.
How can i send to multiple CHAT_ID with Condition?
Very cool!!!
Thanks very nice, is it possible to do video integrating Pfsense firewall logs, and Suricata logs on it? Thanks again
Hey, I will add that to the list!
Thanks for watching!
Its working all good, but the text isnt in UTF 8. how can i fix it ? thanks for the tutorial
fix it. this switch to # Send the request
requests.post(hook_url, headers=headers, data=json.dumps(msg_data , ensure_ascii=False).encode('utf8'))
Is Python3 a requirement?
Hello a question help meee!!! i need this but that only alert events with name “start with” as i do??????
Cool! I've tried this tutorial, but why the notification that appears only when restarting Wazuh Manager? please answer, thank you😊
What does your integration block look like?
@@taylorwalton_socfortress same with this tutorial😞
@@dheanova9008 Do you have an agent connected to the manager that would be triggering more level 3 and above alerts? You can also take a look at the /var/ossec/log/integrations.log file to see if there are any errors.
Hi. It doesn't work for me. Tell me, should additional packages be installed on the system? I am using the ova wazuh image, it contains python 2.7.5, maybe this is the reason? Or install pip of a specific version?
Yes try installing python3 and pip3 then install the request package with “pip3 install requests”
@@taylorwalton_socfortress tell me how to add the use of a proxy to the script?
@@taylorwalton_socfortress hi, i have installed python3, pip3, and requests package as well. But I still can't get the notification in my Telegram, do you have any solution for this?
Hi thanks for the video
i am facing one issue with integration you set the alert value of 3
me also set same value so i will get all alerts but when i chage it to value 10,12 or 15 i didnt get any ssh attacks alerts on telegram
how to fix this issue
Please make the gain much lower next time ,
My ears are bleeding 😵
Thanks for the feedback. I will work on that
chown root:ossec /var/ossec/integrations/custom-telegram* I cannot execute this command the output gives me this: "chown: invalid group: ‘root:ossec’"
chown root:ossec /var/ossec/integrations/custom-telegram*
chown: invalid group: 'root:ossec'
I failed in this section, can anyone help me?
Same Boat seeing what i can find
try: chown root:wazuh /var/ossec/integrations/custom-telegram*
This is the solution, very thx@@harras07