def test_validate_all_win32_alerts(configure_mitm_environment_analysisd, create_unix_sockets,
wait_for_analysisd_startup, generate_events_and_alerts, get_alert):
"""Check the event messages handling by analysisd with events generated on Windows.
The variable `test_case` is a yaml file that contains the input and the expected output for every test case.
The function validate_analysis_integrity_state is a function responsible for checking that the output follows a
certain jsonschema.
"""
alert = get_alert
path = alert['syscheck']['path']
mode = alert['syscheck']['event'].title()
validate_analysis_alert_complex(alert, events_dict[path][mode], schema='win32')
def test_validate_all_win32_registry_alerts(configure_sockets_environment,
connect_to_sockets_module,
wait_for_analysisd_startup,
generate_events_and_alerts,
get_alert):
"""Check the event messages handling by analysisd with events generated on Windows.
The variable `test_case` is a yaml file that contains the input and the expected output for every test case.
The function validate_analysis_integrity_state is a function responsible for checking that the output follows a
certain jsonschema.
"""
alert = get_alert
path = alert['syscheck']['path']
mode = alert['syscheck']['event'].title()
try:
value_name = alert['syscheck']['value_name']
path += '\\' + value_name
except KeyError:
pass
validate_analysis_alert_complex(alert,
events_dict[path][mode],
schema='win32')
