AI-powered log intelligence for automated Wazuh rule generation.
Transform your security logs into production-ready Wazuh detection rules using advanced AI models.
- Smart Upload - Drag & drop log file uploads (.log, .txt, .json, .csv)
- Pattern Detection - Automatically detects IP addresses, timestamps, errors, and security patterns
- AI Rule Generation - Powered by Groq AI models for fast, accurate rule generation
- Edit & Customize - Review and edit generated rules before deployment
- Bulk Operations - Export multiple rules as ZIP files
- Secure by Default - XSS protection, input validation, secure file handling
- Modern UI - Dark/Light mode, responsive design, minimalist interface
- Authentication - Auth0 integration for secure access
- Modern Hero Section - Clean, minimalist design with gradient effects
- Feature Highlights - Key benefits displayed with clear visual hierarchy
- Smooth Animations - Subtle transitions and hover effects
- Responsive Layout - Optimized for desktop, tablet, and mobile devices
- File Upload Zone - Large, intuitive drag-and-drop area with visual feedback
- File Management - Clean file cards with metadata (size, upload date)
- Pattern Detection - Interactive pattern analysis with expandable insights
- Job Status Tracking - Real-time updates with color-coded status indicators
- Rule Viewer - Syntax-highlighted XML editor with copy/download options
- Dark/Light Mode - Seamless theme switching with persistent preference
- Color Palette - Blue-black theme with cyan accents for modern look
- Typography - Clear, readable fonts with proper hierarchy
- Icons - Consistent iconography throughout the interface
- Spacing - Generous whitespace for better readability
- Toast Notifications - Non-intrusive success/error messages
- Loading States - Skeleton loaders and progress indicators
- Error Handling - User-friendly error messages with actionable guidance
- Keyboard Shortcuts - Power user features for faster navigation
- Accessibility - WCAG-compliant design for inclusive access
Note: Screenshots will be added soon. For now, you can see the live application at
http://localhost:5173after setup.
```
- Modern hero section with gradient text
- Feature cards with icons
- Call-to-action buttons
```
```
- File upload zone
- Uploaded files list
- Generation jobs tracker
- Rule viewer panel
```
- Python 3.10+
- Node.js 18+
- Groq API Key (Get one here)
- Auth0 Account (Sign up here)
Run the setup script to automate the entire setup process:
git clone git@github.com:inog9/WazMind.git
cd WazMind
chmod +x setup.sh
./setup.shThe script will:
- β Check prerequisites (Python 3.10+, Node.js 18+)
- β Set up backend (virtual environment, dependencies)
- β Set up frontend (npm dependencies)
- β
Create
.envfile from.env.example - β Create necessary directories
After running the script, edit .env and add your API keys:
GROQ_API_KEY- Your Groq API key (get from Groq Console)VITE_AUTH0_DOMAIN- Your Auth0 domainVITE_AUTH0_CLIENT_ID- Your Auth0 client ID
See AUTH0_SETUP.md for detailed Auth0 configuration.
-
Clone the repository:
git clone git@github.com:inog9/WazMind.git cd WazMind -
Backend Setup:
cd backend python3 -m venv venv source venv/bin/activate # Linux/Mac pip install -r requirements.txt
-
Frontend Setup:
cd frontend npm install -
Environment Configuration:
Copy
.env.exampleto.envin root directory:cp .env.example .env
Edit
.envand fill in all values:GROQ_API_KEY- Your Groq API key (for backend)VITE_AUTH0_DOMAIN- Your Auth0 domain (for frontend)VITE_AUTH0_CLIENT_ID- Your Auth0 client ID (for frontend)- Other values as needed
Note: Both backend and frontend will read from the same
.envfile in root directory.See AUTH0_SETUP.md for detailed Auth0 configuration.
-
Run the application:
Terminal 1 - Backend:
cd backend source venv/bin/activate uvicorn app.main:app --reload --port 8000
Terminal 2 - Frontend:
cd frontend npm run dev -
Access:
- Frontend: http://localhost:5173
- Backend API: http://localhost:8000
- API Docs: http://localhost:8000/docs
- Quick Start Guide - Get started quickly
- Development Guide - Development without Docker
- Auth0 Setup - Authentication configuration
- Performance Guide - Frontend performance optimization
- FastAPI - Modern Python web framework
- SQLAlchemy - ORM for database operations
- Groq API - AI model integration
- SQLite - Database (can be upgraded to PostgreSQL)
- React 18 - UI framework
- Vite - Build tool and dev server
- TailwindCSS - Styling
- Auth0 - Authentication
- Axios - HTTP client
- XSS protection with input sanitization
- SQL injection prevention (SQLAlchemy ORM)
- Command injection protection
- Security headers (CSP, XSS-Protection, etc.)
- Rate limiting on API endpoints
- File upload validation
wazmind/
βββ backend/
β βββ app/
β β βββ api/ # API endpoints
β β βββ services/ # External services (Groq)
β β βββ utils/ # Utilities
β β βββ models.py # Database models
β β βββ main.py # FastAPI app
β βββ requirements.txt
βββ frontend/
β βββ src/
β β βββ components/ # React components
β β βββ contexts/ # React contexts
β β βββ utils/ # Utilities
β βββ package.json
βββ README.md
See DEVELOPMENT.md for detailed development guide.
Contributions are welcome! Please feel free to submit a Pull Request.
See CONTRIBUTING.md for detailed guidelines on how to contribute.
This project is licensed under the MIT License - see the LICENSE file for details.