Obtenir des insights en temps réel sur la sécurité via l'intégration de NixGuard RAG et Wazuh
Intermédiaire
Ceci est unSecOpsworkflow d'automatisation du domainecontenant 15 nœuds.Utilise principalement des nœuds comme Set, Code, Merge, Aggregate, HttpRequest. Via NixGuard RAG et l'intégration Wazuh, obtenir des informations de sécurité en temps réel
Prérequis
- •Peut nécessiter les informations d'identification d'authentification de l'API cible
Nœuds utilisés (15)
Catégorie
Aperçu du workflow
Visualisation des connexions entre les nœuds, avec support du zoom et du déplacement
Exporter le workflow
Copiez la configuration JSON suivante dans n8n pour importer et utiliser ce workflow
{
"id": "I0nUORqYTwDFZa51",
"meta": {
"instanceId": "558d88703fb65b2d0e44613bc35916258b0f0bf983c5d4730c00c424b77ca36a"
},
"name": "Get Real-Time Security Insights with NixGuard RAG and Wazuh Integration",
"tags": [
{
"id": "q7fiN9zbxrNmsNbT",
"name": "NixGuard",
"createdAt": "2025-06-10T17:12:53.669Z",
"updatedAt": "2025-06-10T17:12:53.669Z"
},
{
"id": "CaOFkWRRUPhl5zch",
"name": "NEX",
"createdAt": "2025-06-10T17:12:57.408Z",
"updatedAt": "2025-06-10T17:12:57.408Z"
},
{
"id": "pQg0XfRi6hFoyuVB",
"name": "Wazuh",
"createdAt": "2025-06-10T17:13:00.952Z",
"updatedAt": "2025-06-10T17:13:00.952Z"
},
{
"id": "nBFKoKp6KIhjRaEn",
"name": "Security",
"createdAt": "2025-06-10T17:13:09.106Z",
"updatedAt": "2025-06-10T17:13:09.106Z"
},
{
"id": "to1DVLh70D0WBlIi",
"name": "Cybersecurity",
"createdAt": "2025-06-10T17:13:17.593Z",
"updatedAt": "2025-06-10T17:13:17.593Z"
}
],
"nodes": [
{
"id": "dc94efb5-91a0-4d2b-9cd0-e72b1e97498d",
"name": "À la réception d'un message chat",
"type": "@n8n/n8n-nodes-langchain.chatTrigger",
"disabled": true,
"position": [
-400,
-80
],
"webhookId": "ec75b9db-22e6-4bb3-88c1-66afced7d2e5",
"parameters": {
"options": {}
},
"typeVersion": 1.1
},
{
"id": "de233ffa-d892-4b6a-997f-5a7af8b51db8",
"name": "Déclencheur d'exécution de workflow",
"type": "n8n-nodes-base.executeWorkflowTrigger",
"position": [
-400,
100
],
"parameters": {},
"typeVersion": 1
},
{
"id": "ce9d6961-8cf9-435b-9ba9-88cc043ac60f",
"name": "Envoyer une requête à NixGuard API",
"type": "n8n-nodes-base.httpRequest",
"position": [
640,
120
],
"parameters": {
"url": "https://nix.thenex.world",
"method": "POST",
"options": {},
"sendBody": true,
"jsonHeaders": "{\"Content-Type\": \"application/json\"}",
"sendHeaders": true,
"bodyParameters": {
"parameters": [
{
"name": "apiKey",
"value": "={{ $json.apiKey }}"
},
{
"name": "prompt",
"value": "={{ $json.chatInput }}"
}
]
},
"specifyHeaders": "json"
},
"typeVersion": 4.2
},
{
"id": "aa084f8f-8f81-4079-a61a-3f3772ed351a",
"name": "Formater la réponse API",
"type": "n8n-nodes-base.set",
"position": [
780,
340
],
"parameters": {
"options": {},
"assignments": {
"assignments": [
{
"id": "e41e3031-3669-432b-a669-8ece63e0a2a4",
"name": "content",
"type": "string",
"value": "={{ $json.content }}"
}
]
}
},
"typeVersion": 3.4
},
{
"id": "b3bb011b-cf24-4c9e-b4aa-20f6718cc798",
