Home Esplora Aiuto
Accedi
tum
/
soc
Segui 1
Vota 0
Forka 0
Codice Problemi 0 Pull Requests 0 Commit 8 Rilasci 0 Wiki

Nessuna descrizione

Albero (Tree): 0359e841fb
Rami (Branch) Tag
soc
/
scripts
tum 9de2549954 first commit 1 mese fa
..
README.md 9de2549954 first commit 1 mese fa
send-wazuh-test-events.sh 9de2549954 first commit 1 mese fa

README.md

Test Event Scripts

Send Wazuh test events

Use this to inject synthetic SOC events via syslog UDP into Wazuh manager.

scripts/send-wazuh-test-events.sh [scenario] [count] [delay_seconds]

Scenarios:

  • ioc_dns
  • ioc_ips
  • vpn_outside_th
  • windows_auth_fail
  • all

Examples:

scripts/send-wazuh-test-events.sh all
scripts/send-wazuh-test-events.sh vpn_outside_th 5 0.2
WAZUH_SYSLOG_HOST=127.0.0.1 WAZUH_SYSLOG_PORT=514 scripts/send-wazuh-test-events.sh ioc_ips

Environment overrides:

  • WAZUH_SYSLOG_HOST (default 127.0.0.1)
  • WAZUH_SYSLOG_PORT (default 514)
  • WAZUH_TEST_SRC_IP
  • WAZUH_TEST_DOMAIN
  • WAZUH_TEST_USER