def test_analyze_mult_missing(agents_fixtures):
"""
Test `prewikka.views.agents.agents.Agents.analyze` view.
Multiple heartbeats with "missing" status.
"""
view = agents_fixtures
analyzer_id = '123456'
idmef_id = '01123581-3213-4558-9144'
idmef_id_2 = '01123581-3213-4558-9145'
idmef = create_heartbeat(idmef_id,
heartbeat_date='2013-01-01 10:09:08',
status='Online',
analyzer_id=analyzer_id)
idmef_2 = create_heartbeat(idmef_id_2,
heartbeat_date='2013-12-11 10:19:08',
status='Online',
analyzer_id=analyzer_id)
env.idmef_db.insert(idmef)
env.idmef_db.insert(idmef_2)
assert view.render(analyzer_id)
# clean
delete_heartbeat(idmef_id)
delete_heartbeat(idmef_id_2)
def test_analyze_mult_exiting(agents_fixtures):
"""
Test `prewikka.views.agents.agents.Agents.analyze` view.
Multiple heartbeats with "exiting" status.
"""
view = agents_fixtures
analyzer_id = '123456'
idmef_id = '01123581-3213-4558-9144'
idmef_id_2 = '01123581-3213-4558-9145'
idmef = create_heartbeat(idmef_id,
status='exiting',
analyzer_id=analyzer_id)
idmef_2 = create_heartbeat(idmef_id_2,
status='exiting',
analyzer_id=analyzer_id)
env.idmef_db.insert(idmef)
env.idmef_db.insert(idmef_2)
assert view.render(analyzer_id)
# clean
delete_heartbeat(idmef_id)
delete_heartbeat(idmef_id_2)
def test_analyze_mult_run_unexint(agents_fixtures):
"""
Test `prewikka.views.agents.agents.Agents.analyze` view.
Multiple heartbeats with "running" status but unexpected interval between 2 heartbeats.
"""
view = agents_fixtures
analyzer_id = '123456'
idmef_id = '01123581-3213-4558-9144'
idmef_id_2 = '01123581-3213-4558-9145'
current_date = datetime.now()
previous_date = current_date - timedelta(seconds=600)
idmef = create_heartbeat(
idmef_id,
status='running',
heartbeat_date=current_date.strftime('%Y-%m-%d %H:%M:%S'),
analyzer_id=analyzer_id,
heartbeat_interval=599)
idmef_2 = create_heartbeat(
idmef_id_2,
status='running',
heartbeat_date=previous_date.strftime('%Y-%m-%d %H:%M:%S'),
analyzer_id=analyzer_id,
heartbeat_interval=599)
env.idmef_db.insert(idmef)
env.idmef_db.insert(idmef_2)
assert view.render(analyzer_id)
# clean
delete_heartbeat(idmef_id)
delete_heartbeat(idmef_id_2)
def test_delete_heartbeat_multiple(agents_fixtures):
"""
Test `prewikka.views.agents.agents.Agents.delete` view.
Type(s): Heartbeat (x2)
"""
view = agents_fixtures
backup_parameters = deepcopy(env.request.parameters)
idmef_id = '01123581-3213-4558-9144'
idmef_id_2 = '01123581-3213-4558-9145'
idmef = create_heartbeat(idmef_id)
idmef_2 = create_heartbeat(idmef_id_2)
env.idmef_db.insert(idmef)
env.idmef_db.insert(idmef_2)
env.request.parameters['types'] = ['heartbeat']
env.request.parameters['id'] = [
idmef_id.replace('-', ''),
idmef_id_2.replace('-', '')
]
assert len(get_heartbeat(idmef_id)) == 1
assert len(get_heartbeat(idmef_id_2)) == 1
assert view.render()
assert len(get_heartbeat(idmef_id)) == 0
assert len(get_heartbeat(idmef_id_2)) == 0
# clean
env.request.parameters = backup_parameters
def test_analyze_mult_no_interval(agents_fixtures):
"""
Test `prewikka.views.agents.agents.Agents.analyze` view.
Multiple heartbeats without `heartbeat.heartbeat_interval`.
"""
view = agents_fixtures
analyzer_id = '123456'
idmef_id = '01123581-3213-4558-9144'
idmef_id_2 = '01123581-3213-4558-9145'
idmef = create_heartbeat(idmef_id,
heartbeat_interval=None,
status='Online',
analyzer_id=analyzer_id)
idmef_2 = create_heartbeat(idmef_id_2,
heartbeat_interval=None,
status='Online',
analyzer_id=analyzer_id)
env.idmef_db.insert(idmef)
env.idmef_db.insert(idmef_2)
assert view.render(analyzer_id)
# clean
delete_heartbeat(idmef_id)
delete_heartbeat(idmef_id_2)
def test_delete_alert_and_heartbeat(agents_fixtures):
"""
Test `prewikka.views.agents.agents.Agents.delete` view.
