Hello Thomas!
You can integrate Wazuh with many external applications.
What you have to do is to configure an
integration that will send through a python script all the alerts you have filtered for that purpose.
The configuration block looks like this, you need to add it in
ossec.conf and replace all the corresponding values, like the
hook_url or the
name of the script. You can change the minimum level for the alert to be sent to a value lower than 9. See the
documentation section for more information
<!--Custom external Integration -->
<integration>
<name>custom-shuffle</name>
<hook_url>WEBHOOK</hook_url>
<level>9</level>
<alert_format>json</alert_format>
</integration>
I hope you find this information useful.
Regards.