def testFormatDateTime(self):
"""Tests the _FormatDateTime function."""
output_mediator = self._CreateOutputMediator()
test_helper = formatting_helper.FieldFormattingHelper(output_mediator)
event, event_data, event_data_stream = (
containers_test_lib.CreateEventFromValues(self._TEST_EVENTS[0]))
# Test with event.date_time
date_time_string = test_helper._FormatDateTime(event, event_data,
event_data_stream)
self.assertEqual(date_time_string, '2012-06-27T18:17:01.000000+00:00')
# Test with event.timestamp
event.date_time = None
date_time_string = test_helper._FormatDateTime(event, event_data,
event_data_stream)
self.assertEqual(date_time_string, '2012-06-27T18:17:01+00:00')
event.timestamp = 0
date_time_string = test_helper._FormatDateTime(event, event_data,
event_data_stream)
self.assertEqual(date_time_string, '0000-00-00T00:00:00+00:00')
event.timestamp = -9223372036854775808
date_time_string = test_helper._FormatDateTime(event, event_data,
event_data_stream)
self.assertEqual(date_time_string, '0000-00-00T00:00:00+00:00')
def testFormatTime(self):
"""Tests the _FormatTime function."""
output_mediator = self._CreateOutputMediator()
test_helper = formatting_helper.FieldFormattingHelper(output_mediator)
event, event_data, event_data_stream = (
containers_test_lib.CreateEventFromValues(self._TEST_EVENTS[0]))
# Test with event.date_time
time_string = test_helper._FormatTime(event, event_data,
event_data_stream)
self.assertEqual(time_string, '18:17:01')
# Test with event.timestamp
event.date_time = None
time_string = test_helper._FormatTime(event, event_data,
event_data_stream)
self.assertEqual(time_string, '18:17:01')
event.timestamp = 0
time_string = test_helper._FormatTime(event, event_data,
event_data_stream)
self.assertEqual(time_string, '--:--:--')
event.timestamp = -9223372036854775808
time_string = test_helper._FormatTime(event, event_data,
event_data_stream)
self.assertEqual(time_string, '--:--:--')
def testFormatTime(self):
"""Tests the _FormatTime function."""
output_mediator = self._CreateOutputMediator()
test_helper = formatting_helper.FieldFormattingHelper(output_mediator)
# Test with event.date_time
event, event_data, event_data_stream = (
containers_test_lib.CreateEventFromValues(self._TEST_EVENTS[0]))
time_string = test_helper._FormatTime(event, event_data,
event_data_stream)
self.assertEqual(time_string, '18:17:01')
output_mediator.SetTimeZone('Europe/Amsterdam')
time_string = test_helper._FormatTime(event, event_data,
event_data_stream)
self.assertEqual(time_string, '20:17:01')
output_mediator.SetTimeZone('UTC')
event, event_data, event_data_stream = (
containers_test_lib.CreateEventFromValues(self._TEST_EVENTS[1]))
event.date_time._time_zone_offset = 120
time_string = test_helper._FormatTime(event, event_data,
event_data_stream)
self.assertEqual(time_string, '18:17:01')
# Test with event.is_local_time
event, event_data, event_data_stream = (
containers_test_lib.CreateEventFromValues(self._TEST_EVENTS[0]))
event.timestamp -= 120 * 60 * 1000000
event.date_time.is_local_time = True
time_string = test_helper._FormatTime(event, event_data,
event_data_stream)
self.assertEqual(time_string, '16:17:01')
# Test with event.timestamp
event, event_data, event_data_stream = (
containers_test_lib.CreateEventFromValues(self._TEST_EVENTS[0]))
event.date_time = None
time_string = test_helper._FormatTime(event, event_data,
event_data_stream)
self.assertEqual(time_string, '18:17:01')
event.timestamp = 0
time_string = test_helper._FormatTime(event, event_data,
event_data_stream)
self.assertEqual(time_string, '--:--:--')
event.timestamp = -9223372036854775808
time_string = test_helper._FormatTime(event, event_data,
event_data_stream)
self.assertEqual(time_string, '--:--:--')
def testFormatMACB(self):
"""Tests the _FormatMACB function."""
output_mediator = self._CreateOutputMediator()
test_helper = formatting_helper.FieldFormattingHelper(output_mediator)
event, event_data, event_data_stream = (
containers_test_lib.CreateEventFromValues(self._TEST_EVENTS[0]))
macb_string = test_helper._FormatMACB(event, event_data, event_data_stream)
self.assertEqual(macb_string, '..C.')
def __init__(self, output_mediator):
"""Initializes a dynamic selected delimiter separated values output module.