Type(s): Alert (x2, one deleted and one not deleted) + Heartbeat (x1)
"""
view = agents_fixtures
backup_parameters = deepcopy(env.request.parameters)
idmef_id = '01123581-3213-4558-9144'
idmef_id_2 = '01123581-3213-4558-9145' # not deleted
idmef_id_3 = '01123581-3213-4558-91456'
idmef = create_alert(idmef_id)
idmef_2 = create_alert(idmef_id_2)
idmef_3 = create_heartbeat(idmef_id_3)
env.idmef_db.insert(idmef)
env.idmef_db.insert(idmef_2)
env.idmef_db.insert(idmef_3)
env.request.parameters['types'] = ['alert', 'heartbeat']
env.request.parameters['id'] = [
idmef_id.replace('-', ''),
idmef_id_3.replace('-', '')
]
assert len(get_alert(idmef_id)) == 1
assert len(get_alert(idmef_id_2)) == 1
assert len(get_heartbeat(idmef_id_3)) == 1
assert view.render()
assert len(get_alert(idmef_id)) == 0
assert len(get_alert(idmef_id_2)) == 1
assert len(get_heartbeat(idmef_id_3)) == 0
# clean
env.request.parameters = backup_parameters
def messagesummary_fixtures(request):
"""
Fixture for messagesummary tests.
:return: view for messagesummary.
:rtype: prewikka.view.View
"""
backup_parameters = deepcopy(env.request.parameters)
view = load_view_for_fixtures(request.param)
view.process_parameters()
heartbeat = create_heartbeat(_heartbeat_id)
env.dataprovider._backends["heartbeat"]._db.insert(heartbeat)
alert = create_alert(_alert_id)
env.dataprovider._backends["alert"]._db.insert(alert)
correlation_alert = create_correlation_alert(_correlation_alert_id,
'correlation_alert_1',
_alert_id)
env.dataprovider._backends["alert"]._db.insert(correlation_alert)
def tear_down():
"""
TearDown
"""
env.request.parameters = backup_parameters
env.dataprovider._backends["alert"]._db.remove('alert.messageid')
request.addfinalizer(tear_down)
return view
def test_analyze_mult_no_status(agents_fixtures):
"""
Test `prewikka.views.agents.agents.Agents.analyze` view.
Multiple heartbeats without `additional_data('Analyzer status')`.
"""
view = agents_fixtures
analyzer_id = '123456'
idmef_id = '01123581-3213-4558-9144'
idmef_id_2 = '01123581-3213-4558-9145'
idmef = create_heartbeat(idmef_id, analyzer_id=analyzer_id)
idmef_2 = create_heartbeat(idmef_id_2, analyzer_id=analyzer_id)
env.idmef_db.insert(idmef)
env.idmef_db.insert(idmef_2)
assert view.render(analyzer_id)
# clean
delete_heartbeat(idmef_id)
delete_heartbeat(idmef_id_2)
def test_agents(agents_fixtures):
"""
Test `prewikka.views.agents.agents.Agents.agents` view.
"""
view = agents_fixtures
idmef = create_heartbeat('01123581-3213-4558-9144')
env.idmef_db.insert(idmef)
assert view.render()
# clean
delete_heartbeat('01123581-3213-4558-9144')
def test_analyze(agents_fixtures):
"""
Test `prewikka.views.agents.agents.Agents.analyze` view.
"""
view = agents_fixtures
idmef_id = '01123581-3213-4558-9144'
idmef = create_heartbeat(idmef_id)
env.idmef_db.insert(idmef)
assert view.render(idmef_id.replace('-', ''))
# clean
delete_heartbeat(idmef_id)
def test_get_analyzer_status():
"""
Test `prewikka.utils.misc.get_analyzer_status_from_latest_heartbeat()`.
"""
heartbeat_id = 'NqnYbirynpr'
idmef_db = env.dataprovider._backends["alert"]._db
criteria = Criterion('heartbeat.messageid', '=', heartbeat_id)
heartbeats = [
(create_heartbeat(heartbeat_id, status='exiting'), 'offline'),
(create_heartbeat(heartbeat_id, heartbeat_interval=None), 'unknown'),
(create_heartbeat(heartbeat_id,
heartbeat_date='1991-08-25 20:57:08'), 'missing'),
(create_heartbeat(heartbeat_id), 'online')
]
for idmef, expected_status in heartbeats:
idmef_db.insert(idmef)
heartbeat = env.dataprovider.get(criteria)[0]['heartbeat']
status = misc.get_analyzer_status_from_latest_heartbeat(heartbeat, 0)
assert status[0] == expected_status
delete_heartbeat(heartbeat_id)
def test_agents_status_unknown(agents_fixtures):
"""
Test `prewikka.views.agents.agents.Agents.agents` view.
"""
view = agents_fixtures
backup_parameters = deepcopy(env.request.parameters)
idmef = create_heartbeat('01123581-3213-4558-9144', status='online')
env.idmef_db.insert(idmef)
env.request.parameters['status'] = ['unknown']
assert view.render()
# clean
delete_heartbeat('01123581-3213-4558-9144')
env.request.parameters = backup_parameters
