NixGuard RAGとWazuhの統合によるリアルタイムセキュリティインサイト
中級
これはSecOps分野の自動化ワークフローで、15個のノードを含みます。主にSet, Code, Merge, Aggregate, HttpRequestなどのノードを使用。 NixGuard RAG と Wazuh 統合によるリアルタイムセキュリティインサイト
前提条件
- •ターゲットAPIの認証情報が必要な場合あり
カテゴリー
ワークフロープレビュー
ノード接続関係を可視化、ズームとパンをサポート
ワークフローをエクスポート
以下のJSON設定をn8nにインポートして、このワークフローを使用できます
{
"id": "I0nUORqYTwDFZa51",
"meta": {
"instanceId": "558d88703fb65b2d0e44613bc35916258b0f0bf983c5d4730c00c424b77ca36a"
},
"name": "Get Real-Time Security Insights with NixGuard RAG and Wazuh Integration",
"tags": [
{
"id": "q7fiN9zbxrNmsNbT",
"name": "NixGuard",
"createdAt": "2025-06-10T17:12:53.669Z",
"updatedAt": "2025-06-10T17:12:53.669Z"
},
{
"id": "CaOFkWRRUPhl5zch",
"name": "NEX",
"createdAt": "2025-06-10T17:12:57.408Z",
"updatedAt": "2025-06-10T17:12:57.408Z"
},
{
"id": "pQg0XfRi6hFoyuVB",
"name": "Wazuh",
"createdAt": "2025-06-10T17:13:00.952Z",
"updatedAt": "2025-06-10T17:13:00.952Z"
},
{
"id": "nBFKoKp6KIhjRaEn",
"name": "Security",
"createdAt": "2025-06-10T17:13:09.106Z",
"updatedAt": "2025-06-10T17:13:09.106Z"
},
{
"id": "to1DVLh70D0WBlIi",
"name": "Cybersecurity",
"createdAt": "2025-06-10T17:13:17.593Z",
"updatedAt": "2025-06-10T17:13:17.593Z"
}
],
"nodes": [
{
"id": "dc94efb5-91a0-4d2b-9cd0-e72b1e97498d",
"name": "チャットメッセージ受信時",
"type": "@n8n/n8n-nodes-langchain.chatTrigger",
"disabled": true,
"position": [
-400,
-80
],
"webhookId": "ec75b9db-22e6-4bb3-88c1-66afced7d2e5",
"parameters": {
"options": {}
},
"typeVersion": 1.1
},
{
"id": "de233ffa-d892-4b6a-997f-5a7af8b51db8",
"name": "ワークフロートリガー実行",
"type": "n8n-nodes-base.executeWorkflowTrigger",
"position": [
-400,
100
],
"parameters": {},
"typeVersion": 1
},
{
"id": "ce9d6961-8cf9-435b-9ba9-88cc043ac60f",
"name": "NixGuard API へリクエスト送信",
"type": "n8n-nodes-base.httpRequest",
"position": [
640,
120
],
"parameters": {
"url": "https://nix.thenex.world",
"method": "POST",
"options": {},
"sendBody": true,
"jsonHeaders": "{\"Content-Type\": \"application/json\"}",
"sendHeaders": true,
"bodyParameters": {
"parameters": [
{
"name": "apiKey",
"value": "={{ $json.apiKey }}"
},
{
"name": "prompt",
"value": "={{ $json.chatInput }}"
}
]
},
"specifyHeaders": "json"
},
"typeVersion": 4.2
},
{
"id": "aa084f8f-8f81-4079-a61a-3f3772ed351a",
"name": "API レスポンスのフォーマット",
"type": "n8n-nodes-base.set",
"position": [
780,
340
],
"parameters": {
"options": {},
"assignments": {
"assignments": [
{
"id": "e41e3031-3669-432b-a669-8ece63e0a2a4",
"name": "content",
"type": "string",
"value": "={{ $json.content }}"
}
]
}
},
"typeVersion": 3.4
},
{
"id": "b3bb011b-cf24-4c9e-b4aa-20f6718cc798",
"name": "最終出力の準備",
"type": "n8n-nodes-base.code",
"position": [
940,
280
],
"parameters": {
"jsCode": "const output = items[0].json.content;\n\nreturn [{json: {output}}];"
},
"typeVersion": 2
},
{
"id": "283c8732-fe9e-4e85-83f4-9ff00241b08b",
"name": "NixGuardレスポンスの解析",
"type": "n8n-nodes-base.code",
"position": [
620,
400
],
"parameters": {
"jsCode": "const nixResponse = JSON.parse($input.first().json.data);\nconst nixResult = nixResponse.result;\n\nreturn nixResponse;"
},
"typeVersion": 2
},
{
"id": "1bd49a13-db15-45ac-8d83-3a198b6d401c",
"name": "入力データの統合",
"type": "n8n-nodes-base.merge",
"position": [
160,
-20
],
"parameters": {},
"typeVersion": 3
},
{
"id": "60ce604d-a084-4895-9c3b-37ff29f98fd4",
"name": "セキュリティデータの集約",
