def test_host_data(): test_config1 = Path(_TEST_DATA).parent.joinpath("msticpyconfig-test.yaml") with custom_mp_config(test_config1): with warnings.catch_warnings(): # We want to ignore warnings from missing config warnings.simplefilter("ignore", category=UserWarning) syslog_file = os.path.join(_TEST_DATA, "syslog_data.csv") syslog_df = pd.read_csv(syslog_file, parse_dates=["TimeGenerated"]) heartbeat_file = os.path.join(_TEST_DATA, "host_hb.csv") heartbeat_df = pd.read_csv(heartbeat_file) az_net_file = os.path.join(_TEST_DATA, "az_net.csv") az_net_df = pd.read_csv(az_net_file) try: host_record = ls.create_host_record(syslog_df, heartbeat_df, az_net_df) assert type(host_record) == Host # nosec assert host_record.OSType == "Linux" # nosec except GeoIPDatabaseException: # test will fail if no GeoIP database exists or can be downloaded other_provider_settings = get_provider_settings( config_section="OtherProviders").get("GeoIPLite", {}) geolite_key = None if other_provider_settings: geolite_key = other_provider_settings.args.get("AuthKey") if not geolite_key: warnings.resetwarnings() warnings.warn(message=( "No configuration value found for GeoLite key. ", + "Test test_host_data skipped.", )) return assert False
def test_get_config(): test_config1 = Path(_TEST_DATA).joinpath(pkg_config._CONFIG_FILE) with custom_mp_config(test_config1): data_provs = get_provider_settings(config_section="DataProviders") az_cli_config = data_provs.get("AzureCLI") assert bool(az_cli_config) config_items = az_cli_config.args assert bool(config_items) assert bool(config_items["clientId"]) assert bool(config_items["tenantId"]) assert bool(config_items["clientSecret"])
def _check_provider_settings(self, sec_settings): prov_settings = get_provider_settings() for p_name, p_settings in prov_settings.items(): args = prov_settings[p_name].args if p_name == "OTX": sec_value = sec_settings.read_secret(args["AuthKey"]) self.assertEqual(KV_SECRETS["OTX-AuthKey"], sec_value) elif p_name == "VirusTotal": sec_value = sec_settings.read_secret(args["AuthKey"]) self.assertEqual( KV_SECRETS["TIProviders-VirusTotal-Args-AuthKey"], sec_value ) elif p_name == "XForce": sec_value = sec_settings.read_secret(args["AuthKey"]) self.assertEqual(KV_SECRETS["XForce-AuthKey"], sec_value) sec_value = sec_settings.read_secret(args["ApiID"]) self.assertEqual(KV_SECRETS["XForce-ApiID"], sec_value)