OpenSearch reports email sending
150 views
Skip to first unread message
Emre Erdem
May 22, 2024, 2:14:31 AM5/22/24
to Wazuh | Mailing List
Hello everyone,
I created scheduled reports using OpenSearch plugins in the Wazuh interface. Reports are generated on time, but how can I send the reports via e-mail each time they are generated?
I'd like to hear other ideas, too.
Wazuh version 4.7.3
KIND REGARDS
I created scheduled reports using OpenSearch plugins in the Wazuh interface. Reports are generated on time, but how can I send the reports via e-mail each time they are generated?
I'd like to hear other ideas, too.
Wazuh version 4.7.3
KIND REGARDS
Stuti Gupta
May 22, 2024, 5:16:25 AM5/22/24
to Wazuh | Mailing List
Hi team!
Please allow me some time. I'm looking into this query and will update you with an appropriate answer.
Stuti Gupta
May 22, 2024, 6:04:00 AM5/22/24
to Wazuh | Mailing List
Hi Emre Erdem
Currently, it's not possible to send these reports via email. However, this feature has been requested for the OpenSearch project and is planned for a future release. You can follow its progress in the following issues:- Issue 345
- Issue 72
As a workaround, you can create a script that queries the Wazuh indexer API to generate the CSV report and send it via email. You can schedule this script to run periodically using a command wodle
Here's an example script for sending custom emails: https://github.com/jctello/JCT-Wazuh/blob/main/integrations/custom-email-alerts
Additionally, you can configure your own customized report by using the report option in the `ossec.conf`. Reports can be customized based on level, source, username, rule ID, etc. See the Wazuh report documentation to learn more.
To send reports as email attachments, you need to configure an SMTP server and email alerts. Refer to the following documentation for more details:
- Configuring email alerts
- SMTP server with authentication
Please let me know if this documentation helps or if you have any further questions. I'm here to assist you!
I hope this helps!
Emre Erdem
May 22, 2024, 8:46:33 AM5/22/24
to Wazuh | Mailing List
Hello Stuti Gupta,
First of all, thank you for helping me. But I don't quite understand what you mean, can you explain a little more?
First of all, thank you for helping me. But I don't quite understand what you mean, can you explain a little more?
"As a workaround, you can create a script that queries the Wazuh indexer API to generate the CSV report and send it via email. You can schedule this script to run periodically using a command wodle "
KIND REGARDS
22 Mayıs 2024 Çarşamba tarihinde saat 13:04:00 UTC+3 itibarıyla Stuti Gupta şunları yazdı:
Stuti Gupta
May 22, 2024, 11:46:54 PM5/22/24
to Wazuh | Mailing List
That means writing a script that can interact with the Wazuh API to fetch the necessary data for the CSV report. Create an output as you require, and forward the output via mail. You can schedule this script to run periodically using a command wodle
Reply all
Reply to author
Forward
0 new messages