"name": "Préparer la sortie finale",
"type": "n8n-nodes-base.code",
"position": [
940,
280
],
"parameters": {
"jsCode": "const output = items[0].json.content;\n\nreturn [{json: {output}}];"
},
"typeVersion": 2
},
{
"id": "283c8732-fe9e-4e85-83f4-9ff00241b08b",
"name": "Analyser la réponse NixGuard",
"type": "n8n-nodes-base.code",
"position": [
620,
400
],
"parameters": {
"jsCode": "const nixResponse = JSON.parse($input.first().json.data);\nconst nixResult = nixResponse.result;\n\nreturn nixResponse;"
},
"typeVersion": 2
},
{
"id": "1bd49a13-db15-45ac-8d83-3a198b6d401c",
"name": "Fusionner les données d'entrée",
"type": "n8n-nodes-base.merge",
"position": [
160,
-20
],
"parameters": {},
"typeVersion": 3
},
{
"id": "60ce604d-a084-4895-9c3b-37ff29f98fd4",
"name": "Agréger les données de sécurité",
"type": "n8n-nodes-base.aggregate",
"position": [
320,
40
],
"parameters": {
"options": {},
"aggregate": "aggregateAllItemData"
},
"typeVersion": 1
},
{
"id": "9835ff41-0cae-491f-aade-2e8981c10232",
"name": "Combiner les données de sécurité",
"type": "n8n-nodes-base.code",
"position": [
480,
80
],
"parameters": {
"jsCode": "\n// Combine properties from both objects into a single object \nconst combinedObject = Object.assign({}, ...$input.first().json.data); \n// Return the combined object as a single item \nreturn [combinedObject];"
},
"typeVersion": 2
},
{
"id": "9df08e53-a3df-434b-ba8e-909bfae11d24",
"name": "Préparer les données de requête API",
"type": "n8n-nodes-base.set",
"disabled": true,
"position": [
-200,
-80
],
"parameters": {
"options": {},
"assignments": {
"assignments": [
{
"id": "78b78cf7-943f-4f4f-91c5-c71efeb7d78a",
"name": "apiKey",
"type": "string",
"value": ""
},
{
"id": "0ee0f3f2-2954-414b-a701-4ca14e3c5be2",
"name": "sessionId",
"type": "string",
"value": "={{ $json.sessionId }}"
},
{
"id": "a0f7d4d4-0ac7-474e-b87a-b87536f5e303",
"name": "action",
"type": "string",
"value": "={{ $json.action }}"
},
{
"id": "3d047460-d218-4408-aa7a-466f55a5de24",
"name": "chatInput",
"type": "string",
"value": "={{ $json.chatInput }}"
}
]
}
},
"typeVersion": 3.4
},
{
"id": "1a040e52-30fb-4556-ac2c-71f173075d89",
"name": "Agrégation de données",
"type": "n8n-nodes-base.stickyNote",
"position": [
-140,
140
],
"parameters": {
"color": 7,
"width": 400,
"height": 340,
"content": "## Data Aggregation\n\nThis section combines multiple security data sources:\n1. **Merge Input Data**: Combines triggers from different sources\n2. **Aggregate Security Data**: Consolidates security events\n3. **Combine Security Data**: Creates unified request payload\n\n### Use Cases:\n- Correlate Wazuh alerts with NixGuard insights\n- Combine multiple security queries\n- Process batch security events"
},
"typeVersion": 1
},
{
"id": "a4d8b9d0-84e2-4732-ac67-85985343a67c",
"name": "Guide d'installation",
"type": "n8n-nodes-base.stickyNote",
"position": [
-860,
320
],
"parameters": {
"color": 7,
"width": 400,
"height": 420,
