def test_loadbalancer_cloudfront_forward(loadbalancer_cloudfront_forward): entry = parse_entry(loadbalancer_cloudfront_forward, LogType.LoadBalancer) assert entry == LoadBalancerLogEntry( http_type=HttpTypeField('http'), timestamp=DateTimeField('2018-11-30T22:23:00.186641Z'), elb=StringField('app/my-loadbalancer/50dc6c495c0c9188'), client=HostField('192.168.131.39:2817'), target=None, request_processing_time=FloatField('0.000'), target_processing_time=FloatField('0.001'), response_processing_time=FloatField('0.000'), elb_status_code=IntegerField('502'), target_status_code=None, received_bytes=IntegerField('34'), sent_bytes=IntegerField('366'), http_request=HttpRequestField( 'GET http://www.example.com:80/ HTTP/1.1'), user_agent=UserAgentField('curl/7.46.0'), ssl_cipher=None, ssl_protocol=None, target_group_arn=StringField( 'arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067' ), trace_id=StringField('Root=1-58337364-23a8c76965a2ef7629b185e3'), domain_name=None, chosen_cert_arn=None, matched_rule_priority=IntegerField('0'), request_creation_time=DateTimeField('2018-11-30T22:22:48.364000Z'), actions_executed=ListField('waf,forward'), redirect_url=None, error_reason=None, )
def test_loadbalancer_http2_entry(loadbalancer_http2_entry): entry = parse_entry(loadbalancer_http2_entry, LogType.LoadBalancer) assert entry == LoadBalancerLogEntry( http_type=HttpTypeField(raw_value='h2'), timestamp=DateTimeField(raw_value='2018-07-02T22:23:00.186641Z'), elb=StringField(raw_value='app/my-loadbalancer/50dc6c495c0c9188'), client=HostField(raw_value='10.0.1.252:48160'), target=HostField(raw_value='10.0.0.66:9000'), request_processing_time=FloatField(raw_value='0.000'), target_processing_time=FloatField(raw_value='0.002'), response_processing_time=FloatField(raw_value='0.000'), elb_status_code=IntegerField(raw_value='200'), target_status_code=IntegerField(raw_value='200'), received_bytes=IntegerField(raw_value='5'), sent_bytes=IntegerField(raw_value='257'), http_request=HttpRequestField( raw_value='GET https://10.0.2.105:773/ HTTP/2.0'), user_agent=UserAgentField(raw_value='curl/7.46.0'), ssl_cipher=StringField(raw_value='ECDHE-RSA-AES128-GCM-SHA256'), ssl_protocol=StringField(raw_value='TLSv1.2'), target_group_arn=StringField( raw_value= 'arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067' ), trace_id=StringField( raw_value='Root=1-58337327-72bd00b0343d75b906739c42'), domain_name=None, chosen_cert_arn=None, matched_rule_priority=IntegerField(raw_value='1'), request_creation_time=DateTimeField( raw_value='2018-07-02T22:22:48.364000Z'), actions_executed=ListField(raw_value='redirect'), redirect_url=StringField(raw_value='https://example.com:80/'), error_reason=None, )
def test_loadbalancer_websockets_entry(loadbalancer_websockets_entry): entry = parse_entry(loadbalancer_websockets_entry, LogType.LoadBalancer) assert entry == LoadBalancerLogEntry( http_type=HttpTypeField(raw_value='ws'), timestamp=DateTimeField(raw_value='2018-07-02T22:23:00.186641Z'), elb=StringField(raw_value='app/my-loadbalancer/50dc6c495c0c9188'), client=HostField(raw_value='10.0.0.140:40914'), target=HostField(raw_value='10.0.1.192:8010'), request_processing_time=FloatField(raw_value='0.001'), target_processing_time=FloatField(raw_value='0.003'), response_processing_time=FloatField(raw_value='0.000'), elb_status_code=IntegerField(raw_value='101'), target_status_code=IntegerField(raw_value='101'), received_bytes=IntegerField(raw_value='218'), sent_bytes=IntegerField(raw_value='587'), http_request=HttpRequestField( raw_value='GET