def test_run_with_alert(self, extract_mock, rules_mock): """StreamAlert Class - Run, With Alert""" extract_mock.return_value = ('kinesis', 'unit_test_default_stream') rules_mock.return_value = ['success!!'] passed = self.__sa_handler.run(get_valid_event()) assert_true(passed)
def test_run_debug_log_alert(self, extract_mock, rules_mock, alerts_mock, log_mock): """StreamAlert Class - Run, Debug Log Alert""" extract_mock.return_value = ('kinesis', 'unit_test_default_stream') rules_mock.return_value = ([Alert('rule_name', {}, {'output'})], ['normalized_records']) alerts_mock.return_value = [] with patch.object(handler, 'LOGGER_DEBUG_ENABLED', True): self.__sa_handler.run(get_valid_event()) log_mock.assert_called_with('Alerts:\n%s', ANY)
def test_run_no_alerts(self, extract_mock, log_mock): """StreamAlert Class - Run, With No Alerts""" extract_mock.return_value = ('kinesis', 'unit_test_default_stream') self.__sa_handler.run(get_valid_event()) calls = [call('Processed %d valid record(s) that resulted in %d alert(s).', 1, 0), call('Invalid record count: %d', 0), call('%s alerts triggered', 0)] log_mock.assert_has_calls(calls)
def test_run_send_alerts(self, extract_mock, rules_mock, forwarder_mock): """StreamAlert Class - Run, Send Alert""" extract_mock.return_value = ('kinesis', 'unit_test_default_stream') rules_mock.return_value = (['success!!'], ['normalized_records']) # Swap out the alias so the logging occurs self.__sa_handler.env['qualifier'] = 'production' self.__sa_handler.run(get_valid_event()) forwarder_mock.assert_called_with(['success!!'])
def test_run_send_alerts(self, extract_mock, rules_mock, sink_mock): """StreamAlert Class - Run, Send Alert""" extract_mock.return_value = ('kinesis', 'unit_test_default_stream') rules_mock.return_value = ['success!!'] # Set send_alerts to true so the sink happens self.__sa_handler.enable_alert_processor = True # Swap out the alias so the logging occurs self.__sa_handler.env['lambda_alias'] = 'production' self.__sa_handler.run(get_valid_event()) sink_mock.assert_called_with(['success!!'])
def test_run_invalid_data(self, extract_mock, log_mock): """StreamAlert Class - Run, Invalid Data""" extract_mock.return_value = ('kinesis', 'unit_test_default_stream') event = get_valid_event() # Replace the good log data with bad data event['Records'][0]['kinesis']['data'] = base64.b64encode( '{"bad": "data"}') # Swap out the alias so the logging occurs self.__sa_handler.env['lambda_alias'] = 'production' self.__sa_handler.run(event) assert_equal(log_mock.call_args[0][0], 'Record does not match any defined schemas: %s\n%s') assert_equal(log_mock.call_args[0][2], '{"bad": "data"}')
def test_run_debug_log_alert(self, extract_mock, rules_mock, log_mock): """StreamAlert Class - Run, Debug Log Alert""" extract_mock.return_value = ('kinesis', 'unit_test_default_stream') rules_mock.return_value = ['success!!'] # Cache the logger level log_level = LOGGER.getEffectiveLevel() # Increase the logger level to debug LOGGER.setLevel(logging.DEBUG) self.__sa_handler.run(get_valid_event()) # Reset the logger level LOGGER.setLevel(log_level) log_mock.assert_called_with('Alerts:\n%s', '[\n "success!!"\n]')
def test_run_debug_log_alert(self, extract_mock, rules_mock, alerts_mock, log_mock): """StreamAlert Class - Run, Debug Log Alert""" extract_mock.return_value = ('kinesis', 'unit_test_default_stream') rules_mock.return_value = ([Alert('rule_name', {}, {'output'})], ['normalized_records']) alerts_mock.return_value = [] # Cache the logger level log_level = LOGGER.getEffectiveLevel() # Increase the logger level to debug LOGGER.setLevel(logging.DEBUG) self.__sa_handler.run(get_valid_event()) # Reset the logger level LOGGER.setLevel(log_level) log_mock.assert_called_with('Alerts:\n%s', ANY)
def test_run_alert_count(self, extract_mock): """StreamAlert Class - Run, Check Count With 4 Logs""" count = 4 extract_mock.return_value = ('kinesis', 'unit_test_default_stream') self.__sa_handler.run(get_valid_event(count)) assert_equal(self.__sa_handler._processed_record_count, count)