def test_syscheck_clear_exception(wdb_close_mock, execute_mock, wdb_init_mock, agent_list, expected_result, agent_info_list, agent_version, expected_version_errcode): """Test function `clear` from syscheck module. It will force an exception. Parameters ---------- agent_list : list List of agent IDs. expected_result : list List of dicts with expected results for every test. agent_info_list : list List of agent IDs that `syscheck.get_agents_info` will return when mocked. """ with patch('wazuh.syscheck.get_agents_info', return_value=set(agent_info_list)), \ patch('wazuh.syscheck.WazuhDBQueryAgents') as mock_wdbqa: mock_wdbqa.return_value.run.return_value = { 'items': [{'id': ag_id, 'version': agent_version} for ag_id in agent_info_list]} result = clear(agent_list=agent_list) w_error = next(iter(result.failed_items)) assert expected_version_errcode == w_error.code assert isinstance(result, AffectedItemsWazuhResult) assert result.affected_items == expected_result['affected_items'] assert result.total_affected_items == expected_result['total_affected_items'] if result.failed_items: assert next(iter(result.failed_items.values())) == expected_result['failed_items'] assert result.total_failed_items == expected_result['total_failed_items']
def test_syscheck_clear_exception(execute_mock, wdb_init_mock, agent_list, expected_result, agent_info_list): """Test function `clear` from syscheck module. It will force an exception. Parameters ---------- agent_list : list List of agent IDs. expected_result : list List of dicts with expected results for every test. agent_info_list : list List of agent IDs that `syscheck.get_agents_info` will return when mocked. """ with patch('wazuh.syscheck.get_agents_info', return_value=agent_info_list): result = clear(agent_list=agent_list) assert isinstance(result, AffectedItemsWazuhResult) assert result.affected_items == expected_result['affected_items'] assert result.total_affected_items == expected_result[ 'total_affected_items'] if result.failed_items: assert next(iter(result.failed_items.values()) ) == expected_result['failed_items'] assert result.total_failed_items == expected_result[ 'total_failed_items']
def test_clear(mock_all_agents, mock_info, mock_wbd_conn, agent_id, all_agents): """ Test clear function """ result = clear(agent_id, all_agents) assert isinstance(result, str)
def found_terminator(self): response = b''.join(self.received_data) error = 0 cmd = self.f.decrypt(response[:common.cluster_sync_msg_size]).decode() self.command = cmd.split(" ") logging.debug("Command received: {0}".format(self.command)) if not check_cluster_cmd(self.command, self.node_type): logging.error( "Received invalid cluster command {0} from {1}".format( self.command[0], self.addr)) error = 1 res = "Received invalid cluster command {0}".format( self.command[0]) if error == 0: if self.command[0] == list_requests_cluster['node']: res = get_node() elif self.command[0] == list_requests_cluster['zip']: zip_bytes = self.f.decrypt( response[common.cluster_sync_msg_size:]) res = extract_zip(zip_bytes) self.restart = res['restart'] elif self.command[0] == list_requests_agents['RESTART_AGENTS']: args = self.f.decrypt(response[common.cluster_sync_msg_size:]) args = args.split(" ") if (len(args) == 2): agents = args[0].split("-") restart_all = ast.literal_eval(args[1]) else: agents = None restart_all = ast.literal_eval(args[0]) cluster_depth = ast.literal_eval(self.command[1]) - 1 res = Agent.restart_agents(agents, restart_all, cluster_depth) elif self.command[0] == list_requests_agents[ 'AGENTS_UPGRADE_RESULT']: args = self.f.decrypt(response[common.cluster_sync_msg_size:]) args = args.split(" ") try: agent = args[0] timeout = args[1] res = Agent.get_upgrade_result(agent, timeout) except Exception as e: res = str(e) elif self.command[0] == list_requests_agents['AGENTS_UPGRADE']: args = self.f.decrypt(response[common.cluster_sync_msg_size:]) args = args.split(" ") agent_id = args[0] wpk_repo = ast.literal_eval(args[1]) version = ast.literal_eval(args[2]) force = ast.literal_eval(args[3]) chunk_size = ast.literal_eval(args[4]) try: res = Agent.upgrade_agent(agent_id, wpk_repo, version, force, chunk_size) except Exception as e: res = str(e) elif self.command[0] == list_requests_agents[ 'AGENTS_UPGRADE_CUSTOM']: args = self.f.decrypt(response[common.cluster_sync_msg_size:]) args = args.split(" ") agent_id = args[0] file_path = ast.literal_eval(args[1]) installer = ast.literal_eval(args[2]) try: res = Agent.upgrade_agent_custom(agent_id, file_path, installer) except Exception as e: res = str(e) elif self.command[0] == list_requests_syscheck[ 'SYSCHECK_LAST_SCAN']: args = self.f.decrypt(response[common.cluster_sync_msg_size:]) agent = args.split(" ") res = syscheck.last_scan(agent[0]) elif self.command[0] == list_requests_syscheck['SYSCHECK_RUN']: args = self.f.decrypt(response[common.cluster_sync_msg_size:]) args = args.split(" ") if (len(args) == 2): agents = args[0] all_agents = ast.literal_eval(args[1]) else: agents = None all_agents = ast.literal_eval(args[0]) cluster_depth = ast.literal_eval(self.command[1]) - 1 res = syscheck.run(agents, all_agents, cluster_depth) elif self.command[0] == list_requests_syscheck['SYSCHECK_CLEAR']: args = self.f.decrypt(response[common.cluster_sync_msg_size:]) args = args.split(" ") if (len(args) == 2): agents = args[0] all_agents = ast.literal_eval(args[1]) else: agents = None all_agents = ast.literal_eval(args[0]) cluster_depth = ast.literal_eval(self.command[1]) - 1 res = syscheck.clear(agents, all_agents, cluster_depth) elif self.command[0] == list_requests_rootcheck['ROOTCHECK_PCI']: args = self.f.decrypt(response[common.cluster_sync_msg_size:]) args = args.split(" ") index = 0 agents = None if (len(args) == 5): agents = args[0] index = index + 1 offset = ast.literal_eval(args[index]) index = index + 1 limit = ast.literal_eval(args[index]) index = index + 1 sort = ast.literal_eval(args[index]) index = index + 1 search = ast.literal_eval(args[index]) res = args res = rootcheck.get_pci(agents, offset, limit, sort, search) elif self.command[0] == list_requests_rootcheck['ROOTCHECK_CIS']: args = self.f.decrypt(response[common.cluster_sync_msg_size:]) args = args.split(" ") index = 0 agents = None if (len(args) == 5): agents = args[0] index = index + 1 offset = ast.literal_eval(args[index]) index = index + 1 limit = ast.literal_eval(args[index]) index = index + 1 sort = ast.literal_eval(args[index]) index = index + 1 search = ast.literal_eval(args[index]) res = args res = rootcheck.get_cis(agents, offset, limit, sort, search) elif self.command[0] == list_requests_rootcheck[ 'ROOTCHECK_LAST_SCAN']: args = self.f.decrypt(response[common.cluster_sync_msg_size:]) agent = args.split(" ") res = rootcheck.last_scan(agent[0]) elif self.command[0] == list_requests_rootcheck['ROOTCHECK_RUN']: args = self.f.decrypt(response[common.cluster_sync_msg_size:]) args = args.split(" ") if (len(args) == 2): agents = args[0] all_agents = ast.literal_eval(args[1]) else: agents = None all_agents = ast.literal_eval(args[0]) cluster_depth = ast.literal_eval(self.command[1]) - 1 res = rootcheck.run(agents, all_agents, cluster_depth) elif self.command[0] == list_requests_rootcheck['ROOTCHECK_CLEAR']: args = self.f.decrypt(response[common.cluster_sync_msg_size:]) args = args.split(" ") if (len(args) == 2): agents = args[0] all_agents = ast.literal_eval(args[1]) else: agents = None all_agents = ast.literal_eval(args[0]) cluster_depth = ast.literal_eval(self.command[1]) - 1 res = rootcheck.clear(agents, all_agents, cluster_depth) elif self.command[0] == list_requests_managers['MANAGERS_STATUS']: args = self.f.decrypt(response[common.cluster_sync_msg_size:]) args = args.split(" ") cluster_depth = ast.literal_eval(self.command[1]) - 1 res = manager.managers_status(cluster_depth=cluster_depth) elif