http://10.0.0.30:80/ HTTP/1.1'), user_agent=None, ssl_cipher=None, ssl_protocol=None, target_group_arn=StringField( raw_value= 'arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067' ), trace_id=StringField( raw_value='Root=1-58337364-23a8c76965a2ef7629b185e3'), domain_name=None, chosen_cert_arn=None, matched_rule_priority=IntegerField(raw_value='1'), request_creation_time=DateTimeField( raw_value='2018-07-02T22:22:48.364000Z'), actions_executed=ListField(raw_value='forward'), redirect_url=None, error_reason=None, )
def test_cloudfront_entry2(cloudfront_entry2, cookie_zip_code): entry = parse_entry(cloudfront_entry2, LogType.CloudFront) assert entry == CloudFrontWebDistributionLogEntry( date=DateField(raw_value='2014-05-23'), time=TimeField(raw_value='01:13:12'), edge_location=StringField(raw_value='LAX1'), sent_bytes=IntegerField(raw_value='2390282'), client_ip=IpAddressField(raw_value='192.0.2.202'), http_method=StringField(raw_value='GET'), host=StringField(raw_value='d111111abcdef8.cloudfront.net'), uri=StringField(raw_value='/soundtrack/happy.mp3'), status_code=IntegerField(raw_value='304'), referrer=StringField(raw_value='www.unknownsingers.com'), user_agent=UserAgentField( raw_value= 'Mozilla/4.0%20(compatible;%20MSIE%207.0;%20Windows%20NT%205.1)'), uri_query=UrlQueryField(raw_value='a=b&c=d'), cookie=CookieField(raw_value='zip=98101'), edge_result_type=StringField(raw_value='Hit'), edge_request_id=StringField( raw_value='xGN7KWpVEmB9Dp7ctcVFQC4E-nrcOcEKS3QyAez--06dV7TEXAMPLE==' ), host_header=StringField(raw_value='d111111abcdef8.cloudfront.net'), protocol=StringField(raw_value='http'), received_bytes=None, time_taken=FloatField(raw_value='0.002'), forwarded_for=None, ssl_protocol=None, ssl_cipher=None, edge_response_result_type=StringField(raw_value='Hit'), protocol_version=StringField(raw_value='HTTP/1.1'), fle_encrypted_fields='', )
def test_loadbalancer_https_entry(loadbalancer_https_entry): entry = parse_entry(loadbalancer_https_entry, LogType.LoadBalancer) assert entry == LoadBalancerLogEntry( http_type=HttpTypeField(raw_value='https'), timestamp=DateTimeField(raw_value='2018-07-02T22:23:00.186641Z'), elb=StringField(raw_value='app/my-loadbalancer/50dc6c495c0c9188'), client=HostField(raw_value='192.168.131.39:2817'), target=HostField(raw_value='10.0.0.1:80'), request_processing_time=FloatField(raw_value='0.086'), target_processing_time=FloatField(raw_value='0.048'), response_processing_time=FloatField(raw_value='0.037'), elb_status_code=IntegerField(raw_value='200'), target_status_code=IntegerField(raw_value='200'), received_bytes=IntegerField(raw_value='0'), sent_bytes=IntegerField(raw_value='57'), http_request=HttpRequestField( raw_value='GET https://www.example.com:443/ HTTP/1.1'), user_agent=UserAgentField(raw_value='curl/7.46.0'), ssl_cipher=StringField(raw_value='ECDHE-RSA-AES128-GCM-SHA256'), ssl_protocol=StringField(raw_value='TLSv1.2'), target_group_arn=StringField( raw_value= 'arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067' ), trace_id=StringField( raw_value='Root=1-58337281-1d84f3d73c47ec4e58577259'), domain_name=StringField(raw_value='www.example.com'), chosen_cert_arn=StringField( raw_value= 'arn:aws:acm:us-east-2:123456789012:certificate/12345678-1234-1234-1234-123456789012' ), matched_rule_priority=IntegerField(raw_value='1'), request_creation_time=DateTimeField( raw_value='2018-07-02T22:22:48.364000Z'), actions_executed=ListField(raw_value='authenticate,forward'), redirect_url=None, error_reason=None, )
