Send alerts from Wazuh to Microsoft Teams via wazuh-integratord #14753
-
Hi teams, I'm working on Wazuh 4.3.6, do the integration Wazuh with Microsoft Teams to send my alerts from Wazuh to Teams, everything good except the error messages about the files permission when I run
So I searched around Google and remove the write permission for the file like this command I was verify my Teams Incoming Webhook by using the PowerShell post and can confirm it work. Here is the permission about my folders & files:
And here is my /var/ossec/integrations/custom-teams and my /var/ossec/integrations/custom-teams.py Thank you so much. |
Beta Was this translation helpful? Give feedback.
Replies: 4 comments 1 reply
-
I have reviewed the information you have provided as well as the attached scripts and I believe the problem is in your scripts' code. Let me explain this. Your
Regarding the
Here is the same scripts with these errors fixed: custom-teams
custom-teams.py
After you apply these changes the script seems to work, although I didn't review its implementation in detail to ensure everything works as expect, so it wouldn't hurt to check it out completely to be sure. I hope this helps. Let us know if you need further assistance. |
Beta Was this translation helpful? Give feedback.
-
Hi @CarlosRS9, thanks for your reply and your kindly check my issue, I followed your recommend and it worked. Just one more question, my messages in Team Incoming Webhook don't have anything in the Log feild like the image: |
Beta Was this translation helpful? Give feedback.
-
Sure thing. Your script updates that
|
Beta Was this translation helpful? Give feedback.
-
My custom-teams.py file: import json debug_enabled = False log_file = '{0}/logs/integrations.log'.format(pwd) def main(args):
def debug(msg): def filter_msg(alert): def generate_msg(alert): def send_msg(msg, url): if name == "main": and I am using the same custom-teams file as you shared above. You will help will be appreciated. |
Beta Was this translation helpful? Give feedback.
Hi @thanhsang2606
I have reviewed the information you have provided as well as the attached scripts and I believe the problem is in your scripts' code. Let me explain this.
Your
custom-teams
script is using an invalid path for the embedded python binary. You are usingframework/js/bin/js3
as the relative path, which does not exists by default in4.3
and it is very likely the reason of the error. You should replace this line with:Regarding the
custom-teams.py
it has at least 3 code error, as follows:\
. You should remove it.