def main():
logging.basicConfig(format='%(asctime)s %(levelname)s %(message)s')
logger = logging.getLogger(name=__name__)
logger.setLevel(logging.DEBUG)
ndr_server_config = ndr_server.Config(logger, "/etc/ndr/ndr_server.yml")
ingest_daemon = ndr_server.IngestServer(ndr_server_config)
ingest_daemon.start_server()
def ingest_file(self, filename):
'''Simply feeds in the response for an ingest test'''
file_contents = ""
with open(filename, 'r') as scanfile:
file_contents = scanfile.read()
ingest_daemon = ndr_server.IngestServer(self._nsc)
ingest_daemon.process_ingest_message(self._db_connection, self._recorder, file_contents)
def test_incoming_directories_creation(self):
'''Confirms that we can successfully create the directories we need to process messages'''
ingest_daemon = ndr_server.IngestServer(self._nsc)
ingest_daemon.prep_ingest_directories()
self.assertTrue(os.path.isdir(self._nsc.accepted_directory))
self.assertTrue(os.path.isdir(self._nsc.incoming_directory))
self.assertTrue(os.path.isdir(self._nsc.reject_directory))
self.assertTrue(os.path.isdir(self._nsc.error_directory))
self.assertTrue(os.path.isdir(self._nsc.enrollment_directory))
def test_alert_msg(self):
'''Tests that the alert msg template is sane'''
file_contents = ""
with open(ALERT_MSG, 'r') as scanfile:
file_contents = scanfile.read()
ingest_daemon = ndr_server.IngestServer(self._nsc)
ingest_daemon.process_ingest_message(self._db_connection,
self._recorder, file_contents)
with open(self._test_contact, 'r') as f:
alert_contents = f.read()
# Make sure the test message is NOT empty
self.assertNotEqual(alert_contents, "")
# Make sure the important parts are there
self.assertIn(
"[1:42130:1] BLACKLIST DNS request for known malware domain",
alert_contents)