Python fetch_incidents 예제들

예제 #1

파일: CyberArkPAS_test.py 프로젝트: znuf/content

def test_fetch_incidents_with_specific_score(mocker):
    """Unit test
        Given
        - demisto params
        - raw response of the http request
        When
        - mock the http request result while the result is 15 incidents and we only wish to see 5
        Then
        - validate the incidents values, make sure make sure that there are only 5 incidents and that there
         are the oldest
        """
    mocker.patch.object(Client, '_generate_token')
    client = Client(server_url="https://api.cyberark.com/",
                    username="******",
                    password="******",
                    use_ssl=False,
                    proxy=False,
                    max_fetch=10)

    mocker.patch.object(
        Client,
        '_http_request',
        return_value=GET_SECURITY_EVENTS_WITH_15_INCIDENT_RAW_RESPONSE)
    _, incidents = fetch_incidents(client, {},
                                   "3 days",
                                   score="50",
                                   max_fetch="10")
    assert len(incidents) == 3
    assert incidents == INCIDENTS_FILTERED_BY_SCORE

예제 #2

파일: CyberArkPAS_test.py 프로젝트: znuf/content

def test_fetch_incidents_with_an_incident_that_was_shown_before(mocker):
    """Unit test
        Given
        - demisto params
        - raw response of the http request
        When
        - mock the http request result while one of the incidents was shown in the previous run
        Then
        - validate the incidents values, make sure the event that was shown before is not in
        the incidents again
        """
    mocker.patch.object(Client, '_generate_token')
    client = Client(server_url="https://api.cyberark.com/",
                    username="******",
                    password="******",
                    use_ssl=False,
                    proxy=False,
                    max_fetch=50)

    mocker.patch.object(
        Client,
        '_http_request',
        return_value=GET_SECURITY_EVENTS_WITH_UNNECESSARY_INCIDENT_RAW_RESPONSE
    )
    # the last run dict is the same we would have got if we run the prev test before
    last_run = {
        'time':
        1594573600000,
        'last_event_ids':
        '["5f0b3064e4b0ba4baf5c1113", "5f0b4320e4b0ba4baf5c2b05"]'
    }
    _, incidents = fetch_incidents(client, last_run, "3 days", "0", "1")
    assert incidents == INCIDENTS_AFTER_FETCH

예제 #3

def test_fetch_incidents(mocker):
    """Unit test
    Given
    - raw response of the http request
    When
    - mock the http request result as 5 results that are sorted from the newest to the oldest
    Then
    - as defined in the demisto params - show only 2, those should be the oldest 2 available
    - validate the incidents values
    """
    mocker.patch.object(Client, '_generate_token')
    client = Client(server_url="https://api.cyberark.com/", username="******", password="******", use_ssl=False,
                    proxy=False, max_fetch=50)

    mocker.patch.object(Client, '_http_request', return_value=GET_SECURITY_EVENTS_RAW_RESPONSE)

    _, incidents = fetch_incidents(client, {}, "3 days", "0", "2")
    assert incidents == INCIDENTS