self.command[0] == list_requests_managers['MANAGERS_LOGS']: args = self.f.decrypt(response[common.cluster_sync_msg_size:]) args = args.split(" ") cluster_depth = ast.literal_eval(self.command[1]) - 1 type_log = args[0] category = args[1] months = ast.literal_eval(args[2]) offset = ast.literal_eval(args[3]) limit = ast.literal_eval(args[4]) sort = ast.literal_eval(args[5]) search = ast.literal_eval(args[6]) res = manager.managers_ossec_log(type_log=type_log, category=category, months=months, offset=offset, limit=limit, sort=sort, search=search, cluster_depth=cluster_depth) elif self.command[0] == list_requests_managers[ 'MANAGERS_LOGS_SUMMARY']: args = self.f.decrypt(response[common.cluster_sync_msg_size:]) args = args.split(" ") cluster_depth = ast.literal_eval(self.command[1]) - 1 months = ast.literal_eval(args[0]) res = manager.managers_ossec_log_summary( months=months, cluster_depth=cluster_depth) elif self.command[0] == list_requests_managers[ 'MANAGERS_STATS_TOTALS']: args = self.f.decrypt(response[common.cluster_sync_msg_size:]) args = args.split(" ") cluster_depth = ast.literal_eval(self.command[1]) - 1 year = ast.literal_eval(args[0]) month = ast.literal_eval(args[1]) day = ast.literal_eval(args[2]) res = stats.totals(year=year, month=month, day=day, cluster_depth=cluster_depth) elif self.command[0] == list_requests_managers[ 'MANAGERS_STATS_HOURLY']: args = self.f.decrypt(response[common.cluster_sync_msg_size:]) args = args.split(" ") cluster_depth = ast.literal_eval(self.command[1]) - 1 res = stats.hourly(cluster_depth=cluster_depth) elif self.command[0] == list_requests_managers[ 'MANAGERS_STATS_WEEKLY']: args = self.f.decrypt(response[common.cluster_sync_msg_size:]) args = args.split(" ") cluster_depth = ast.literal_eval(self.command[1]) - 1 res = stats.weekly(cluster_depth=cluster_depth) elif self.command[0] == list_requests_managers[ 'MANAGERS_OSSEC_CONF']: args = self.f.decrypt(response[common.cluster_sync_msg_size:]) args = args.split(" ") cluster_depth = ast.literal_eval(self.command[1]) - 1 section = args[0] field = ast.literal_eval(args[1]) res = manager.managers_get_ossec_conf( section=section, field=field, cluster_depth=cluster_depth) elif self.command[0] == list_requests_managers['MANAGERS_INFO']: args = self.f.decrypt(response[common.cluster_sync_msg_size:]) args = args.split(" ") cluster_depth = ast.literal_eval(self.command[1]) - 1 res = myWazuh.managers_get_ossec_init( cluster_depth=cluster_depth) elif self.command[0] == list_requests_cluster['CLUSTER_CONFIG']: args = self.f.decrypt(response[common.cluster_sync_msg_size:]) args = args.split(" ") cluster_depth = ast.literal_eval(self.command[1]) - 1 res = get_config_distributed(cluster_depth=cluster_depth) elif self.command[0] == list_requests_cluster['MASTER_FORW']: args = self.f.decrypt(response[common.cluster_sync_msg_size:]) args = args.split(" ") args_list = [] if args[0] in all_list_requests.values(): agent_id = None request_type = args[0] if (len(args) > 1): args_list = args[1:] elif len(args) > 1 and args[1] in all_list_requests.values(): agent_id = args[0].split("-") request_type = args[1] if (len(args) > 2): args_list = args[2:] res = distributed_api_request(request_type=request_type, agent_id=agent_id, args=args_list, cluster_depth=1, affected_nodes=None, from_cluster=True) elif self.command[0] == list_requests_cluster['ready']: res = "Starting to sync client's files" # execute an independent process to "crontab" the sync interval kill(child_pid, SIGUSR1) elif self.command[0] == list_requests_cluster['data']: res = "Saving data from actual master" actual_master_data = json.loads( self.f.decrypt( response[common.cluster_sync_msg_size:]).decode()) if save_actual_master_data_on_db(actual_master_data): restart_manager() logging.debug("Command {0} executed for {1}".format( self.command[0], self.addr)) self.data = json.dumps({'error': error, 'data': res}) self.handle_write()