open-source

Google Workspace Alerts Wodle

#open-source #security-engineering #security-monitoring #siem #wazuh #google-workspace

Real-World Wodle Implementation In my previous post, I covered the theory behind creating custom wodles for Wazuh. Now, I want to share a practical implementation I’ve been using in a production environment: a wodle for monitoring Google Workspace Alert Center alerts and notifications. This is an example of extending Wazuh’s monitoring capabilities to cover cloud services. Without this custom integration, our security team would need to manually log into Google Workspace to check the Alert Center. By bringing these alerts into our central Wazuh instance, we’ve streamlined our security operations and gained cross-platform visibility and correlation.

Read more →

March 20, 2025

Building Custom Wazuh Wodles

#open-source #security-engineering #security-monitoring #siem #wazuh

Extending Beyond the Defaults ℹ️ This post focuses on Wazuh, a unified Security Information and Event Management (SIEM) and Extended Detection and Response (XDR) platform that has become increasingly popular as a powerful open-source solution for security monitoring and threat detection. Security monitoring tools come with out-of-the-box support for common log sources, but what about those critical events happening in your custom applications? While these tools excel at tracking standard system logs, they can miss the unique data sources and formats that matter in your particular environment.

Read more →

March 2, 2025