Exemple #1
0
def test_email_smtp_ssl_true_and_smtp_port():
    rule = {
        'name': 'test alert',
        'email': ['*****@*****.**', '*****@*****.**'],
        'smtp_ssl': True,
        'smtp_port': 455,
        'from_addr': '*****@*****.**',
        'type': mock_rule(),
        'timestamp_field': '@timestamp',
        'email_reply_to': '*****@*****.**',
        'owner': 'owner_value',
        'alert_subject': 'Test alert for {0}, owned by {1}',
        'alert_subject_args': ['test_term', 'owner'],
        'snowman': '☃'
    }
    with mock.patch('elastalert.alerters.email.SMTP_SSL') as mock_smtp:
        mock_smtp.return_value = mock.Mock()

        alert = EmailAlerter(rule)
        alert.alert([{'test_term': 'test_value'}])
        expected = [
            mock.call('localhost', 455, certfile=None, keyfile=None),
            mock.call().sendmail(mock.ANY,
                                 ['*****@*****.**', '*****@*****.**'],
                                 mock.ANY),
            mock.call().quit()
        ]
        assert mock_smtp.mock_calls == expected

        body = mock_smtp.mock_calls[1][1][2]

        assert 'Reply-To: [email protected]' in body
        assert 'To: [email protected]' in body
        assert 'From: [email protected]' in body
        assert 'Subject: Test alert for test_value, owned by owner_value' in body
Exemple #2
0
def test_email_query_key_in_subject():
    rule = {
        'name': 'test alert',
        'email': ['*****@*****.**', '*****@*****.**'],
        'type': mock_rule(),
        'timestamp_field': '@timestamp',
        'email_reply_to': '*****@*****.**',
        'query_key': 'username'
    }
    with mock.patch('elastalert.alerters.email.SMTP') as mock_smtp:
        mock_smtp.return_value = mock.Mock()

        alert = EmailAlerter(rule)
        alert.alert([{
            'test_term': 'test_value',
            'username': '******'
        }])

        body = mock_smtp.mock_calls[4][1][2]
        lines = body.split('\n')
        found_subject = False
        for line in lines:
            if line.startswith('Subject'):
                assert 'werbenjagermanjensen' in line
                found_subject = True
        assert found_subject
Exemple #3
0
def test_email_with_cc_and_bcc():
    rule = {
        'name': 'test alert',
        'email': ['*****@*****.**', '*****@*****.**'],
        'from_addr': '*****@*****.**',
        'type': mock_rule(),
        'timestamp_field': '@timestamp',
        'email_reply_to': '*****@*****.**',
        'cc': ['*****@*****.**', '*****@*****.**'],
        'bcc': '*****@*****.**'
    }
    with mock.patch('elastalert.alerters.email.SMTP') as mock_smtp:
        mock_smtp.return_value = mock.Mock()

        alert = EmailAlerter(rule)
        alert.alert([{'test_term': 'test_value'}])
        expected = [
            mock.call('localhost'),
            mock.call().ehlo(),
            mock.call().has_extn('STARTTLS'),
            mock.call().starttls(certfile=None, keyfile=None),
            mock.call().sendmail(mock.ANY, [
                '*****@*****.**', '*****@*****.**', '*****@*****.**',
                '*****@*****.**', '*****@*****.**'
            ], mock.ANY),
            mock.call().quit()
        ]
        assert mock_smtp.mock_calls == expected

        body = mock_smtp.mock_calls[4][1][2]

        assert 'Reply-To: [email protected]' in body
        assert 'To: [email protected]' in body
        assert 'CC: [email protected],[email protected]' in body
        assert 'From: [email protected]' in body
Exemple #4
0
def test_email_with_cert_key():
    rule = {
        'name': 'test alert',
        'email': ['*****@*****.**', '*****@*****.**'],
        'from_addr': '*****@*****.**',
        'type': mock_rule(),
        'timestamp_field': '@timestamp',
        'email_reply_to': '*****@*****.**',
        'alert_subject': 'Test alert for {0}',
        'alert_subject_args': ['test_term'],
        'smtp_auth_file': 'file.txt',
        'smtp_cert_file': 'dummy/cert.crt',
        'smtp_key_file': 'dummy/client.key',
        'rule_file': '/tmp/foo.yaml'
    }
    with mock.patch('elastalert.alerters.email.SMTP') as mock_smtp:
        with mock.patch('elastalert.alerts.read_yaml') as mock_open:
            mock_open.return_value = {'user': '******', 'password': '******'}
            mock_smtp.return_value = mock.Mock()
            alert = EmailAlerter(rule)

