Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add events generator tool for wazuh-alerts #152

Merged
merged 3 commits into from
Feb 15, 2024
Merged
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Fix typo in README.md
Signed-off-by: Álex Ruiz <[email protected]>
  • Loading branch information
AlexRuiz7 authored Feb 13, 2024
commit 76bb135a2dc79903ae4d5678a3789fd9bb7bab4e
6 changes: 3 additions & 3 deletions integrations/tools/events-generator/README.md
Original file line number Diff line number Diff line change
@@ -12,13 +12,13 @@ source .venv/bin/activate
pip install -r requirements.txt
```

Start the events generator with `./run.py` or `python run.py`. The program takes no required
Start the events' generator with `./run.py` or `python run.py`. The program takes no required
arguments, as it's configured with default values that will work in most cases during development.
To know more about its capabilities and arguments, display the help menu with `-h`.

As for now, this tool generates events for the `wazuh-alerts-4.x-*` and `wazuh-archives-4.x-*` indices.
Since 4.8.0, these indices are aliases to `wazuh-alerts` and `wazuh-archives`. If you need to, run the
[indexer-ism-init.sh](../../../distribution/src/bin/indexer-ism-init.sh) script to create them. This is important as by default, the tool will write to
Since 4.8.0, these indices are aliased to `wazuh-alerts` and `wazuh-archives`. If you need to, run the
[indexer-ism-init.sh](../../../distribution/src/bin/indexer-ism-init.sh) script to create them. This is important as, by default, the tool will write to
the `wazuh-alerts` alias. You may also need to create an **index pattern** in _dashboards_ in order to perform
queries to the index from the UI. To do that, go to Dashboards Management > Index Patterns > Create index pattern > wazuh-alerts-4.x-* > timestamp as Time field