"content": "## Getting Started\n\n### Prerequisites:\n- Valid NixGuard API key\n- Access to Wazuh security data (if integrating)\n\n### Setup Instructions:\n1. Configure your NixGuard API key in 'Prepare API Request Data' node\n2. Set up trigger method (chat or manual)\n3. Test with sample security queries\n4. Make sure NixGuard agents are installed on your network endpoints for real-time security events\n\n### Support:\nFor questions, visit [NixGuard Documentation](https://nixguard.thenex.world) or join our [Community Discord](https://discord.com/invite/ajCYwYCwHb)"
},
"typeVersion": 1
},
{
"id": "a94e8519-9783-4b2f-8ca9-e3e571784e40",
"name": "Aperçu du workflow1",
"type": "n8n-nodes-base.stickyNote",
"position": [
-960,
-80
],
"parameters": {
"color": 7,
"width": 500,
"height": 380,
"content": "## NixGuard Security Connector Workflow\n\nThis workflow integrates NixGuard's RAG (Retrieval-Augmented Generation) with Wazuh security data to provide real-time security insights.\n\n### Key Features:\n- Processes security queries through NixGuard's AI\n- Combines multiple security data sources\n- Returns actionable security insights\n\n### Authentication:\nRequires valid API key for NixGuard endpoint (configured in 'Prepare API Request Data' node)."
},
"typeVersion": 1
},
{
"id": "69fd8854-8025-462f-b078-73b86803a8c7",
"name": "Explication de la requête API1",
"type": "n8n-nodes-base.stickyNote",
"position": [
-140,
500
],
"parameters": {
"color": 7,
"width": 400,
"height": 380,
"content": "## API Request Configuration\n\nThis node sends the security query to NixGuard's API endpoint with:\n- Proper authentication headers\n- Formatted request body\n- Required content type\n\n### Configuration:\n1. Set your NixGuard API endpoint URL\n2. Ensure headers include `Content-Type: application/json`\n3. Body contains:\n - `apiKey`: Your NixGuard API key\n - `prompt`: The security query/input"
},
"typeVersion": 1
},
{
"id": "b4d557c8-6db5-42d6-bf6a-6edbe4c84dec",
"name": "Traitement de la réponse1",
"type": "n8n-nodes-base.stickyNote",
"position": [
800,
500
],
"parameters": {
"color": 7,
"width": 400,
"height": 320,
"content": "## Response Processing\n\nThis section handles the NixGuard API response:\n1. **Parse NixGuard Response**: Converts JSON string to object\n2. **Format API Response**: Extracts relevant content\n3. **Prepare Final Output**: Structures output for end users\n\n### Error Handling:\n- Invalid responses will trigger error paths\n- Ensure proper error handling in subsequent workflows"
},
"typeVersion": 1
}
],
"active": false,
"pinData": {},
"settings": {
"executionOrder": "v1"
},
"versionId": "130b7c1c-428f-45c4-934c-14653965820d",
"connections": {
"1bd49a13-db15-45ac-8d83-3a198b6d401c": {
"main": [
[
{
"node": "60ce604d-a084-4895-9c3b-37ff29f98fd4",
"type": "main",
"index": 0
}
]
]
},
"aa084f8f-8f81-4079-a61a-3f3772ed351a": {
"main": [
[
{
"node": "b3bb011b-cf24-4c9e-b4aa-20f6718cc798",
"type": "main",
"index": 0
}
]
]
},
"9835ff41-0cae-491f-aade-2e8981c10232": {
"main": [
[
{
"node": "ce9d6961-8cf9-435b-9ba9-88cc043ac60f",
"type": "main",
"index": 0
}
]
]
},
