From 5ac7de72ffcd488e08c255a5df84578a4d424163 Mon Sep 17 00:00:00 2001 From: jmv74211 Date: Thu, 8 Sep 2022 14:26:34 +0200 Subject: [PATCH] refactor(#2947): update fixture for setting local internal options --- tests/integration/conftest.py | 119 ++++++++++-------- .../test_analysisd/test_eps/conftest.py | 27 ---- .../test_eps/test_default_values.py | 8 +- .../test_analysisd/test_eps/test_disabled.py | 13 +- .../test_analysisd/test_eps/test_enabled.py | 7 +- .../test_eps/test_invalid_configuration.py | 7 +- .../test_eps/test_invalid_values.py | 8 +- .../test_eps/test_no_eps_configuration.py | 8 +- ...t_process_old_events_instead_new_events.py | 30 +++-- ...t_start_dropping_events_when_queue_full.py | 14 ++- ...start_queuing_events_when_limit_reached.py | 16 ++- .../test_eps/test_stop_processing_events.py | 15 ++- 12 files changed, 144 insertions(+), 128 deletions(-) diff --git a/tests/integration/conftest.py b/tests/integration/conftest.py index fdb1a180b8..b272aac5de 100644 --- a/tests/integration/conftest.py +++ b/tests/integration/conftest.py @@ -138,6 +138,14 @@ def restart_wazuh_daemon_after_finishing(daemon=None): control_service("restart", daemon=daemon) +@pytest.fixture(scope='function') +def restart_analysisd_function(): + """Restart wazuh-analysisd daemon before starting a test, and stop it after finishing""" + control_service('restart', daemon='wazuh-analysisd') + yield + control_service('stop', daemon='wazuh-analysisd') + + @pytest.fixture(scope='module') def reset_ossec_log(get_configuration, request): # Reset ossec.log and start a new monitor @@ -545,6 +553,67 @@ def connect_to_sockets_configuration(request, get_configuration): close_sockets(receiver_sockets) +@pytest.fixture(scope='module') +def configure_local_internal_options_module(request): + """Fixture to configure the local internal options file. + + It uses the test variable local_internal_options. This should be + a dictionary wich keys and values corresponds to the internal option configuration, For example: + local_internal_options = {'monitord.rotate_log': '0', 'syscheck.debug': '0' } + """ + try: + local_internal_options = request.param + except AttributeError: + try: + local_internal_options = getattr(request.module, 'local_internal_options') + except AttributeError: + logger.debug('local_internal_options is not set') + raise AttributeError('Error when using the fixture "configure_local_internal_options_module", no ' \ + 'parameter has been passed explicitly, nor is the variable local_internal_options ' \ + 'found in the module.') from AttributeError + + backup_local_internal_options = conf.get_local_internal_options_dict() + + logger.debug(f"Set local_internal_option to {str(local_internal_options)}") + conf.set_local_internal_options_dict(local_internal_options) + + yield local_internal_options + + logger.debug(f"Restore local_internal_option to {str(backup_local_internal_options)}") + conf.set_local_internal_options_dict(backup_local_internal_options) + + +@pytest.fixture(scope='function') +def configure_local_internal_options_function(request): + """Fixture to configure the local internal options file. + + It uses the test variable local_internal_options. This should be + a dictionary wich keys and values corresponds to the internal option configuration, For example: + local_internal_options = {'monitord.rotate_log': '0', 'syscheck.debug': '0' } + """ + try: + local_internal_options = request.param + except AttributeError: + try: + local_internal_options = getattr(request.module, 'local_internal_options') + except AttributeError: + logger.debug('local_internal_options is not set') + raise AttributeError('Error when using the fixture "configure_local_internal_options_module", no ' \ + 'parameter has been passed explicitly, nor