Integration vulnerability detector by AWS SNS

38 views
Skip to first unread message

Chandra pal singh Chauhan

unread,
Aug 1, 2025, 2:56:10 AM8/1/25
to Wazuh | Mailing List

Hello Team,

I have received a request from the client regarding the integration of AWS SNS (Simple Notification Service) to alert on high and critical vulnerabilities. If anyone has experience or knowledge about implementing this, kindly guide me.

Regards,
Chandra

jorge....@wazuh.com

unread,
Aug 1, 2025, 3:28:56 AM8/1/25
to Wazuh | Mailing List
Hi Chandra

We have a blog post about this integration, here you have the link: https://wazuh.com/blog/wazuh-integration-with-aws-sns/

If you encounter any error, don't hesitate to ask about it.

Regards,
Jorge

Chandra pal singh Chauhan

unread,
Aug 1, 2025, 3:41:03 AM8/1/25
to Wazuh | Mailing List
Hello Jorge,

I already read this blog in this blog it covers all the alerts but i need to configure only vulnerability alerts from vulnerability detector.

Regards,
Chandra

jorge....@wazuh.com

unread,
Aug 1, 2025, 8:17:44 AM8/1/25
to Wazuh | Mailing List

Hi Chandra,

If you want to do this modification, you will need to adapt the file from /var/ossec/etc/ossec.conf, to send the message by adding some conditionals to filtrate the non-wanted alerts:

<integration>
<name>custom-sns-integration.py</name>
<alert_format>json</alert_format>
<group>vulnerability-detector</group>
</integration>
In case that you want some certain level rules, you could add back the <level>10</level>  and change the level to the desired one

Regards,
Jorge
Reply all
Reply to author
Forward
0 new messages