MCP Server for Wazuh SIEM
AI-powered security operations for Wazuh SIEM—use any MCP-compatible client to ask security questions in plain English. Faster threat detection, incident triage, and compliance checks with real-time monitoring and anomaly spotting. Production-ready MCP server for conversational SOC workflows.
INVENTORY é um painel web que exibe dados extraídos da API do Wazuh, via SysCollector. A solução oferece acesso rápido a detalhes do sistema. Tudo é apresentado em uma interface simples para equipes de TI. Utiliza os agentes do próprio Wazuh, eliminando a necessidade de instalar softwares adicionais reduzindo a superfície de ataque.
(Unofficial) Wazuh integration to send alerts to IRIS.
MCP for Security: A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF, NMAP, Masscan and more. Integrate security testing and penetration testing into AI workflows.
Comprehensive Sysmon configuration file (sysmon_config.xml) specifically designed for integration with Wazuh SIEM. The configuration is optimized to detect and monitor security-relevant events based on MITRE ATT&CK framework techniques.
Wazuh is a robust open-source security platform, but it doesn't include native support for Telegram alerts. This guide walks you through a simple method to send alerts, like SSH login attempts, to Telegram using a custom integration script.
On progress
A forensic visualization tool for Wazuh that transforms Windows process creation logs (Event ID 4688) into interactive, draggable relationship graphs. Optimized for Threat Hunting and Incident Response.
Wazuh is a powerful open-source security platform for threat detection and response. This guide walks you through creating a custom integration script to send Wazuh alerts directly to Slack channels.
A Wazuh SIEM XDR integration that aims to enrich Wazuh alerts using VirusTotal and AlienVault OTX
Wazuh and Trivy integration to scan Docker image vulnerabilities.
Gotify integration for Wazuh. notifiations
☢️ Python script to send Wazuh alerts to Telegram by bot.
Wazuh vulnerability report maker
Wazuh SIEM alerts into Signal Messenger groups using Signal-CLI
Enterprise-grade solution eliminating persistent MITRE technique lookup failures affecting thousands of Wazuh installations worldwide. Fixes both UUID compatibility and obsolete rule modernization.
This Python script integrates with Wazuh to automate sending secure, customizable email alerts with dynamic content based on JSON alert data, ensuring efficient real-time notifications.
Dieses Projekt zeigt Schritt für Schritt, wie man mit Wazuh, pfSense und Windows 11 ein komplettes SIEM-/XDR-HomeLab aufbaut, Windows-Endpoints per Agent einbindet und typische Monitoring-Szenarien wie File Integrity Monitoring (FIM) und Registry-Überwachung in einer virtuellen Testumgebung umsetzt.
Add a description, image, and links to the wazuh-integration topic page so that developers can more easily learn about it.
To associate your repository with the wazuh-integration topic, visit your repo's landing page and select "manage topics."