"type": "n8n-nodes-base.aggregate",
"position": [
320,
40
],
"parameters": {
"options": {},
"aggregate": "aggregateAllItemData"
},
"typeVersion": 1
},
{
"id": "9835ff41-0cae-491f-aade-2e8981c10232",
"name": "セキュリティデータの結合",
"type": "n8n-nodes-base.code",
"position": [
480,
80
],
"parameters": {
"jsCode": "\n// Combine properties from both objects into a single object \nconst combinedObject = Object.assign({}, ...$input.first().json.data); \n// Return the combined object as a single item \nreturn [combinedObject];"
},
"typeVersion": 2
},
{
"id": "9df08e53-a3df-434b-ba8e-909bfae11d24",
"name": "API リクエストデータの準備",
"type": "n8n-nodes-base.set",
"disabled": true,
"position": [
-200,
-80
],
"parameters": {
"options": {},
"assignments": {
"assignments": [
{
"id": "78b78cf7-943f-4f4f-91c5-c71efeb7d78a",
"name": "apiKey",
"type": "string",
"value": ""
},
{
"id": "0ee0f3f2-2954-414b-a701-4ca14e3c5be2",
"name": "sessionId",
"type": "string",
"value": "={{ $json.sessionId }}"
},
{
"id": "a0f7d4d4-0ac7-474e-b87a-b87536f5e303",
"name": "action",
"type": "string",
"value": "={{ $json.action }}"
},
{
"id": "3d047460-d218-4408-aa7a-466f55a5de24",
"name": "chatInput",
"type": "string",
"value": "={{ $json.chatInput }}"
}
]
}
},
"typeVersion": 3.4
},
{
"id": "1a040e52-30fb-4556-ac2c-71f173075d89",
"name": "データ集約",
"type": "n8n-nodes-base.stickyNote",
"position": [
-140,
140
],
"parameters": {
"color": 7,
"width": 400,
"height": 340,
"content": "## Data Aggregation\n\nThis section combines multiple security data sources:\n1. **Merge Input Data**: Combines triggers from different sources\n2. **Aggregate Security Data**: Consolidates security events\n3. **Combine Security Data**: Creates unified request payload\n\n### Use Cases:\n- Correlate Wazuh alerts with NixGuard insights\n- Combine multiple security queries\n- Process batch security events"
},
"typeVersion": 1
},
{
"id": "a4d8b9d0-84e2-4732-ac67-85985343a67c",
"name": "セットアップガイド",
"type": "n8n-nodes-base.stickyNote",
"position": [
-860,
320
],
"parameters": {
"color": 7,
"width": 400,
"height": 420,
"content": "## Getting Started\n\n### Prerequisites:\n- Valid NixGuard API key\n- Access to Wazuh security data (if integrating)\n\n### Setup Instructions:\n1. Configure your NixGuard API key in 'Prepare API Request Data' node\n2. Set up trigger method (chat or manual)\n3. Test with sample security queries\n4. Make sure NixGuard agents are installed on your network endpoints for real-time security events\n\n### Support:\nFor questions, visit [NixGuard Documentation](https://nixguard.thenex.world) or join our [Community Discord](https://discord.com/invite/ajCYwYCwHb)"
},
"typeVersion": 1
},
{
"id": "a94e8519-9783-4b2f-8ca9-e3e571784e40",
"name": "ワークフロー概要1",
"type": "n8n-nodes-base.stickyNote",
"position": [
-960,
-80
],
"parameters": {
"color": 7,
"width": 500,
"height": 380,
"content": "## NixGuard Security Connector Workflow\n\nThis workflow integrates NixGuard's RAG (Retrieval-Augmented Generation) with Wazuh security data to provide real-time security insights.\n\n### Key Features:\n- Processes security queries through NixGuard's AI\n- Combines multiple security data sources\n- Returns actionable security insights\n\n### Authentication:\nRequires valid API key for NixGuard endpoint (configured in 'Prepare API Request Data' node)."
