async def test_put_tag():
ts = time.perf_counter()
bprint('Test: Put Tag')
async with BricataApiClient(
cfg=f'{getenv("CFG_HOME")}/bricata_api_client.toml') as bac:
tag = TagRequest(name='sea_test',
color='#ff9800',
icon='fas fa-grimace')
results = await bac.put_tag(tag=tag)
assert type(results) is Results
assert not results.failure
results = await bac.get_tags()
assert type(results) is Results
assert len(results.success) >= 1
assert not results.failure
tags = [t['name'] for t in results.success]
assert 'sea_test' in tags # Check if tag was created
tprint(results)
bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_get_alerts_filtered():
ts = time.perf_counter()
bprint('Test: Get Alerts, Filtered')
async with BricataApiClient(cfg=f'{getenv("CFG_HOME")}/bricata_api_client.toml') as bac:
af = AlertsFilter(tags='ATO')
results = await bac.get_alerts(af)
# assert type(results) is Results
# assert len(results.success) >= 1
# assert not results.failure
tprint(results, top=5)
bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_get_tags():
ts = time.perf_counter()
bprint('Test: Get Tags')
async with BricataApiClient(
cfg=f'{getenv("CFG_HOME")}/bricata_api_client.toml') as bac:
results = await bac.get_tags()
assert type(results) is Results
assert len(results.success) >= 1
assert not results.failure
tprint(results)
bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_get_alerts():
ts = time.perf_counter()
bprint('Test: Get Alerts')
async with BricataApiClient(cfg=f'{getenv("CFG_HOME")}/bricata_api_client.toml') as bac:
results = await bac.get_records(AlertQuery())
# print('results:\n\t', results)
assert type(results) is Results
assert len(results.success) >= 1
assert not results.failure
tprint(results, top=5)
bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_login():
ts = time.perf_counter()
bprint('Test: Login')
async with BricataApiClient(cfg=f'{getenv("CFG_HOME")}/bricata_api_client.toml') as bac:
results = await bac.login()
assert type(results) is Results
assert len(results.success) == 1
assert not results.failure
print('Header:', bac.header)
tprint(results)
bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_delete_tag():
ts = time.perf_counter()
bprint('Test: Delete Tag')
async with BricataApiClient(
cfg=f'{getenv("CFG_HOME")}/bricata_api_client.toml') as bac:
results = await bac.delete_tag(tag_name='sea_test')
assert type(results) is Results
assert not results.failure
results = await bac.get_tags()
assert type(results) is Results
assert len(results.success) >= 1
assert not results.failure
tags = [t['name'] for t in results.success]
assert 'sea_test' not in tags # Check if tag was deleted
bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_get_alert():
ts = time.perf_counter()
bprint('Test: Get Alert')
async with BricataApiClient(cfg=f'{getenv("CFG_HOME")}/bricata_api_client.toml') as bac:
results = await bac.get_alerts() # Get some alerts
assert type(results) is Results
assert len(results.success) >= 1
assert not results.failure
uid = choice(results.success)['uuid'] # Choose one at random
results = await bac.get_alert(uuid=uid)
assert type(results) is Results
assert len(results.success) == 1
assert not results.failure
tprint(results)
bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_logout():
"""The call to self.logout() in __aexit__() throws an error due to the
session already being closed. This is expected behavior; comment it when
testing this function."""
ts = time.perf_counter()
bprint('Test: Logout')
async with BricataApiClient(cfg=f'{getenv("CFG_HOME")}/bricata_api_client.toml') as bac:
await bac.login()
print('Header after login:'******'Header after logout:', bac.header)
tprint(results)
bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')
async def test_tag_untag_alert():
ts = time.perf_counter()
bprint('Test: Tag Alert')
async with BricataApiClient(cfg=f'{getenv("CFG_HOME")}/bricata_api_client.toml') as bac:
results = await bac.get_alerts() # Get some alerts
assert type(results) is Results
assert len(results.success) >= 1
assert not results.failure
print('results:', results.success)
try:
alert = choice(results.success) # Choose one at random
uid = alert['uuid']
print(f'Tagging: {uid}')
print('Alert Tags Before:', alert['data']['bricata']['tag'])
assert 'Testing' not in results.success[0]['data']['bricata']['tag']
except KeyError:
print('Alert has no tags')
results = await bac.tag_alert(uuid=uid, tag='Testing') # Tag alert
assert not results.failure
results = await bac.get_alert(uuid=uid) # Verify alert is tagged
print('Alert tags after tag:', results.success[0]['data']['bricata']['tag'])
assert 'Testing' in results.success[0]['data']['bricata']['tag']
results = await bac.untag_alert(uuid=uid, tag='Testing') # Untag alert
assert not results.failure
results = await bac.get_alert(uuid=uid) # Verify Alert is no longer tagged
print('Alert tags after untag:', results.success[0]['data']['bricata']['tag'])
assert 'Testing' not in results.success[0]['data']['bricata']['tag']
bprint(f'-> Completed in {(time.perf_counter() - ts):f} seconds.')