def test_run_with_alert(self, extract_mock, rules_mock):
"""StreamAlert Class - Run, With Alert"""
extract_mock.return_value = ('kinesis', 'unit_test_default_stream')
rules_mock.return_value = ['success!!']
passed = self.__sa_handler.run(get_valid_event())
assert_true(passed)
def test_run_debug_log_alert(self, extract_mock, rules_mock, alerts_mock, log_mock):
"""StreamAlert Class - Run, Debug Log Alert"""
extract_mock.return_value = ('kinesis', 'unit_test_default_stream')
rules_mock.return_value = ([Alert('rule_name', {}, {'output'})], ['normalized_records'])
alerts_mock.return_value = []
with patch.object(handler, 'LOGGER_DEBUG_ENABLED', True):
self.__sa_handler.run(get_valid_event())
log_mock.assert_called_with('Alerts:\n%s', ANY)
def test_run_no_alerts(self, extract_mock, log_mock):
"""StreamAlert Class - Run, With No Alerts"""
extract_mock.return_value = ('kinesis', 'unit_test_default_stream')
self.__sa_handler.run(get_valid_event())
calls = [call('Processed %d valid record(s) that resulted in %d alert(s).', 1, 0),
call('Invalid record count: %d', 0),
call('%s alerts triggered', 0)]
log_mock.assert_has_calls(calls)
def test_run_send_alerts(self, extract_mock, rules_mock, forwarder_mock):
"""StreamAlert Class - Run, Send Alert"""
extract_mock.return_value = ('kinesis', 'unit_test_default_stream')
rules_mock.return_value = (['success!!'], ['normalized_records'])
# Swap out the alias so the logging occurs
self.__sa_handler.env['qualifier'] = 'production'
self.__sa_handler.run(get_valid_event())
forwarder_mock.assert_called_with(['success!!'])
def test_run_send_alerts(self, extract_mock, rules_mock, sink_mock):
"""StreamAlert Class - Run, Send Alert"""
extract_mock.return_value = ('kinesis', 'unit_test_default_stream')
rules_mock.return_value = ['success!!']
# Set send_alerts to true so the sink happens
self.__sa_handler.enable_alert_processor = True
# Swap out the alias so the logging occurs
self.__sa_handler.env['lambda_alias'] = 'production'
self.__sa_handler.run(get_valid_event())
sink_mock.assert_called_with(['success!!'])
def test_run_invalid_data(self, extract_mock, log_mock):
"""StreamAlert Class - Run, Invalid Data"""
extract_mock.return_value = ('kinesis', 'unit_test_default_stream')
event = get_valid_event()
# Replace the good log data with bad data
event['Records'][0]['kinesis']['data'] = base64.b64encode(
'{"bad": "data"}')
# Swap out the alias so the logging occurs
self.__sa_handler.env['lambda_alias'] = 'production'
self.__sa_handler.run(event)
assert_equal(log_mock.call_args[0][0],
'Record does not match any defined schemas: %s\n%s')
assert_equal(log_mock.call_args[0][2], '{"bad": "data"}')
def test_run_debug_log_alert(self, extract_mock, rules_mock, log_mock):
"""StreamAlert Class - Run, Debug Log Alert"""
extract_mock.return_value = ('kinesis', 'unit_test_default_stream')
rules_mock.return_value = ['success!!']
# Cache the logger level
log_level = LOGGER.getEffectiveLevel()
# Increase the logger level to debug
LOGGER.setLevel(logging.DEBUG)
self.__sa_handler.run(get_valid_event())
# Reset the logger level
LOGGER.setLevel(log_level)
log_mock.assert_called_with('Alerts:\n%s', '[\n "success!!"\n]')
def test_run_debug_log_alert(self, extract_mock, rules_mock, alerts_mock,
log_mock):
"""StreamAlert Class - Run, Debug Log Alert"""
extract_mock.return_value = ('kinesis', 'unit_test_default_stream')
rules_mock.return_value = ([Alert('rule_name', {},
{'output'})], ['normalized_records'])
alerts_mock.return_value = []
# Cache the logger level
log_level = LOGGER.getEffectiveLevel()
# Increase the logger level to debug
LOGGER.setLevel(logging.DEBUG)
self.__sa_handler.run(get_valid_event())
# Reset the logger level
LOGGER.setLevel(log_level)
log_mock.assert_called_with('Alerts:\n%s', ANY)
def test_run_alert_count(self, extract_mock):
"""StreamAlert Class - Run, Check Count With 4 Logs"""
count = 4
extract_mock.return_value = ('kinesis', 'unit_test_default_stream')
self.__sa_handler.run(get_valid_event(count))
assert_equal(self.__sa_handler._processed_record_count, count)
