def test_eq(self):
flow_record = FlowRecord({'message': SAMPLE_RECORDS[0]})
equal_record = FlowRecord({'message': SAMPLE_RECORDS[0]})
unequal_record = FlowRecord({'message': SAMPLE_RECORDS[1]})
self.assertEqual(flow_record, equal_record)
self.assertNotEqual(flow_record, unequal_record)
self.assertNotEqual(flow_record, Ellipsis)
def test_millisecond_timestamp(self):
# This record has millisecond timestamps
record = ('2 123456789010 eni-4b118871 - - - - - - - '
'1512564058000 1512564059000 - SKIPDATA')
flow_record = FlowRecord({'message': record})
self.assertEqual(flow_record.start, datetime(2017, 12, 6, 12, 40, 58))
self.assertEqual(flow_record.end, datetime(2017, 12, 6, 12, 40, 59))
def test_str(self):
flow_record = FlowRecord({'message': SAMPLE_RECORDS[0]})
actual = str(flow_record)
expected = (
'version: 2, account_id: 123456789010, '
'interface_id: eni-102010ab, srcaddr: 198.51.100.1, '
'dstaddr: 192.0.2.1, srcport: 443, dstport: 49152, protocol: 6, '
'packets: 10, bytes: 840, start: 2015-08-12 13:47:43, '
'end: 2015-08-12 13:47:44, action: ACCEPT, log_status: OK')
self.assertEqual(actual, expected)
def test_missing_timestamps(self):
event_data = {
'version': '3',
'srcaddr': '192.0.2.0',
'dstaddr': '198.51.100.0',
'bytes': '200',
}
flow_record = FlowRecord(event_data)
self.assertEqual(
flow_record.to_dict(),
{
'version': 3,
'srcaddr': '192.0.2.0',
'dstaddr': '198.51.100.0',
'bytes': 200,
},
)
self.assertIsNone(flow_record.start)
self.assertIsNone(flow_record.end)
def test_eq(self):
flow_record = FlowRecord({'message': SAMPLE_RECORDS[1]})
actual = {x: getattr(flow_record, x) for x in FlowRecord.__slots__}
expected = {
'account_id': '123456789010',
'action': 'ACCEPT',
'bytes': 1680,
'dstaddr': '198.51.100.1',
'dstport': 443,
'end': datetime(2015, 8, 12, 13, 47, 45),
'interface_id': 'eni-102010ab',
'log_status': 'OK',
'packets': 20,
'protocol': 6,
'srcaddr': '192.0.2.1',
'srcport': 49152,
'start': datetime(2015, 8, 12, 13, 47, 44),
'version': 2,
}
self.assertEqual(actual, expected)
def test_to_dict(self):
flow_record = FlowRecord({'message': SAMPLE_RECORDS[2]})
actual = flow_record.to_dict()
expected = {
'account_id': '123456789010',
'action': 'REJECT',
'bytes': 1680,
'dstaddr': '198.51.100.1',
'dstport': 443,
'end': datetime(2015, 8, 12, 13, 47, 46),
'interface_id': 'eni-102010ab',
'log_status': 'OK',
'packets': 20,
'protocol': 6,
'srcaddr': '192.0.2.1',
'srcport': 49152,
'start': datetime(2015, 8, 12, 13, 47, 45),
'version': 2,
}
self.assertEqual(actual, expected)
def test_from_message(self):
event_record = FlowRecord({'message': SAMPLE_RECORDS[1]})
message_record = FlowRecord.from_message(SAMPLE_RECORDS[1])
self.assertEqual(event_record, message_record)
