Echtzeit-Sicherheitseinblicke durch NixGuard RAG und Wazuh-Integration
Fortgeschritten
Dies ist ein SecOps-Bereich Automatisierungsworkflow mit 15 Nodes. Hauptsächlich werden Set, Code, Merge, Aggregate, HttpRequest und andere Nodes verwendet. Sicherheits-Einblicke in Echtzeit durch NixGuard RAG- und Wazuh-Integration
Voraussetzungen
- •Möglicherweise sind Ziel-API-Anmeldedaten erforderlich
Verwendete Nodes (15)
Kategorie
Workflow-Vorschau
Visualisierung der Node-Verbindungen, mit Zoom und Pan
Workflow exportieren
Kopieren Sie die folgende JSON-Konfiguration und importieren Sie sie in n8n
{
"id": "I0nUORqYTwDFZa51",
"meta": {
"instanceId": "558d88703fb65b2d0e44613bc35916258b0f0bf983c5d4730c00c424b77ca36a"
},
"name": "Get Real-Time Security Insights with NixGuard RAG and Wazuh Integration",
"tags": [
{
"id": "q7fiN9zbxrNmsNbT",
"name": "NixGuard",
"createdAt": "2025-06-10T17:12:53.669Z",
"updatedAt": "2025-06-10T17:12:53.669Z"
},
{
"id": "CaOFkWRRUPhl5zch",
"name": "NEX",
"createdAt": "2025-06-10T17:12:57.408Z",
"updatedAt": "2025-06-10T17:12:57.408Z"
},
{
"id": "pQg0XfRi6hFoyuVB",
"name": "Wazuh",
"createdAt": "2025-06-10T17:13:00.952Z",
"updatedAt": "2025-06-10T17:13:00.952Z"
},
{
"id": "nBFKoKp6KIhjRaEn",
"name": "Security",
"createdAt": "2025-06-10T17:13:09.106Z",
"updatedAt": "2025-06-10T17:13:09.106Z"
},
{
"id": "to1DVLh70D0WBlIi",
"name": "Cybersecurity",
"createdAt": "2025-06-10T17:13:17.593Z",
"updatedAt": "2025-06-10T17:13:17.593Z"
}
],
"nodes": [
{
"id": "dc94efb5-91a0-4d2b-9cd0-e72b1e97498d",
"name": "Bei Empfang einer Chat-Nachricht",
"type": "@n8n/n8n-nodes-langchain.chatTrigger",
"disabled": true,
"position": [
-400,
-80
],
"webhookId": "ec75b9db-22e6-4bb3-88c1-66afced7d2e5",
"parameters": {
"options": {}
},
"typeVersion": 1.1
},
{
"id": "de233ffa-d892-4b6a-997f-5a7af8b51db8",
"name": "Workflow-Trigger ausführen",
"type": "n8n-nodes-base.executeWorkflowTrigger",
"position": [
-400,
100
],
"parameters": {},
"typeVersion": 1
},
{
"id": "ce9d6961-8cf9-435b-9ba9-88cc043ac60f",
"name": "Anfrage an NixGuard API senden",
"type": "n8n-nodes-base.httpRequest",
"position": [
640,
120
],
"parameters": {
"url": "https://nix.thenex.world",
"method": "POST",
"options": {},
"sendBody": true,
"jsonHeaders": "{\"Content-Type\": \"application/json\"}",
"sendHeaders": true,
"bodyParameters": {
"parameters": [
{
"name": "apiKey",
"value": "={{ $json.apiKey }}"
},
{
"name": "prompt",
"value": "={{ $json.chatInput }}"
}
]
},
"specifyHeaders": "json"
},
"typeVersion": 4.2
},
{
"id": "aa084f8f-8f81-4079-a61a-3f3772ed351a",
"name": "API-Antwort formatieren",
"type": "n8n-nodes-base.set",
"position": [
780,
340
],
"parameters": {
"options": {},
"assignments": {
"assignments": [
{
"id": "e41e3031-3669-432b-a669-8ece63e0a2a4",
"name": "content",
"type": "string",
"value": "={{ $json.content }}"
}
]
}
},
"typeVersion": 3.4
},
{
"id": "b3bb011b-cf24-4c9e-b4aa-20f6718cc798",
"name": "Endausgabe vorbereiten",
"type": "n8n-nodes-base.code",
"position": [
940,
280
],
"parameters": {
"jsCode": "const output = items[0].json.content;\n\nreturn [{json: {output}}];"
},
"typeVersion": 2
},
{
"id": "283c8732-fe9e-4e85-83f4-9ff00241b08b",
"name": "NixGuard-Antwort parsen",
"type": "n8n-nodes-base.code",
"position": [
620,
400
],
"parameters": {
