def _get_formatter(output_format):
if output_format == FileEventsOutputFormat.JSON:
return FileEventDictToJSONFormatter()
elif output_format == FileEventsOutputFormat.CEF:
return FileEventDictToCEFFormatter()
else:
return FileEventDictToRawJSONFormatter()
def test_format_returns_expected_number_of_fields(
self, mock_file_event_log_record):
json_out = FileEventDictToJSONFormatter().format(
mock_file_event_log_record)
file_event_dict = json.loads(json_out)
assert len(
file_event_dict) == 25 # Fields that are not null or an empty list
def test_format_returns_only_non_null_fields(self, mock_file_event_log_record):
json_out = FileEventDictToJSONFormatter().format(mock_file_event_log_record)
file_event_dict = json.loads(json_out)
for key in file_event_dict:
if not file_event_dict[key] and file_event_dict != 0:
raise AssertionError()
assert True