MCP Server for Wazuh SIEM

AI-powered security operations with Wazuh SIEM + Claude Desktop. Natural language threat detection, automated incident response & compliance. Real-time monitoring, ML anomaly detection. Transform your SOC with conversational security analysis. Production-ready MCP server.

INVENTORY é um painel web que exibe dados extraídos da API do Wazuh, via SysCollector. A solução oferece acesso rápido a detalhes do sistema. Tudo é apresentado em uma interface simples para equipes de TI. Utiliza os agentes do próprio Wazuh, eliminando a necessidade de instalar softwares adicionais reduzindo a superfície de ataque.

(Unofficial) Wazuh integration to send alerts to IRIS.

MCP for Security: A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF, NMAP, Masscan and more. Integrate security testing and penetration testing into AI workflows.

Wazuh is a robust open-source security platform, but it doesn't include native support for Telegram alerts. This guide walks you through a simple method to send alerts, like SSH login attempts, to Telegram using a custom integration script.

A Wazuh SIEM XDR integration that aims to enrich Wazuh alerts using VirusTotal and AlienVault OTX

MCP server for fetch web page content using Playwright headless browser.

Wazuh and Trivy integration to scan Docker image vulnerabilities.

Comprehensive Sysmon configuration file (sysmon_config.xml) specifically designed for integration with Wazuh SIEM. The configuration is optimized to detect and monitor security-relevant events based on MITRE ATT&CK framework techniques.

Wazuh is a powerful open-source security platform for threat detection and response. This guide walks you through creating a custom integration script to send Wazuh alerts directly to Slack channels.

Gotify integration for Wazuh. notifiations

☢️ Python script to send Wazuh alerts to Telegram by bot.

Wazuh SIEM alerts into Signal Messenger groups using Signal-CLI

On progress

Wazuh vulnerability report maker

This Python script integrates with Wazuh to automate sending secure, customizable email alerts with dynamic content based on JSON alert data, ensuring efficient real-time notifications.

Dieses Projekt zeigt Schritt für Schritt, wie man mit Wazuh, pfSense und Windows 11 ein komplettes SIEM-/XDR-HomeLab aufbaut, Windows-Endpoints per Agent einbindet und typische Monitoring-Szenarien wie File Integrity Monitoring (FIM) und Registry-Überwachung in einer virtuellen Testumgebung umsetzt.

Comprehensive malware detection and response system that integrates YARA scanning capabilities with Wazuh SIEM.

Wazuh Alert Triage & Escalation Playbook: Wazuh + Shuffle + IRIS + Discord/Gmail 🛡️