"jsCode": "const nixResponse = JSON.parse($input.first().json.data);\nconst nixResult = nixResponse.result;\n\nreturn nixResponse;"
},
"typeVersion": 2
},
{
"id": "1bd49a13-db15-45ac-8d83-3a198b6d401c",
"name": "Eingabedaten zusammenführen",
"type": "n8n-nodes-base.merge",
"position": [
160,
-20
],
"parameters": {},
"typeVersion": 3
},
{
"id": "60ce604d-a084-4895-9c3b-37ff29f98fd4",
"name": "Sicherheitsdaten aggregieren",
"type": "n8n-nodes-base.aggregate",
"position": [
320,
40
],
"parameters": {
"options": {},
"aggregate": "aggregateAllItemData"
},
"typeVersion": 1
},
{
"id": "9835ff41-0cae-491f-aade-2e8981c10232",
"name": "Sicherheitsdaten kombinieren",
"type": "n8n-nodes-base.code",
"position": [
480,
80
],
"parameters": {
"jsCode": "\n// Combine properties from both objects into a single object \nconst combinedObject = Object.assign({}, ...$input.first().json.data); \n// Return the combined object as a single item \nreturn [combinedObject];"
},
"typeVersion": 2
},
{
"id": "9df08e53-a3df-434b-ba8e-909bfae11d24",
"name": "API-Anfragedaten vorbereiten",
"type": "n8n-nodes-base.set",
"disabled": true,
"position": [
-200,
-80
],
"parameters": {
"options": {},
"assignments": {
"assignments": [
{
"id": "78b78cf7-943f-4f4f-91c5-c71efeb7d78a",
"name": "apiKey",
"type": "string",
"value": ""
},
{
"id": "0ee0f3f2-2954-414b-a701-4ca14e3c5be2",
"name": "sessionId",
"type": "string",
"value": "={{ $json.sessionId }}"
},
{
"id": "a0f7d4d4-0ac7-474e-b87a-b87536f5e303",
"name": "action",
"type": "string",
"value": "={{ $json.action }}"
},
{
"id": "3d047460-d218-4408-aa7a-466f55a5de24",
"name": "chatInput",
"type": "string",
"value": "={{ $json.chatInput }}"
}
]
}
},
"typeVersion": 3.4
},
{
"id": "1a040e52-30fb-4556-ac2c-71f173075d89",
"name": "Datenaggregation",
"type": "n8n-nodes-base.stickyNote",
"position": [
-140,
140
],
"parameters": {
"color": 7,
"width": 400,
"height": 340,
"content": "## Data Aggregation\n\nThis section combines multiple security data sources:\n1. **Merge Input Data**: Combines triggers from different sources\n2. **Aggregate Security Data**: Consolidates security events\n3. **Combine Security Data**: Creates unified request payload\n\n### Use Cases:\n- Correlate Wazuh alerts with NixGuard insights\n- Combine multiple security queries\n- Process batch security events"
},
"typeVersion": 1
},
{
"id": "a4d8b9d0-84e2-4732-ac67-85985343a67c",
"name": "Einrichtungsanleitung",
"type": "n8n-nodes-base.stickyNote",
"position": [
-860,
320
],
"parameters": {
"color": 7,
"width": 400,
"height": 420,
"content": "## Getting Started\n\n### Prerequisites:\n- Valid NixGuard API key\n- Access to Wazuh security data (if integrating)\n\n### Setup Instructions:\n1. Configure your NixGuard API key in 'Prepare API Request Data' node\n2. Set up trigger method (chat or manual)\n3. Test with sample security queries\n4. Make sure NixGuard agents are installed on your network endpoints for real-time security events\n\n### Support:\nFor questions, visit [NixGuard Documentation](https://nixguard.thenex.world) or join our [Community Discord](https://discord.com/invite/ajCYwYCwHb)"
},
"typeVersion": 1
},
{
"id": "a94e8519-9783-4b2f-8ca9-e3e571784e40",
"name": "Workflow-Übersicht1",
"type": "n8n-nodes-base.stickyNote",
"position": [
