From dd1e7cbbdee220cbfcd8611900fd22d8e073775b Mon Sep 17 00:00:00 2001
From: CyberMind-FR <gandalf@Gk2.net>
Date: Tue, 17 Feb 2026 14:57:46 +0100
Subject: [PATCH] feat(security-threats): Add Wazuh SIEM to security status bar

- Add wazuh_running status check to RPCD handler
- Display Wazuh alongside CrowdSec, netifyd, mitmproxy in dashboard

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 .../resources/view/secubox-security-threats/dashboard.js         | 1 +
 .../root/usr/libexec/rpcd/luci.secubox-security-threats          | 1 +
 2 files changed, 2 insertions(+)

diff --git a/package/secubox/luci-app-secubox-security-threats/htdocs/luci-static/resources/view/secubox-security-threats/dashboard.js b/package/secubox/luci-app-secubox-security-threats/htdocs/luci-static/resources/view/secubox-security-threats/dashboard.js
index e945f7f5..c7c1c9e0 100644
--- a/package/secubox/luci-app-secubox-security-threats/htdocs/luci-static/resources/view/secubox-security-threats/dashboard.js
+++ b/package/secubox/luci-app-secubox-security-threats/htdocs/luci-static/resources/view/secubox-security-threats/dashboard.js
@@ -43,6 +43,7 @@ return L.view.extend({
 		var self = this;
 		var services = [
 			{ name: 'CrowdSec', ok: status.crowdsec_running },
+			{ name: 'Wazuh', ok: status.wazuh_running },
 			{ name: 'netifyd', ok: status.netifyd_running },
 			{ name: 'mitmproxy', ok: status.mitmproxy_running },
 			{ name: 'Threat Intel', ok: status.threat_intel_available }
diff --git a/package/secubox/luci-app-secubox-security-threats/root/usr/libexec/rpcd/luci.secubox-security-threats b/package/secubox/luci-app-secubox-security-threats/root/usr/libexec/rpcd/luci.secubox-security-threats
index 39024cdd..0b4c98a3 100755
--- a/package/secubox/luci-app-secubox-security-threats/root/usr/libexec/rpcd/luci.secubox-security-threats
+++ b/package/secubox/luci-app-secubox-security-threats/root/usr/libexec/rpcd/luci.secubox-security-threats
@@ -141,6 +141,7 @@ case "$1" in
 				json_init
 				json_add_boolean "netifyd_running" $(pgrep netifyd >/dev/null 2>&1 && echo 1 || echo 0)
 				json_add_boolean "crowdsec_running" $(pgrep crowdsec >/dev/null 2>&1 && echo 1 || echo 0)
+				json_add_boolean "wazuh_running" $(pgrep wazuh >/dev/null 2>&1 && echo 1 || echo 0)
 				json_add_boolean "mitmproxy_running" $(pgrep -f mitmweb >/dev/null 2>&1 && echo 1 || echo 0)
 				json_add_boolean "cscli_available" $([ -x "$CSCLI" ] && echo 1 || echo 0)
 				json_add_boolean "threat_intel_available" $([ -x "$THREAT_INTEL" ] && echo 1 || echo 0)