Merge pull request #6974 from wazuh/6971-add-forward-to-ref

Add new <global> option <forward_to> to configuration reference
wazuh · Jan 22, 2024 · 56c4492 · 56c4492
2 parents 660d51e + 9b9377d
commit 56c4492
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 4 deletions.
diff --git a/source/user-manual/reference/ossec-conf/global.rst b/source/user-manual/reference/ossec-conf/global.rst
@@ -50,6 +50,7 @@ Options
 - `agents_disconnection_alert_time`_
 - `limits`_
 - `update_check`_
+- `forward_to`_
 
 alerts_log
 ^^^^^^^^^^
@@ -479,8 +480,10 @@ Example:
 
   <agents_disconnection_alert_time>1h</agents_disconnection_alert_time>
 
+.. _reference_limits:
+
 limits
-------
+^^^^^^
 
 This block configures the limits section.
 
@@ -493,7 +496,7 @@ This block configures the limits section.
 +----------------------------+
 
 limits\\eps
-^^^^^^^^^^^
+"""""""""""
 
 This block configures the events per second limitation functionality.
 
@@ -520,7 +523,7 @@ Events per second limits example block:
     </limits>
 
 limits\\eps\\maximum
-^^^^^^^^^^^^^^^^^^^^
+""""""""""""""""""""
 
 Maximum number of events per second allowed to be processed by decoders.
 
@@ -531,7 +534,7 @@ Maximum number of events per second allowed to be processed by decoders.
 +--------------------+-----------------------------------------------------------------+
 
 limits\\eps\\timeframe
-^^^^^^^^^^^^^^^^^^^^^^
+""""""""""""""""""""""
 
 A positive number expressed in seconds that indicates the time period where the events per second processed are increased and restored.
 
@@ -554,6 +557,30 @@ This setting toggles whether to query the external Wazuh Cyber Threat Intelligen
 | **Allowed values** | yes, no |
 +--------------------+---------+
 
+.. _reference_forward_to:
+
+forward_to
+^^^^^^^^^^
+
+Specifies the :ref:`name of the socket <reference_ossec_socket_name>` where the output will be redirected. The socket must be defined previously. 
+
++-------------------------+------------------------------------------------------------------------------------------------------------------------------------------+
+| **Default value**       | None                                                                                                                                     |
++-------------------------+------------------------------------------------------------------------------------------------------------------------------------------+
+| **Allowed values**      | Any defined socket under ``/var/ossec``                                                                                                  |
++-------------------------+------------------------------------------------------------------------------------------------------------------------------------------+
+
+Example:
+
+.. code-block:: xml
+
+  <socket>  
+    <name>custom_socket</name>  
+    <location>/var/ossec/custom.sock</location>  
+    <mode>tcp</mode>  
+  </socket>  
+
+  <forward_to>custom_socket</forward_to>  
 
 Configuration example
 ---------------------

diff --git a/source/user-manual/reference/ossec-conf/socket.rst b/source/user-manual/reference/ossec-conf/socket.rst
@@ -25,6 +25,7 @@ Options
 - `mode`_
 - `prefix`_
 
+.. _reference_ossec_socket_name:
 
 name
 ^^^^^^^^^^
-Original file line number
+Diff line change
@@ Expand Up / @@ -25,6 +25,7 @@ Options @@
     - `mode`_
     - `prefix`_
+    .. _reference_ossec_socket_name:
     name
     ^^^^^^^^^^
@@ Expand Down @@