is the variable local_internal_options ' \ + 'found in the module.') from AttributeError + + backup_local_internal_options = conf.get_local_internal_options_dict() + + logger.debug(f"Set local_internal_option to {str(local_internal_options)}") + conf.set_local_internal_options_dict(local_internal_options) + + yield + + logger.debug(f"Restore local_internal_option to {str(backup_local_internal_options)}") + conf.set_local_internal_options_dict(backup_local_internal_options) + + +# DEPRECATED @pytest.fixture(scope='module') def configure_local_internal_options(get_local_internal_options): """Configure Wazuh local internal options. @@ -911,31 +980,6 @@ def file_monitoring(request): logger.debug(f"Trucanted {file_to_monitor}") -@pytest.fixture(scope='module') -def configure_local_internal_options_module(request): - """Fixture to configure the local internal options file. - - It uses the test variable local_internal_options. This should be - a dictionary wich keys and values corresponds to the internal option configuration, For example: - local_internal_options = {'monitord.rotate_log': '0', 'syscheck.debug': '0' } - """ - try: - local_internal_options = getattr(request.module, 'local_internal_options') - except AttributeError as local_internal_configuration_not_set: - logger.debug('local_internal_options is not set') - raise local_internal_configuration_not_set - - backup_local_internal_options = conf.get_local_internal_options_dict() - - logger.debug(f"Set local_internal_option to {str(local_internal_options)}") - conf.set_local_internal_options_dict(local_internal_options) - - yield - - logger.debug(f"Restore local_internal_option to {str(backup_local_internal_options)}") - conf.set_local_internal_options_dict(backup_local_internal_options) - - @pytest.fixture(scope='function') def set_wazuh_configuration(configuration): """Set wazuh configuration @@ -961,31 +1005,6 @@ def set_wazuh_configuration(configuration): conf.write_wazuh_conf(backup_config) -@pytest.fixture(scope='function') -def configure_local_internal_options_function(request): - """Fixture to configure the local internal options file. - - It uses the test variable local_internal_options. This should be - a dictionary wich keys and values corresponds to the internal option configuration, For example: - local_internal_options = {'monitord.rotate_log': '0', 'syscheck.debug': '0' } - """ - try: - local_internal_options = getattr(request.module, 'local_internal_options') - except AttributeError as local_internal_configuration_not_set: - logger.debug('local_internal_options is not set') - raise local_internal_configuration_not_set - - backup_local_internal_options = conf.get_local_internal_options_dict() - - logger.debug(f"Set local_internal_option to {str(local_internal_options)}") - conf.set_local_internal_options_dict(local_internal_options) - - yield - - logger.debug(f"Restore local_internal_option to {str(backup_local_internal_options)}") - conf.set_local_internal_options_dict(backup_local_internal_options) - - @pytest.fixture(scope='function') def truncate_monitored_files(): """Truncate all the log files and json alerts files before and after the test execution""" diff --git a/tests/integration/test_analysisd/test_eps/conftest.py b/tests/integration/test_analysisd/test_eps/conftest.py index e69e4a456b..8ae42e3093 100644 --- a/tests/integration/test_analysisd/test_eps/conftest.py +++ b/tests/integration/test_analysisd/test_eps/conftest.py @@ -9,33 +9,6 @@ from wazuh_testing.tools.run_simulator import simulate_agent,syslog_simulator -@pytest.fixture(scope='function') -def restart_analysisd_function(): - """Restart wazuh-analysisd daemon before starting a test, and stop it after finishing""" - control_service('restart', daemon='wazuh-analysisd') - yield - control_service('stop', daemon='wazuh-analysisd') - - -@pytest.fixture(scope='module') -def configure_local_internal_options_eps(request): - """Fixture to configure the local internal options file.""" - # Define local internal options for EPS tests - local_internal_options = {'wazuh_modules.debug': '2', 'monitord.rotate_log': '0', - 'analysisd.state_interval': f"{request.param[0]}"} - - # Backup the old local internal options - backup_local_internal_options = configuration.get_wazuh_local_internal_options() - - # Set the new local internal options configuration - configuration.set_wazuh_local_internal_options(configuration.create_local_internal_options(local_internal_options)) - - yield - - # Backup the old local internal options cofiguration - configuration.set_wazuh_local_internal_options(backup_local_internal_options) - - @pytest.fixture(scope='function') def set_wazuh_configuration_analysisd(configuration, set_wazuh_configuration, configure_local_internal_options_eps): """Set wazuh configuration diff --git a/tests/integration/test_analysisd/test_eps/test_default_values.py b/tests/integration/test_analysisd/test_eps/test_default_values.py index 0a064f1138..615b6767df 100644 --- a/tests/integration/test_analysisd/test_eps/test_default_values.py +++ b/tests/integration/test_analysisd/test_eps/test_default_values.py @@ -11,6 +11,8 @@ # Global variables TIMEFRAME_DEFAULT_VALUE = 10 +local_internal_options = {'wazuh_modules.debug': '2', 'monitord.rotate_log': '0', + 'analysisd.state_interval': f"{ANALYSISD_STATE_INTERNAL_DEFAULT}"} # Reference paths TEST_DATA_PATH = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'data') @@ -29,9 +31,9 @@ @pytest.mark.tier(level=0) @pytest.mark.parametrize('configuration, metadata', zip(t1_configurations, t1_configuration_metadata), ids=t1_case_ids) -@pytest.mark.parametrize('configure_local_internal_options_eps', [ANALYSISD_STATE_INTERNAL_DEFAULT], indirect=True) -def test_without_timeframe(configuration, metadata, load_wazuh_basic_configuration, set_wazuh_configuration_analysisd, - truncate_monitored_files, restart_wazuh_daemon_function): +def test_without_timeframe(configuration, metadata, load_wazuh_basic_configuration, set_wazuh_configuration, + configure_local_internal_options_module, truncate_monitored_files, + restart_wazuh_daemon_function): ''' description: Check that limits EPS is started when `maximum` is set to a value greater than 0 lower and than 100000, and `timeframe` is not present. In this case, 'timeframe' will be set with a default value. diff --git a/tests/integration/test_analysisd/test_eps/test_disabled.py b/tests/integration/test_analysisd/test_eps/test_disabled.py index 2e96b5861e..3c68b88725 100644 --- a/tests/integration/test_analysisd/test_eps/test_disabled.py +++ b/tests/integration/test_analysisd/test_eps/test_disabled.py @@ -13,6 +13,8 @@ TEST_DATA_PATH = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'data') CONFIGURATIONS_PATH = os.path.join(TEST_DATA_PATH, 'configuration_template') TEST_CASES_PATH = os.path.join(TEST_DATA_PATH, 'test_cases') +local_internal_options = {'wazuh_modules.debug': '2', 'monitord.rotate_log': '0', + 'analysisd.state_interval': f"{ANALYSISD_STATE_INTERNAL_DEFAULT}"} # Configuration and cases data t1_configurations_path = os.path.join(CONFIGURATIONS_PATH, 'configuration_disabled.yaml') @@ -34,9 +36,8 @@ @pytest.mark.tier(level=0) @pytest.mark.parametrize('configuration, metadata', zip(t1_configurations, t1_configuration_metadata), ids=t1_case_ids) -@pytest.mark.parametrize('configure_local_internal_options_eps', [ANALYSISD_STATE_INTERNAL_DEFAULT], indirect=True) -def test_disabled(configuration, metadata, load_wazuh_basic_configuration, set_wazuh_configuration_analysisd, - truncate_monitored_files, restart_wazuh_daemon_function): +def