Use patched misje/wazuh-dashboard-plugins as a referene, since the Wazuh maintainers have not provided any feedback on my pull request to fix invalid IP addresses and invalid SHA-256 hashes in the example data. The entrypoint needs to patientely wait for OpenSearch to become available.
The full demo docker-compose example lacks logic to populate Wazuh with demo events. Create a docker image that runs once, calling
docker run --rm -w "/home/node/app" -v "$(pwd):/home/node/app" node:lts-alpine node cli.js --all-modules --format bulk-api --index wazuh-alerts-4.x-sample > output.ndjson
curl -k -u 'admin:SecretPassword' https://localhost:9200/_bulk -H "Content-Type: application/x-ndjson" --data-binary "@output.ndjson"
Use patched misje/wazuh-dashboard-plugins as a referene, since the Wazuh maintainers have not provided any feedback on my pull request to fix invalid IP addresses and invalid SHA-256 hashes in the example data. The entrypoint needs to patientely wait for OpenSearch to become available.