"60ce604d-a084-4895-9c3b-37ff29f98fd4": {
"main": [
[
{
"node": "9835ff41-0cae-491f-aade-2e8981c10232",
"type": "main",
"index": 0
}
]
]
},
"283c8732-fe9e-4e85-83f4-9ff00241b08b": {
"main": [
[
{
"node": "aa084f8f-8f81-4079-a61a-3f3772ed351a",
"type": "main",
"index": 0
}
]
]
},
"de233ffa-d892-4b6a-997f-5a7af8b51db8": {
"main": [
[
{
"node": "1bd49a13-db15-45ac-8d83-3a198b6d401c",
"type": "main",
"index": 0
}
]
]
},
"9df08e53-a3df-434b-ba8e-909bfae11d24": {
"main": [
[
{
"node": "1bd49a13-db15-45ac-8d83-3a198b6d401c",
"type": "main",
"index": 0
}
]
]
},
"dc94efb5-91a0-4d2b-9cd0-e72b1e97498d": {
"main": [
[
{
"node": "9df08e53-a3df-434b-ba8e-909bfae11d24",
"type": "main",
"index": 0
}
]
]
},
"ce9d6961-8cf9-435b-9ba9-88cc043ac60f": {
"main": [
[
{
"node": "283c8732-fe9e-4e85-83f4-9ff00241b08b",
"type": "main",
"index": 0
}
]
]
}
}
}Foire aux questions
Comment utiliser ce workflow ?
Copiez le code de configuration JSON ci-dessus, créez un nouveau workflow dans votre instance n8n et sélectionnez "Importer depuis le JSON", collez la configuration et modifiez les paramètres d'authentification selon vos besoins.
Dans quelles scénarios ce workflow est-il adapté ?
Intermédiaire - Opérations de sécurité
Est-ce payant ?
Ce workflow est entièrement gratuit et peut être utilisé directement. Veuillez noter que les services tiers utilisés dans le workflow (comme l'API OpenAI) peuvent nécessiter un paiement de votre part.
Workflows recommandés
Classification automatique des alertes de sécurité : NixGuard AI et routage vers Slack ou Jira
Automatiser la classification des alertes de sécurité : NixGuard AI et acheminement vers Slack ou Jira
If
Set
Code
+
If
Set
Code
19 NœudsJonathan | NEX
Opérations de sécurité
Système de réponse aux questions de documentation basé sur les embeddings Voyage-Context-3 et MongoDB Atlas
Chatbot de questions-réponses pour documents basé sur Voyage-Context-3 Embeddings et MongoDB Atlas
Set
Code
Wait
+
Set
Code
Wait
53 NœudsJimleuk
Ingénierie
Explorer les nœuds n8n dans la bibliothèque de références visuelles
Explorer les nœuds n8n dans la base de références visuelles
If
Ftp
Set
+
If
Ftp
Set
113 NœudsI versus AI
Autres
⚡ 📽️ Ultimate AI-driven YouTube summary and analysis chatbot
⚡📽️ Chatbot IA polyvalent pour les résumés et l'analyse de vidéos YouTube
Set
Code
Merge
+
Set
Code
Merge
29 NœudsJoseph LePage
Intelligence Artificielle
Analyser les en-têtes d'e-mail Gmail pour détecter la réputation IP et l'hameçonnage
Analyser les en-têtes Gmail pour détecter la réputation IP et l'hameçonnage
If
Set
Code
+
If
Set
Code
40 NœudsAngel Menendez
Opérations de sécurité
Analyser les en-têtes d'e-mail Outlook pour détecter la réputation IP et l'hameçonnage
Analyser les en-têtes Outlook pour détecter la réputation IP et l'hameçonnage
If
Set
Code
+
If
Set
Code
41 NœudsAngel Menendez
Opérations de sécurité
Informations sur le workflow
Niveau de difficulté
Intermédiaire
Nombre de nœuds15
Catégorie1
Types de nœuds8
Description de la difficulté
Auteur
Liens externes
Voir sur n8n.io →
Partager ce workflow