},
"typeVersion": 1
},
{
"id": "69fd8854-8025-462f-b078-73b86803a8c7",
"name": "API リクエスト説明1",
"type": "n8n-nodes-base.stickyNote",
"position": [
-140,
500
],
"parameters": {
"color": 7,
"width": 400,
"height": 380,
"content": "## API Request Configuration\n\nThis node sends the security query to NixGuard's API endpoint with:\n- Proper authentication headers\n- Formatted request body\n- Required content type\n\n### Configuration:\n1. Set your NixGuard API endpoint URL\n2. Ensure headers include `Content-Type: application/json`\n3. Body contains:\n - `apiKey`: Your NixGuard API key\n - `prompt`: The security query/input"
},
"typeVersion": 1
},
{
"id": "b4d557c8-6db5-42d6-bf6a-6edbe4c84dec",
"name": "レスポンス処理1",
"type": "n8n-nodes-base.stickyNote",
"position": [
800,
500
],
"parameters": {
"color": 7,
"width": 400,
"height": 320,
"content": "## Response Processing\n\nThis section handles the NixGuard API response:\n1. **Parse NixGuard Response**: Converts JSON string to object\n2. **Format API Response**: Extracts relevant content\n3. **Prepare Final Output**: Structures output for end users\n\n### Error Handling:\n- Invalid responses will trigger error paths\n- Ensure proper error handling in subsequent workflows"
},
"typeVersion": 1
}
],
"active": false,
"pinData": {},
"settings": {
"executionOrder": "v1"
},
"versionId": "130b7c1c-428f-45c4-934c-14653965820d",
"connections": {
"1bd49a13-db15-45ac-8d83-3a198b6d401c": {
"main": [
[
{
"node": "60ce604d-a084-4895-9c3b-37ff29f98fd4",
"type": "main",
"index": 0
}
]
]
},
"aa084f8f-8f81-4079-a61a-3f3772ed351a": {
"main": [
[
{
"node": "b3bb011b-cf24-4c9e-b4aa-20f6718cc798",
"type": "main",
"index": 0
}
]
]
},
"9835ff41-0cae-491f-aade-2e8981c10232": {
"main": [
[
{
"node": "ce9d6961-8cf9-435b-9ba9-88cc043ac60f",
"type": "main",
"index": 0
}
]
]
},
"60ce604d-a084-4895-9c3b-37ff29f98fd4": {
"main": [
[
{
"node": "9835ff41-0cae-491f-aade-2e8981c10232",
"type": "main",
"index": 0
}
]
]
},
"283c8732-fe9e-4e85-83f4-9ff00241b08b": {
"main": [
[
{
"node": "aa084f8f-8f81-4079-a61a-3f3772ed351a",
"type": "main",
"index": 0
}
]
]
},
"de233ffa-d892-4b6a-997f-5a7af8b51db8": {
"main": [
[
{
"node": "1bd49a13-db15-45ac-8d83-3a198b6d401c",
"type": "main",
"index": 0
}
]
]
},
"9df08e53-a3df-434b-ba8e-909bfae11d24": {
"main": [
[
{
"node": "1bd49a13-db15-45ac-8d83-3a198b6d401c",
"type": "main",
"index": 0
}
]
]
},
"dc94efb5-91a0-4d2b-9cd0-e72b1e97498d": {
"main": [
[
{
"node": "9df08e53-a3df-434b-ba8e-909bfae11d24",
"type": "main",
"index": 0
}
]
]
},
"ce9d6961-8cf9-435b-9ba9-88cc043ac60f": {
"main": [
[
{
"node": "283c8732-fe9e-4e85-83f4-9ff00241b08b",
"type": "main",
"index": 0
}
]
]
}
}
}よくある質問
このワークフローの使い方は?
上記のJSON設定コードをコピーし、n8nインスタンスで新しいワークフローを作成して「JSONからインポート」を選択、設定を貼り付けて認証情報を必要に応じて変更してください。
このワークフローはどんな場面に適していますか?
中級 - セキュリティ運用
有料ですか?
このワークフローは完全無料です。ただし、ワークフローで使用するサードパーティサービス(OpenAI APIなど)は別途料金が発生する場合があります。
関連ワークフロー
自動安全アラート分類:NixGuard AIおよびSlackやJiraへのルーティング
NixGuard AIによる自動セキュリティアラート分類:SlackまたはJiraへのルーティング
If
Set
Code
+
If
Set
Code
19 ノードJonathan | NEX
セキュリティ運用
Voyage-Context-3 エンベディングと MongoDB Atlas に基づくドキュメントQ&Aシステム
Voyage-Context-3埋め込みモデルおよびMongoDB Atlasを基盤としたドキュメントQ&Aシステム
Set
Code
Wait
+
Set
Code
Wait
53 ノードJimleuk
エンジニアリング
n8nノードの探索(可視化リファレンスライブラリ内)
n8nノードを可視化リファレンスライブラリで探索
If
Ftp
Set
+
If
Ftp
Set
113 ノードI versus AI
その他
⚡📽️究極のAI駆動型YouTube要約と分析チャットボット
⚡📽️ YouTube要約と分析のためのオールインワンAIチャットボット
Set
Code
Merge
+
Set
Code
Merge
29 ノードJoseph LePage
人工知能
Gmailのメールヘッダーを解析してIP信頼性とスプーフィングを検出
Gmailのメールヘッダーを解析し、IP評判とスプーフィングを検出する
If
Set
Code
+
If
Set
Code
40 ノードAngel Menendez
セキュリティ運用
Outlookのメールヘッダーを解析してIP信頼性とスプーフィングを検出
Outlookのメールヘッダーを解析し、IP評判とスプーフィングを検出する
If
Set
Code
+
If
Set
Code
41 ノードAngel Menendez
セキュリティ運用