        alert.alert([{'test_term': 'test_value'}])
        expected = [
            mock.call('localhost'),
            mock.call().ehlo(),
            mock.call().has_extn('STARTTLS'),
            mock.call().starttls(certfile='dummy/cert.crt',
                                 keyfile='dummy/client.key'),
            mock.call().login('someone', 'hunter2'),
            mock.call().sendmail(mock.ANY,
                                 ['*****@*****.**', '*****@*****.**'],
                                 mock.ANY),
            mock.call().quit()
        ]
        assert mock_smtp.mock_calls == expected
Exemple #5
0
def test_email_with_args():
    rule = {
        'name': 'test alert',
        'email': ['*****@*****.**', '*****@*****.**'],
        'from_addr': '*****@*****.**',
        'type': mock_rule(),
        'timestamp_field': '@timestamp',
        'email_reply_to': '*****@*****.**',
        'alert_subject': 'Test alert for {0} {1}',
        'alert_subject_args': ['test_term', 'test.term'],
        'alert_text': 'Test alert for {0} and {1} {2}',
        'alert_text_args': ['test_arg1', 'test_arg2', 'test.arg3'],
        'alert_missing_value': '<CUSTOM MISSING VALUE>'
    }
    with mock.patch('elastalert.alerters.email.SMTP') as mock_smtp:
        mock_smtp.return_value = mock.Mock()

        alert = EmailAlerter(rule)
        alert.alert([{
            'test_term': 'test_value',
            'test_arg1': 'testing',
            'test': {
                'term': ':)',
                'arg3': '☃'
            }
        }])
        expected = [
            mock.call('localhost'),
            mock.call().ehlo(),
            mock.call().has_extn('STARTTLS'),
            mock.call().starttls(certfile=None, keyfile=None),
            mock.call().sendmail(mock.ANY,
                                 ['*****@*****.**', '*****@*****.**'],
                                 mock.ANY),
            mock.call().quit()
        ]
        assert mock_smtp.mock_calls == expected

        body = mock_smtp.mock_calls[4][1][2]
        # Extract the MIME encoded message body
        body_text = base64.b64decode(
            body.split('\n\n')[-1][:-1]).decode('utf-8')

        assert 'testing' in body_text
        assert '<CUSTOM MISSING VALUE>' in body_text
        assert '☃' in body_text

        assert 'Reply-To: [email protected]' in body
        assert 'To: [email protected]' in body
        assert 'From: [email protected]' in body
        assert 'Subject: Test alert for test_value :)' in body
Exemple #6
0
def test_email_from_field(email_from_field, email_add_domain, match_data,
                          expected_data):
    rule = {
        'name': 'test alert',
        'email': ['*****@*****.**'],
        'email_add_domain': 'example.com',
        'type': mock_rule(),
        'timestamp_field': '@timestamp',
        'email_from_field': 'data.user',
        'owner': 'owner_value'
    }
    if email_from_field:
        rule['email_from_field'] = email_from_field
    if email_add_domain:
        rule['email_add_domain'] = email_add_domain
    with mock.patch('elastalert.alerters.email.SMTP') as mock_smtp:
        mock_smtp.return_value = mock.Mock()
        alert = EmailAlerter(rule)
        alert.alert(match_data)
        assert mock_smtp.mock_calls[4][1][1] == expected_data
Exemple #7
0
def test_email(caplog):
    caplog.set_level(logging.INFO)
    rule = {
        'name': 'test alert',
        'email': ['*****@*****.**', '*****@*****.**'],
        'from_addr': '*****@*****.**',
        'type': mock_rule(),
        'timestamp_field': '@timestamp',
        'email_reply_to': '*****@*****.**',
        'owner': 'owner_value',
        'alert_subject': 'Test alert for {0}, owned by {1}',
        'alert_subject_args': ['test_term', 'owner'],
        'snowman': '☃'
    }
    with mock.patch('elastalert.alerters.email.SMTP') as mock_smtp:
        mock_smtp.return_value = mock.Mock()

        alert = EmailAlerter(rule)
        alert.alert([{'test_term': 'test_value'}])
        expected = [
            mock.call('localhost'),
            mock.call().ehlo(),
            mock.call().has_extn('STARTTLS'),
            mock.call().starttls(certfile=None, keyfile=None),
            mock.call().sendmail(mock.ANY,
                                 ['*****@*****.**', '*****@*****.**'],
                                 mock.ANY),
            mock.call().quit()
        ]
        assert mock_smtp.mock_calls == expected

        body = mock_smtp.mock_calls[4][1][2]

        assert 'Reply-To: [email protected]' in body
        assert 'To: [email protected]' in body
        assert 'From: [email protected]' in body
        assert 'Subject: Test alert for test_value, owned by owner_value' in body
        assert ('elastalert', logging.INFO,
                "Sent email to ['*****@*****.**', '*****@*****.**']"
                ) == caplog.record_tuples[0]
Exemple #8
0
def test_email_smtp_exception():
    with pytest.raises(EAException) as ea:
        rule = {
            'name': 'test alert',
            'email': ['*****@*****.**', '*****@*****.**'],
            'from_addr': '*****@*****.**',
            'type': mock_rule(),
            'timestamp_field': '@timestamp',
            'email_reply_to': '*****@*****.**',
            'alert_subject': 'Test alert for {0}',
            'alert_subject_args': ['test_term'],
            'smtp_auth_file': 'file.txt',
            'rule_file': '/tmp/foo.yaml'
        }
        with mock.patch('elastalert.alerters.email.SMTP_SSL'):
            with mock.patch('elastalert.alerts.read_yaml') as mock_open:
                mock_open.return_value = {
                    'user': '******',
                    'password': '******'
                }
                alert = EmailAlerter(rule)
                alert.alert([{'test_term': 'test_value'}])
    assert 'Error connecting to SMTP host: ' in str(ea)