Args:
output_mediator (OutputMediator): an output mediator.
"""
super(TestXMLEventFormattingHelper, self).__init__(output_mediator)
self._field_formatting_helper = formatting_helper.FieldFormattingHelper(
output_mediator)
def testFormatFilename(self):
"""Tests the _FormatFilename function."""
output_mediator = self._CreateOutputMediator()
test_helper = formatting_helper.FieldFormattingHelper(output_mediator)
event, event_data, event_data_stream = (
containers_test_lib.CreateEventFromValues(self._TEST_EVENTS[0]))
filename_string = test_helper._FormatFilename(event, event_data,
event_data_stream)
self.assertEqual(filename_string, 'log/syslog.1')
def testGetFormattedField(self):
"""Tests the GetFormattedField function."""
output_mediator = self._CreateOutputMediator()
test_helper = formatting_helper.FieldFormattingHelper(output_mediator)
test_helper._FIELD_FORMAT_CALLBACKS = {'zone': '_FormatTimeZone'}
event, event_data, event_data_stream = (
containers_test_lib.CreateEventFromValues(self._TEST_EVENTS[0]))
zone_string = test_helper.GetFormattedField('zone', event, event_data,
event_data_stream, None)
self.assertEqual(zone_string, 'UTC')
def testFormatSourceShort(self):
"""Tests the _FormatSourceShort function."""
output_mediator = self._CreateOutputMediator()
test_helper = formatting_helper.FieldFormattingHelper(output_mediator)
event, event_data, event_data_stream = (
containers_test_lib.CreateEventFromValues(self._TEST_EVENTS[0]))
source_short_string = test_helper._FormatSourceShort(
event, event_data, event_data_stream)
self.assertEqual(source_short_string, 'FILE')
def testFormatTag(self):
"""Tests the _FormatTag function."""
output_mediator = self._CreateOutputMediator()
test_helper = formatting_helper.FieldFormattingHelper(output_mediator)
tag_string = test_helper._FormatTag(None)
self.assertEqual(tag_string, '-')
event_tag = events.EventTag()
event_tag.AddLabel('one')
event_tag.AddLabel('two')
tag_string = test_helper._FormatTag(event_tag)
self.assertEqual(tag_string, 'one two')
def testFormatDateTime(self):
"""Tests the _FormatDateTime function with dynamic time."""
output_mediator = self._CreateOutputMediator(dynamic_time=True)
test_helper = formatting_helper.FieldFormattingHelper(output_mediator)
event, event_data, event_data_stream = (
containers_test_lib.CreateEventFromValues(self._TEST_EVENTS[0]))
date_time_string = test_helper._FormatDateTime(event, event_data,
event_data_stream)
self.assertEqual(date_time_string, '2012-06-27T18:17:01.000000+00:00')
output_mediator.SetTimeZone('Europe/Amsterdam')
date_time_string = test_helper._FormatDateTime(event, event_data,
event_data_stream)
self.assertEqual(date_time_string, '2012-06-27T20:17:01.000000+02:00')
output_mediator.SetTimeZone('UTC')
event, event_data, event_data_stream = (
containers_test_lib.CreateEventFromValues(self._TEST_EVENTS[1]))
event.date_time._time_zone_offset = 120
date_time_string = test_helper._FormatDateTime(event, event_data,
event_data_stream)
self.assertEqual(date_time_string, '2012-06-27T18:17:01.000000+00:00')
event.date_time = dfdatetime_semantic_time.InvalidTime()
date_time_string = test_helper._FormatDateTime(event, event_data,
event_data_stream)
self.assertEqual(date_time_string, 'Invalid')
# Test with event.is_local_time
event, event_data, event_data_stream = (
containers_test_lib.CreateEventFromValues(self._TEST_EVENTS[0]))
event.timestamp -= 120 * 60 * 1000000
event.date_time.is_local_time = True
date_time_string = test_helper._FormatDateTime(event, event_data,
event_data_stream)
self.assertEqual(date_time_string, '2012-06-27T16:17:01.000000+00:00')
def testFormatSource(self):
"""Tests the _FormatSource function."""