-960,
-80
],
"parameters": {
"color": 7,
"width": 500,
"height": 380,
"content": "## NixGuard Security Connector Workflow\n\nThis workflow integrates NixGuard's RAG (Retrieval-Augmented Generation) with Wazuh security data to provide real-time security insights.\n\n### Key Features:\n- Processes security queries through NixGuard's AI\n- Combines multiple security data sources\n- Returns actionable security insights\n\n### Authentication:\nRequires valid API key for NixGuard endpoint (configured in 'Prepare API Request Data' node)."
},
"typeVersion": 1
},
{
"id": "69fd8854-8025-462f-b078-73b86803a8c7",
"name": "API-Anfrageerklärung1",
"type": "n8n-nodes-base.stickyNote",
"position": [
-140,
500
],
"parameters": {
"color": 7,
"width": 400,
"height": 380,
"content": "## API Request Configuration\n\nThis node sends the security query to NixGuard's API endpoint with:\n- Proper authentication headers\n- Formatted request body\n- Required content type\n\n### Configuration:\n1. Set your NixGuard API endpoint URL\n2. Ensure headers include `Content-Type: application/json`\n3. Body contains:\n - `apiKey`: Your NixGuard API key\n - `prompt`: The security query/input"
},
"typeVersion": 1
},
{
"id": "b4d557c8-6db5-42d6-bf6a-6edbe4c84dec",
"name": "Antwortverarbeitung1",
"type": "n8n-nodes-base.stickyNote",
"position": [
800,
500
],
"parameters": {
"color": 7,
"width": 400,
"height": 320,
"content": "## Response Processing\n\nThis section handles the NixGuard API response:\n1. **Parse NixGuard Response**: Converts JSON string to object\n2. **Format API Response**: Extracts relevant content\n3. **Prepare Final Output**: Structures output for end users\n\n### Error Handling:\n- Invalid responses will trigger error paths\n- Ensure proper error handling in subsequent workflows"
},
"typeVersion": 1
}
],
"active": false,
"pinData": {},
"settings": {
"executionOrder": "v1"
},
"versionId": "130b7c1c-428f-45c4-934c-14653965820d",
"connections": {
"1bd49a13-db15-45ac-8d83-3a198b6d401c": {
"main": [
[
{
"node": "60ce604d-a084-4895-9c3b-37ff29f98fd4",
"type": "main",
"index": 0
}
]
]
},
"aa084f8f-8f81-4079-a61a-3f3772ed351a": {
"main": [
[
{
"node": "b3bb011b-cf24-4c9e-b4aa-20f6718cc798",
"type": "main",
"index": 0
}
]
]
},
"9835ff41-0cae-491f-aade-2e8981c10232": {
"main": [
[
{
"node": "ce9d6961-8cf9-435b-9ba9-88cc043ac60f",
"type": "main",
"index": 0
}
]
]
},
"60ce604d-a084-4895-9c3b-37ff29f98fd4": {
"main": [
[
{
"node": "9835ff41-0cae-491f-aade-2e8981c10232",
"type": "main",
"index": 0
}
]
]
},
"283c8732-fe9e-4e85-83f4-9ff00241b08b": {
"main": [
[
{
"node": "aa084f8f-8f81-4079-a61a-3f3772ed351a",
"type": "main",
"index": 0
}
]
]
},
"de233ffa-d892-4b6a-997f-5a7af8b51db8": {
"main": [
[
{
"node": "1bd49a13-db15-45ac-8d83-3a198b6d401c",
"type": "main",
"index": 0
}
]
]
},
"9df08e53-a3df-434b-ba8e-909bfae11d24": {
"main": [
[
{
"node": "1bd49a13-db15-45ac-8d83-3a198b6d401c",
"type": "main",
"index": 0
}
]
]
},
"dc94efb5-91a0-4d2b-9cd0-e72b1e97498d": {
"main": [
[
{
"node": "9df08e53-a3df-434b-ba8e-909bfae11d24",
"type": "main",
"index": 0
}
]
]
},
"ce9d6961-8cf9-435b-9ba9-88cc043ac60f": {
"main": [
[
{
"node": "283c8732-fe9e-4e85-83f4-9ff00241b08b",
"type": "main",
"index": 0
}
]
]
}
}
}Häufig gestellte Fragen
Wie verwende ich diesen Workflow?