test_disabled(configuration, metadata, load_wazuh_basic_configuration, set_wazuh_configuration, + configure_local_internal_options_module, truncate_monitored_files, restart_wazuh_daemon_function): ''' description: Check that limits EPS is not started when `maximum` is set to a value equal to 0, or with an empty value, and `timeframe` is set to a value greater than 0 and lower than 3600. @@ -90,9 +91,9 @@ def test_disabled(configuration, metadata, load_wazuh_basic_configuration, set_w @pytest.mark.tier(level=0) @pytest.mark.parametrize('configuration, metadata', zip(t2_configurations, t2_configuration_metadata), ids=t2_case_ids) -@pytest.mark.parametrize('configure_local_internal_options_eps', [ANALYSISD_STATE_INTERNAL_DEFAULT], indirect=True) -def test_without_maximum(configuration, metadata, load_wazuh_basic_configuration, set_wazuh_configuration_analysisd, - truncate_monitored_files, restart_wazuh_daemon_function): +def test_without_maximum(configuration, metadata, load_wazuh_basic_configuration, set_wazuh_configuration, + configure_local_internal_options_module, truncate_monitored_files, + restart_wazuh_daemon_function): ''' description: Check that limits EPS is not started when `maximum` value is not present in the configuration file. diff --git a/tests/integration/test_analysisd/test_eps/test_enabled.py b/tests/integration/test_analysisd/test_eps/test_enabled.py index 4a9aa54a73..0d87370d25 100644 --- a/tests/integration/test_analysisd/test_eps/test_enabled.py +++ b/tests/integration/test_analysisd/test_eps/test_enabled.py @@ -13,6 +13,8 @@ TEST_DATA_PATH = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'data') CONFIGURATIONS_PATH = os.path.join(TEST_DATA_PATH, 'configuration_template') TEST_CASES_PATH = os.path.join(TEST_DATA_PATH, 'test_cases') +local_internal_options = {'wazuh_modules.debug': '2', 'monitord.rotate_log': '0', + 'analysisd.state_interval': f"{ANALYSISD_STATE_INTERNAL_DEFAULT}"} # Configuration and cases data configurations_path = os.path.join(CONFIGURATIONS_PATH, 'configuration_enabled.yaml') @@ -26,9 +28,8 @@ @pytest.mark.tier(level=0) @pytest.mark.parametrize('configuration, metadata', zip(t1_configurations, t1_configuration_metadata), ids=t1_case_ids) -@pytest.mark.parametrize('configure_local_internal_options_eps', [ANALYSISD_STATE_INTERNAL_DEFAULT], indirect=True) -def test_enabled(configuration, metadata, load_wazuh_basic_configuration, set_wazuh_configuration_analysisd, - truncate_monitored_files, restart_wazuh_daemon_function): +def test_enabled(configuration, metadata, load_wazuh_basic_configuration, set_wazuh_configuration, + configure_local_internal_options_module, truncate_monitored_files, restart_wazuh_daemon_function): ''' description: Check that limits EPS is started when `maximum` is set to a value greater than 0 lower and than 100000, and `timeframe` is set to a value greater than 0 and lower than 3600. diff --git a/tests/integration/test_analysisd/test_eps/test_invalid_configuration.py b/tests/integration/test_analysisd/test_eps/test_invalid_configuration.py index a6cdd456c3..4b87b4eabe 100644 --- a/tests/integration/test_analysisd/test_eps/test_invalid_configuration.py +++ b/tests/integration/test_analysisd/test_eps/test_invalid_configuration.py @@ -14,6 +14,8 @@ TEST_DATA_PATH = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'data') CONFIGURATIONS_PATH = os.path.join(TEST_DATA_PATH, 'configuration_template') TEST_CASES_PATH = os.path.join(TEST_DATA_PATH, 'test_cases') +local_internal_options = {'wazuh_modules.debug': '2', 'monitord.rotate_log': '0', + 'analysisd.state_interval': f"{ANALYSISD_STATE_INTERNAL_DEFAULT}"} # Configuration and cases data t1_configurations_path = os.path.join(CONFIGURATIONS_PATH, 