The smtp_server option is set to localhost because we are using Postfix as the server relay in the same host where the manager is located. In order to enable Wazuh email notifications, we must configure the main email settings in the global section of the manager configuration file as SMTP server must be set up according to the email service used: Gmail, Outlook, Live, Yahoo, etc. Once the server relay is working, the next step is to set up the Wazuh manager to include the desired alerts in the email.Įmail alert options can be categorized as Generic mail options or Granular mail options. However, you can find additional information in the Wazuh documentation. Later in this post, you will see how to do this through a practical case. If that is the case, it is necessary to set up a server relay, such as Postfix, to handle it.
Nowadays, most SMTP servers require authentication. Tuning Wazuh to Forward Alerts Configuring an SMTP Server Relay Use case: Forwarding Apache alerts in real-time.To do this, we will describe how the module works and show a practical case of forwarding alerts for a specific purpose: It is a useful way to get notifications about the most important events that occur in our monitored hosts. In this post, we are going to cover how to configure Wazuh to forward alerts via email.
0 kommentar(er)
