def test_get_elementvalue_getroot(self): root = Element("root") child1 = SubElement(root, "child1") root.text = "Text" expected_result = root.text result = get_elementvalue(root, ".", True) self.assertEqual(expected_result, result)
def get_port_from_idmef(self, device, tag_converted): """ Get port or portlist from IDMEF :param device: specific IDMEF source or target element :param tag_converted: boolean, which says if port (portlist should be tag as converted :return: list of ports, which was retrieved from portlist or port element """ ports = get_elementvalues(device, "Service/port", tag_converted) if not ports: portlist = get_elementvalue(device, "Service/portlist", tag_converted) if portlist: portlist_items = portlist.split(",") for portlist_item in portlist_items: portlist_item = portlist_item.replace(" ", "") if "-" in portlist_item: range_borders = portlist_item.split("-") # here if range borders has count not 2, throw an exception port_inside_range = int(range_borders[0]) up_border = int(range_borders[1]) while port_inside_range <= up_border: ports.append(port_inside_range) port_inside_range += 1 else: ports.append(int(portlist_item)) else: ports = [int(port) for port in ports] return ports
def test_get_elementvalue_getlistelement_from_parent(self): root = Element("root") child1 = SubElement(root, "child1") child1.set("attr", "attr") child1.text = "Value2" child11 = SubElement(child1, "child11") child111 = SubElement(child11, "child111") child111.text = "Value" child1111 = SubElement(child111, "child1111") child1111.set("attrib", "attrib") expected_result = child111.text result = get_elementvalue(child11, "child111", True) self.assertEqual(expected_result, result)
def save_confidence(self, alert, idea_dict, tag_converted): """ Converts confidence from IDMEF alert to IDEA message :param alert: input IDMEF alert element :param idea_dict: dict, where converted IDEA is saved :param tag_converted: boolean, which says if confidence should be tag as converted """ confidence_element = alert.find("Assessment/Confidence") if confidence_element is not None: rating_attr = confidence_element.get("rating", None) if rating_attr == "numeric": save_value_to_dict( idea_dict, "Confidence", get_elementvalue(confidence_element, ".", tag_converted))
def test_get_elementvalue_same_elements(self): root = Element("root") child1 = SubElement(root, "child1") child1.set("attr", "attr") child1.text = "Value2" child11 = SubElement(child1, "child11") child111 = SubElement(child11, "child111") child111.text = "Value" child1111 = SubElement(child111, "child1111") child1111.set("attrib", "attrib") child2 = SubElement(root, "child1") child2.set("attr", "attr") child2.text = "Different" expected_result = child1.text result = get_elementvalue(root, "child1", True) self.assertEqual(expected_result, result)
def save_time(self, idea_dict, parent_element, time_element_tag, idea_key): """ Save specific time (CreateTime or DetectTime) to IDEA from IDMEF :param idea_dict: dict, where converted IDEA is saved :param parent_element: parent element of time element :param time_element_tag: tag of specific time element, in this case CreateTime or DetectTime :param idea_key: key, where converted time will be saved in dictionary """ time_element = parent_element.find(time_element_tag) ntp_attribute = get_elementattribute(time_element, ".", "ntpstamp", tag_converted=True, default_value=None) if ntp_attribute is not None: save_value_to_dict(idea_dict, idea_key, ntp_attribute) else: save_value_to_dict( idea_dict, idea_key, get_elementvalue(time_element, ".", tag_converted=True))