Auto Remediate Endpoint Infections with Wazuh, ClamAV & GPT-4 - n8n Workflow | Neura Market
Auto Remediate Endpoint Infections with Wazuh, ClamAV & GPT-4
Automates full endpoint AV scans after high-severity Wazuh infection alerts, using GPT-4 for triage and ClamAV via SSH for rapid remediation.
This workflow reduces human delays between malware detection and remediation in MSSP/SOC environments by automating antivirus scanning immediately after high-severity Wazuh endpoint infection alerts (e.g., rule 52502). It listens for alerts via webhook, employs GPT-4 for AI-powered summaries to accelerate triage, extracts infected file paths with AI and regex, and initiates targeted ClamAV or Defender scans directly on Linux/Windows endpoints using SSH with least-privilege credentials.
Key bene
Platform
n8n
Category
Website Building
Price
$27.99
Creator
Fred Garcia
Wazuh
ClamAV
GPT-4
Security
Malware Remediation
Endpoint Protection
AI Triage
SSH Automation
SOC
Notifications
How to import this workflow into n8n
1Purchase or download the workflow to get the n8n workflow JSON file.
2In your n8n instance, open Workflows and choose "Import from File" (or paste the JSON with Ctrl+V on the canvas).
3Open each node marked with a credential warning and connect your own accounts and API keys.
4Run the workflow once manually to verify the data flow, then toggle it to Active.