Home / Integration plugins / Wazuh SMS Integration

Wazuh SMS – integration manual

Here we describe how to set up Wazuh SMS alerts. The integration uses SMSEagle Hardware SMS Gateway. The process is easy and should take 10-15 minutes to complete.

SMSEagle is an offline hardware SMS gateway. Therefore no external connection to 3rd party system is required. All notifications are generated on-premise and sent directly to a cellular network. This solution can be used in secure installations without Internet access.

SMSEagle Setup

  1. Create a new user in SMSEagle (menu Users > + Add Users, user access level: “User”).
  2. Grant API access to the created user:
    • click Access to API beside the newly created user.
    • Enable APIv2
    • Generate new token
    • Add access permissions in section Messages for: Send SMS.
    • Save settings.

Wazuh Setup

  1. Creating new Channel
    a) Go to Notifications > Channels menu, and create New channel
    b) Select Custom Webhook with POST Method
    c) In the Webhook URL paste: https://smseagle-ip/api/v2/messages/sms
    (where smseagle-ip is an actual IP address of your own SMSEagle device)
    d) In Webhook headers add two keys:
    access-token and as a value paste the access token from the previously created user
    Content-Type and as a value paste: application/json

2. Creating new Alert
a) Go to Alerting -> Monitors
b) Define new action that triggers when you would like to send an alert. Select previously created SMS channel
c) In the Message field add your alert message in JSON format.

For example:

{ "to": ["+48111222333"],
"text": "Wazuh Alert: {{ctx.monitor.name}} just entered alert status. Please check the issue.
Trigger: {{ctx.trigger.name}}
Severity: {{ctx.trigger.severity}}
PeriodStart: {{ctx.periodStart}}"
}

or

{ "to": ["admin-group"], 
"text": "Wazuh Alert: {{ctx.monitor.name}} just entered alert status. Please check the issue. 
Trigger: {{ctx.trigger.name}} 
Severity: {{ctx.trigger.severity}} 
PeriodStart: {{ctx.periodStart}}" 
}

You can use a phone number (for example +48111222333) or a group defined in SMSEagle Phonebook (for example admin-group) as recipient.

That’s it!😊

Optionally, you can use an escalation group on the SMSEagle to take advantage of the escalation feature.

 

What is hardware
SMS Gateway?

Learn more about
SMSEagle features

Explore SMSEagle Demo device

SMSEagle is a hardware & software solution that guarantees a swift delivery of your messages to designated recipients, whether it’s for notifications, alerts, or important updates.

After registering to a demo you get a remote access to our physical device NXS-9750.

  • 14-days free trial
  • Access to over 20 functionalities