def test_loadbalancer_http_entry(loadbalancer_http_entry): entry = parse_entry(loadbalancer_http_entry, LogType.LoadBalancer) assert entry == LoadBalancerLogEntry( http_type=HttpTypeField(raw_value='http'), timestamp=DateTimeField(raw_value='2018-07-02T22:23:00.186641Z'), elb=StringField(raw_value='app/my-loadbalancer/50dc6c495c0c9188'), client=HostField(raw_value='192.168.131.39:2817'), target=HostField(raw_value='10.0.0.1:80'), request_processing_time=FloatField(raw_value='0.000'), target_processing_time=FloatField(raw_value='0.001'), response_processing_time=FloatField(raw_value='0.000'), elb_status_code=IntegerField(raw_value='200'), target_status_code=IntegerField(raw_value='200'), received_bytes=IntegerField(raw_value='34'), sent_bytes=IntegerField(raw_value='366'), http_request=HttpRequestField( raw_value= 'GET http://www.example.com:80/?a=b&c=d&zip=98101 HTTP/1.1'), user_agent=UserAgentField(raw_value='curl/7.46.0'), ssl_cipher=None, ssl_protocol=None, target_group_arn=StringField( raw_value= 'arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067' ), trace_id=StringField( raw_value='Root=1-58337262-36d228ad5d99923122bbe354'), domain_name=None, chosen_cert_arn=None, matched_rule_priority=IntegerField(raw_value='0'), request_creation_time=DateTimeField( raw_value='2018-07-02T22:22:48.364000Z'), actions_executed=ListField(raw_value='forward'), redirect_url=None, error_reason=None, )
def test_cloudfront_entry_broken_cookie(cloudfront_entry_broken_cookie, cookie_empty): entry = parse_entry(cloudfront_entry_broken_cookie, LogType.CloudFront) assert entry == CloudFrontWebDistributionLogEntry( date=DateField(raw_value='2014-05-23'), time=TimeField(raw_value='01:13:11'), edge_location=StringField(raw_value='FRA2'), sent_bytes=IntegerField(raw_value='182'), client_ip=IpAddressField(raw_value='192.0.2.10'), http_method=StringField(raw_value='GET'), host=StringField(raw_value='d111111abcdef8.cloudfront.net'), uri=StringField(raw_value='/view/my/file.html'), status_code=IntegerField(raw_value='200'), referrer=StringField(raw_value='www.displaymyfiles.com'), user_agent=UserAgentField( raw_value= 'Mozilla/4.0%20(compatible;%20MSIE%205.0b1;%20Mac_PowerPC)'), uri_query=None, cookie=CookieField(raw_value='zip 98101'), edge_result_type=StringField(raw_value='RefreshHit'), edge_request_id=StringField( raw_value='MRVMF7KydIvxMWfJIglgwHQwZsbG2IhRJ07sn9AkKUFSHS9EXAMPLE==' ), host_header=StringField(raw_value='d111111abcdef8.cloudfront.net'), protocol=StringField(raw_value='http'), received_bytes=None, time_taken=FloatField(raw_value='0.001'), forwarded_for=None, ssl_protocol=None, ssl_cipher=None, edge_response_result_type=StringField(raw_value='RefreshHit'), protocol_version=StringField(raw_value='HTTP/1.1'), fle_encrypted_fields='', ) assert isinstance(entry.timestamp, datetime.datetime) is True assert entry.timestamp == datetime.datetime(2014, 5, 23, 1, 13, 11, tzinfo=datetime.timezone.utc)
def test_float_field(): field = FloatField('0.200') assert field.parsed == 0.200