Kopieren Sie den obigen JSON-Code, erstellen Sie einen neuen Workflow in Ihrer n8n-Instanz und wählen Sie "Aus JSON importieren". Fügen Sie die Konfiguration ein und passen Sie die Anmeldedaten nach Bedarf an.
Für welche Szenarien ist dieser Workflow geeignet?
Fortgeschritten - Sicherheitsbetrieb
Ist es kostenpflichtig?
Dieser Workflow ist völlig kostenlos. Beachten Sie jedoch, dass Drittanbieterdienste (wie OpenAI API), die im Workflow verwendet werden, möglicherweise kostenpflichtig sind.
Verwandte Workflows
Automatisierte Sicherheitsklassifizierung: NixGuard AI und Weiterleitung an Slack oder Jira
Automatisierung der Klassifizierung von Sicherheitswarnungen: NixGuard AI und Weiterleitung an Slack oder Jira
If
Set
Code
+
If
Set
Code
19 NodesJonathan | NEX
Sicherheitsbetrieb
Dokumenten-Frage-Antwort-System basierend auf Voyage-Context-3 Embeddings und MongoDB Atlas
Dokumenten-Frage-Antwort-System mit Voyage-Context-3-Embeddings und MongoDB Atlas
Set
Code
Wait
+
Set
Code
Wait
53 NodesJimleuk
Engineering
n8n-Knoten in der visuellen Referenzbibliothek erkunden
Erkundung von n8n-Knoten in der visuellen Referenzbibliothek
If
Ftp
Set
+
If
Ftp
Set
113 NodesI versus AI
Sonstiges
⚡📽️ Der ultimative KI-gestützte YouTube-Zusammenfassungs- und Analyse-Chatbot
⚡📽️ All-in-One-KI-Chatbot für YouTube-Zusammenfassungen und -Analysen
Set
Code
Merge
+
Set
Code
Merge
29 NodesJoseph LePage
Künstliche Intelligenz
Analyse von Gmail-Email-Headern zur Erkennung von IP-Reputations- und Tricksendungen
Gmail-Header analysieren, um IP-Reputationsverlust und Betrug zu erkennen
If
Set
Code
+
If
Set
Code
40 NodesAngel Menendez
Sicherheitsbetrieb
Analyse von Outlook-Email-Headern zur Erkennung von IP-Reputations- und Tricksendungen
Outlook-Header analysieren, um IP-Reputationsverlust und Betrug zu erkennen
If
Set
Code
+
If
Set
Code
41 NodesAngel Menendez
Sicherheitsbetrieb
Workflow-Informationen
Schwierigkeitsgrad
Fortgeschritten
Anzahl der Nodes15
Kategorie1
Node-Typen8
Autor
Externe Links
Auf n8n.io ansehen →
Diesen Workflow teilen