def test_create_handlers_creates_handlers_that_pass_events_to_output_formatter(
mocker,
sdk,
):
class TestExtractor(BaseExtractor):
def __init__(self, handlers, timestamp_filter):
timestamp_filter._term = "test_term"
super().__init__(key, search, handlers, timestamp_filter,
TestQuery)
def _get_timestamp_from_item(self, item):
pass
formatter = mocker.MagicMock()
cursor_store = mocker.MagicMock(sepc=BaseCursorStore)
handlers = create_handlers(sdk,
TestExtractor,
cursor_store,
"chk-name",
formatter,
force_pager=False)
http_response = mocker.MagicMock(spec=Response)
events = [{"property": "bar"}]
http_response.text = '{{"{0}": [{{"property": "bar"}}]}}'.format(key)
py42_response = Py42Response(http_response)
handlers.handle_response(py42_response)
formatter.echo_formatted_list.assert_called_once_with(events)
def search(
state,
format,
begin,
end,
advanced_query,
use_checkpoint,
saved_search,
or_query,
include_all,
**kwargs,
):
"""Search for file events."""
output_header = ext.try_get_default_header(include_all,
_create_search_header_map(),
format)
formatter = FileEventsOutputFormatter(format, output_header)
cursor = _get_cursor(state, use_checkpoint)
handlers = ext.create_handlers(
state.sdk,
FileEventExtractor,
cursor,
use_checkpoint,
formatter=formatter,
force_pager=include_all,
)
_extract(state, handlers, begin, end, or_query, advanced_query,
saved_search, **kwargs)
def search(
state,
format,
begin,
end,
advanced_query,
use_checkpoint,
saved_search,
or_query,
include_all,
**kwargs,
):
"""Search for file events."""
output_header = ext.try_get_default_header(include_all,
SEARCH_DEFAULT_HEADER, format)
formatter = FileEventsOutputFormatter(format, output_header)
cursor = (_get_file_event_cursor_store(state.profile.name)
if use_checkpoint else None)
handlers = ext.create_handlers(
state.sdk,
FileEventExtractor,
cursor,
use_checkpoint,
formatter=formatter,
force_pager=include_all,
)
_call_extractor(state, handlers, begin, end, or_query, advanced_query,
saved_search, **kwargs)
handle_no_events(not handlers.TOTAL_EVENTS and not errors.ERRORED)
def search(
cli_state,
format,
begin,
end,
advanced_query,
use_checkpoint,
or_query,
include_all,
**kwargs,
):
"""Search for alerts."""
output_header = ext.try_get_default_header(include_all,
_get_default_output_header(),
format)
formatter = OutputFormatter(format, output_header)
cursor = _get_alert_cursor_store(
cli_state.profile.name) if use_checkpoint else None
handlers = ext.create_handlers(
cli_state.sdk,
AlertExtractor,
cursor,
use_checkpoint,
formatter=formatter,
force_pager=include_all,
)
_call_extractor(cli_state, handlers, begin, end, or_query, advanced_query,
**kwargs)
handle_no_events(not handlers.TOTAL_EVENTS and not errors.ERRORED)