output_mediator = self._CreateOutputMediator()
test_helper = formatting_helper.FieldFormattingHelper(output_mediator)
event, event_data, event_data_stream = (
containers_test_lib.CreateEventFromValues(self._TEST_EVENTS[0]))
formatters_manager.FormattersManager.RegisterFormatter(
formatters_test_lib.TestEventFormatter)
try:
source_string = test_helper._FormatSource(event, event_data,
event_data_stream)
finally:
formatters_manager.FormattersManager.DeregisterFormatter(
formatters_test_lib.TestEventFormatter)
self.assertEqual(source_string, 'Test log file')
def testFormatMessageShort(self):
"""Tests the _FormatMessageShort function."""
output_mediator = self._CreateOutputMediator()
formatters_directory_path = self._GetTestFilePath(['formatters'])
output_mediator.ReadMessageFormattersFromDirectory(
formatters_directory_path)
test_helper = formatting_helper.FieldFormattingHelper(output_mediator)
event, event_data, event_data_stream = (
containers_test_lib.CreateEventFromValues(self._TEST_EVENTS[0]))
message_short_string = test_helper._FormatMessageShort(
event, event_data, event_data_stream)
expected_message_short_string = (
'Reporter <CRON> PID: 8442 (pam_unix(cron:session): session closed '
'for user root)')
self.assertEqual(message_short_string, expected_message_short_string)
def testFormatMessageShort(self):
"""Tests the _FormatMessageShort function."""
output_mediator = self._CreateOutputMediator()
test_helper = formatting_helper.FieldFormattingHelper(output_mediator)
event, event_data, event_data_stream = (
containers_test_lib.CreateEventFromValues(self._TEST_EVENTS[0]))
formatters_manager.FormattersManager.RegisterFormatter(
formatters_test_lib.TestEventFormatter)
try:
message_short_string = test_helper._FormatMessageShort(
event, event_data, event_data_stream)
finally:
formatters_manager.FormattersManager.DeregisterFormatter(
formatters_test_lib.TestEventFormatter)
expected_message_short_string = (
'Reporter <CRON> PID: 8442 (pam_unix(cron:session): session closed '
'for user root)')
self.assertEqual(message_short_string, expected_message_short_string)
def testFormatTimeZone(self):
"""Tests the _FormatTimeZone function."""
output_mediator = self._CreateOutputMediator()
test_helper = formatting_helper.FieldFormattingHelper(output_mediator)
# Test with event.date_time
event, event_data, event_data_stream = (
containers_test_lib.CreateEventFromValues(self._TEST_EVENTS[0]))
zone_string = test_helper._FormatTimeZone(event, event_data,
event_data_stream)
self.assertEqual(zone_string, 'UTC')
output_mediator.SetTimeZone('Europe/Amsterdam')
zone_string = test_helper._FormatTimeZone(event, event_data,
event_data_stream)
self.assertEqual(zone_string, 'CEST')
output_mediator.SetTimeZone('UTC')
event, event_data, event_data_stream = (
containers_test_lib.CreateEventFromValues(self._TEST_EVENTS[1]))
event.date_time._time_zone_offset = 120
zone_string = test_helper._FormatTimeZone(event, event_data,
event_data_stream)
self.assertEqual(zone_string, 'UTC')
# Test with event.is_local_time
event, event_data, event_data_stream = (
containers_test_lib.CreateEventFromValues(self._TEST_EVENTS[0]))
event.timestamp -= 120 * 60 * 1000000
event.date_time.is_local_time = True
zone_string = test_helper._FormatTimeZone(event, event_data,
event_data_stream)
self.assertEqual(zone_string, 'UTC')
