Question about Wazuh Manager (Server) ossec.conf configuration with both Ubuntu and Windows endpoints.

[WhiskeySheppard]

|Wazuh version|Component|Install type|Install method|Platform|

Wazuh v4.8.2 The other requested info isn't relevant to my issue

| X.Y.Z-rev | Wazuh component | Manager/Agent | Packages/Sources | OS version |

Wazuh management is running on Ubuntu 24.04.1 LTS

I'm just requesting clarification on setup for the server ossec.conf with multiple OS endpoints reguarding the VirusTotal integration.

Following through the guide, "https://documentation.wazuh.com/current/proof-of-concept-guide/detect-remove-malware-virustotal.html" It goes over the config settings for Ubuntu endpoint, Which I got to work and the threat emulation works as expected. when adding:

To the server ossec.conf. And everything works on my ubuntu endpoint. But trying to get it to work on my Windows endpoints also, I wasn't sure how to proceed. Because the guide says to add:

To the server ossec.conf for Windows endpoint. But I wasn't sure if it needed to look like this:

when trying to use the virustotal integration to work for both Windows and Ubuntu endpoints. Since they're pretty much the same other than one is directing it to executable: >remove-threat.sh<, and the other is directing it to executable: >remove-threat.exe<. Or if I'm supposed to combine the two types of executables something like this:

with a coma, or something between the two types of executables?

In short, I'm just looking for a ossec.conf example when using virustotal intigration for both Windows and Ubuntu endpoints.