Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/oliverl-21/duo_log_alert

simple PoC to leverage the Cisco DUO Admin API and send a Webhook for denied Authentications to Slack
https://github.com/oliverl-21/duo_log_alert

duo-security slack webhook

Last synced: about 2 months ago
JSON representation

simple PoC to leverage the Cisco DUO Admin API and send a Webhook for denied Authentications to Slack

Host: GitHub
URL: https://github.com/oliverl-21/duo_log_alert
Owner: oliverl-21
License: bsd-3-clause
Created: 2023-10-31T05:36:05.000Z (about 1 year ago)
Default Branch: master
Last Pushed: 2024-09-10T05:55:42.000Z (4 months ago)
Last Synced: 2024-09-10T08:20:15.907Z (4 months ago)
Topics: duo-security, slack, webhook
Language: JavaScript
Homepage:
Size: 136 KB
Stars: 1
Watchers: 1
Forks: 1
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE
- Security: SECURITY.md

Awesome Lists containing this project

README

# DUO Log Alert

simple PoC to leverage the Cisco DUO Admin [API](https://duo.com/docs/adminapi#logs) and send a Webhook for denied Authentications to Slack

## Usage

You need the DUO Admin API credentials

- ikey
- skey
- duo api host

if a webhook should be send use the option `--hook` with your webhook PATH you obtained through [slack](https://api.slack.com/messaging/webhooks)
The Webhoook URL will look like this `https://hooks.slack.com/services/T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX` strip `https://hooks.slack.com/services/` from it and append it as an option.

- hook T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX

```js
//node main.js --ikey --skey --host --hook
node main.js --ikey --skey --host api-xxxxxxxx.duosecurity.com --hook T00000000/B00000000/XXXXXXXXXXXXXXXXXXXXXXXX
```

## ToDo

rework for usage env vars and test serverless.