def test_parse_ngrams(self):
f = open(TEST_FILE)
(conversations, interval, duration,
dns_counts) = traffic.ingest_summaries([f])
f.close()
self.model.learn(conversations, dns_counts)
# print 'ngrams'
# pprint(self.model.ngrams, width=50)
# print 'query_details'
# pprint(self.model.query_details, width=55)
expected_ngrams = {
('-', '-'): ['cldap:3', 'ldap:3'],
('-', 'cldap:3'): ['cldap:3'],
('-', 'ldap:3'): ['wait:0'],
('cldap:3', 'cldap:3'): ['cldap:3', 'wait:0'],
('cldap:3', 'wait:0'): ['rpc_netlogon:29'],
('kerberos:', 'ldap:3'): ['-'],
('ldap:3', 'wait:0'): ['ldap:2'],
('rpc_netlogon:29', 'kerberos:'): ['ldap:3'],
('wait:0', 'rpc_netlogon:29'): ['kerberos:']
}
expected_query_details = {
'cldap:3': [('', '', '', 'Netlogon', '', '', ''),
('', '', '', 'Netlogon', '', '', ''),
('', '', '', 'Netlogon', '', '', '')],
'kerberos:': [('', )],
'ldap:2': [('', '', '', '', '', '', '')],
'ldap:3':
[('', '', '', 'subschemaSubentry,dsServiceName,namingContexts,'
'defaultNamingContext,schemaNamingContext,'
'configurationNamingContext,rootDomainNamingContext,'
'supportedControl,supportedLDAPVersion,'
'supportedLDAPPolicies,supportedSASLMechanisms,'
'dnsHostName,ldapServiceName,serverName,'
'supportedCapabilities', '', '', ''),
('2', 'DC,DC', '', 'cn', '', '', '')],
'rpc_netlogon:29': [()]
}
self.maxDiff = 5000
ngrams = {k: sorted(v) for k, v in self.model.ngrams.items()}
details = {k: sorted(v) for k, v in self.model.query_details.items()}
self.assertEqual(expected_ngrams, ngrams)
self.assertEqual(expected_query_details, details)
# We use a stringIO instead of a temporary file
f = StringIO()
self.model.save(f)
model2 = traffic.TrafficModel()
f.seek(0)
model2.load(f)
ngrams = {k: sorted(v) for k, v in model2.ngrams.items()}
details = {k: sorted(v) for k, v in model2.query_details.items()}
self.assertEqual(expected_ngrams, ngrams)
self.assertEqual(expected_query_details, details)
def test_parse_ngrams(self):
f = open(TEST_FILE)
(conversations,
interval,
duration,
dns_counts) = traffic.ingest_summaries([f])
f.close()
self.model.learn(conversations, dns_counts)
# print 'ngrams'
# pprint(self.model.ngrams, width=50)
# print 'query_details'
# pprint(self.model.query_details, width=55)
expected_ngrams = {
('-', '-'): ['cldap:3', 'ldap:3'],
('-', 'cldap:3'): ['cldap:3'],
('-', 'ldap:3'): ['wait:0'],
('cldap:3', 'cldap:3'): ['cldap:3', 'wait:0'],
('cldap:3', 'wait:0'): ['rpc_netlogon:29'],
('kerberos:', 'ldap:3'): ['-'],
('ldap:3', 'wait:0'): ['ldap:2'],
('rpc_netlogon:29', 'kerberos:'): ['ldap:3'],
('wait:0', 'rpc_netlogon:29'): ['kerberos:']
}
expected_query_details = {
'cldap:3': [('', '', '', 'Netlogon', '', '', ''),
('', '', '', 'Netlogon', '', '', ''),
('', '', '', 'Netlogon', '', '', '')],
'kerberos:': [('',)],
'ldap:2': [('', '', '', '', '', '', '')],
'ldap:3': [('',
'',
'',
'subschemaSubentry,dsServiceName,namingContexts,'
'defaultNamingContext,schemaNamingContext,'
'configurationNamingContext,rootDomainNamingContext,'
'supportedControl,supportedLDAPVersion,'
'supportedLDAPPolicies,supportedSASLMechanisms,'
'dnsHostName,ldapServiceName,serverName,'
'supportedCapabilities',
'',
'',
''),
('2', 'DC,DC', '', 'cn', '', '', '')],
'rpc_netlogon:29': [()]
}
self.maxDiff = 5000
ngrams = {k: sorted(v) for k, v in self.model.ngrams.items()}
details = {k: sorted(v) for k, v in self.model.query_details.items()}
self.assertEqual(expected_ngrams, ngrams)
self.assertEqual(expected_query_details, details)
# We use a stringIO instead of a temporary file
f = StringIO()
self.model.save(f)
model2 = traffic.TrafficModel()
f.seek(0)
model2.load(f)
self.assertEqual(expected_ngrams, model2.ngrams)
self.assertEqual(expected_query_details, model2.query_details)