'configuration_without_timeframe_maximum.yaml') @@ -27,10 +29,9 @@ @pytest.mark.tier(level=0) @pytest.mark.parametrize('configuration, metadata', zip(t1_configurations, t1_configuration_metadata), ids=t1_case_ids) -@pytest.mark.parametrize('configure_local_internal_options_eps', [ANALYSISD_STATE_INTERNAL_DEFAULT], indirect=True) def test_without_timeframe_maximum(configuration, metadata, load_wazuh_basic_configuration, - set_wazuh_configuration_analysisd, truncate_monitored_files, - restart_wazuh_daemon_after_finishing): + set_wazuh_configuration, configure_local_internal_options_module, + truncate_monitored_files, restart_wazuh_daemon_after_finishing): ''' description: Check that wazuh manager is not started when `maximum` and `timeframe` are not present in the configuration file. diff --git a/tests/integration/test_analysisd/test_eps/test_invalid_values.py b/tests/integration/test_analysisd/test_eps/test_invalid_values.py index 8b6c607dbe..6d147a54c2 100644 --- a/tests/integration/test_analysisd/test_eps/test_invalid_values.py +++ b/tests/integration/test_analysisd/test_eps/test_invalid_values.py @@ -14,6 +14,8 @@ TEST_DATA_PATH = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'data') CONFIGURATIONS_PATH = os.path.join(TEST_DATA_PATH, 'configuration_template') TEST_CASES_PATH = os.path.join(TEST_DATA_PATH, 'test_cases') +local_internal_options = {'wazuh_modules.debug': '2', 'monitord.rotate_log': '0', + 'analysisd.state_interval': f"{ANALYSISD_STATE_INTERNAL_DEFAULT}"} # Configuration and cases data configurations_path = os.path.join(CONFIGURATIONS_PATH, 'configuration_invalid_values.yaml') @@ -28,9 +30,9 @@ @pytest.mark.tier(level=0) @pytest.mark.parametrize('configuration, metadata', zip(t1_configurations, t1_configuration_metadata), ids=t1_case_ids) -@pytest.mark.parametrize('configure_local_internal_options_eps', [ANALYSISD_STATE_INTERNAL_DEFAULT], indirect=True) -def test_invalid_values(configuration, metadata, load_wazuh_basic_configuration, set_wazuh_configuration_analysisd, - truncate_monitored_files, restart_wazuh_daemon_after_finishing): +def test_invalid_values(configuration, metadata, load_wazuh_basic_configuration, set_wazuh_configuration, + configure_local_internal_options_module, truncate_monitored_files, + restart_wazuh_daemon_after_finishing): ''' description: Check that wazuh manager is not started when an invalid value is set to `maximum` and/or `timeframe`. diff --git a/tests/integration/test_analysisd/test_eps/test_no_eps_configuration.py b/tests/integration/test_analysisd/test_eps/test_no_eps_configuration.py index 24482546f4..23fe678614 100644 --- a/tests/integration/test_analysisd/test_eps/test_no_eps_configuration.py +++ b/tests/integration/test_analysisd/test_eps/test_no_eps_configuration.py @@ -14,6 +14,8 @@ # Simulate agent configuration configurations_simulate_agent_path = os.path.join(TEST_DATA_PATH, 'configuration_simulate_agent.yaml') +local_internal_options = {'wazuh_modules.debug': '2', 'monitord.rotate_log': '0', + 'analysisd.state_interval': f"{ANALYSISD_STATE_INTERNAL_DEFAULT}"} # Get simulate agent configurations (t1) params_disabled_eps = get_simulate_agent_configuration(configurations_simulate_agent_path) @@ -22,8 +24,7 @@ @pytest.mark.tier(level=0) -@pytest.mark.parametrize('configure_local_internal_options_eps', [ANALYSISD_STATE_INTERNAL_DEFAULT], indirect=True) -def test_disabled(load_wazuh_basic_configuration, configure_local_internal_options_eps, +def test_disabled(load_wazuh_basic_configuration, configure_local_internal_options_module, truncate_monitored_files, restart_wazuh_daemon_function): ''' description: Check that limits EPS is disabled when it is not configured. @@ -59,9 +60,8 @@ def test_disabled(load_wazuh_basic_configuration, configure_local_internal_optio @pytest.mark.tier(level=0) -@pytest.mark.parametrize('configure_local_internal_options_eps', [ANALYSISD_STATE_INTERNAL_DEFAULT], indirect=True) @pytest.mark.parametrize('simulate_agent_function', [params_disabled_eps], indirect=True) -def test_without_eps_setting(load_wazuh_basic_configuration, configure_local_internal_options_eps, +def test_without_eps_setting(load_wazuh_basic_configuration, configure_local_internal_options_module, truncate_monitored_files, restart_wazuh_daemon_function, simulate_agent_function): ''' description: Check that limits EPS is disabled when it is not configured and the received events are similar or diff --git a/tests/integration/test_analysisd/test_eps/test_process_old_events_instead_new_events.py b/tests/integration/test_analysisd/test_eps/test_process_old_events_instead_new_events.py index 1c630498ec..ccfdb98004 100644 --- a/tests/integration/test_analysisd/test_eps/test_process_old_events_instead_new_events.py +++ b/tests/integration/test_analysisd/test_eps/test_process_old_events_instead_new_events.py @@ -5,7 +5,7 @@ from wazuh_testing.tools.configuration import load_configuration_template, get_test_cases_data, \ get_syslog_simulator_configuration -from wazuh_testing.modules.analysisd import event_monitor as evm +from wazuh_testing.modules.eps import event_monitor as evm from wazuh_testing.tools.monitoring import FileMonitor from wazuh_testing.tools.run_simulator import syslog_simulator from wazuh_testing.tools import ALERT_FILE_PATH @@ -19,7 +19,6 @@ PATTERN_C = 'CCCC' SYSLOG_CUSTOM_MESSAGE = f"Login failed: admin, test {PATTERN_A}, Message number:" - # Reference paths TEST_DATA_PATH = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'data') CONFIGURATIONS_PATH = os.path.join(TEST_DATA_PATH, 'configuration_template') @@ -43,7 +42,11 @@ # Get simulate agent configurations (t1) params_process_old_events_one_thread = get_syslog_simulator_configuration(configurations_syslog_simulator_path) -timeframe_eps_t1 = [metadata['timeframe'] for metadata in t1_configuration_metadata] +local_internal_configuration_t1 = [ + {'wazuh_modules.debug': '2', 'monitord.rotate_log': '0', 'analysisd.state_interval': metadata['timeframe']} + for metadata in t1_configuration_metadata +] + num_messages = 150 params_process_old_events_one_thread.update({'num_messages': num_messages}) params_process_old_events_one_thread.update({'message': f"\"{SYSLOG_CUSTOM_MESSAGE}\""}) @@ -52,15 +55,18 @@ # Get syslog simulator configurations (t2) params_process_old_events_multithread = get_syslog_simulator_configuration(configurations_syslog_simulator_path) -timeframe_eps_t2 = [metadata['timeframe'] for metadata in t2_configuration_metadata] +local_internal_configuration_t2 = [ + {'wazuh_modules.debug': '2', 'monitord.rotate_log': '0', 'analysisd.state_interval': metadata['timeframe']} + for metadata in t2_configuration_metadata +] @pytest.mark.tier(level=0) @pytest.mark.parametrize('configuration, metadata', zip(t1_configurations, t1_configuration_metadata), ids=t1_case_ids) -@pytest.mark.parametrize('configure_local_internal_options_eps', [timeframe_eps_t1], indirect=True) +@pytest.mark.parametrize('configure_local_internal_options_module', local_internal_configuration_t1, indirect=True) @pytest.mark.parametrize('syslog_simulator_function', [params_process_old_events_one_thread], indirect=True) def test_process_old_events_one_thread(configuration, metadata, load_wazuh_basic_configuration, - set_wazuh_configuration_analysisd, configure_wazuh_one_thread, + configure_local_internal_options_module, configure_wazuh_one_thread, truncate_monitored_files, restart_wazuh_daemon_function, syslog_simulator_function): ''' @@ -138,10 +144,10 @@ def test_process_old_events_one_thread(configuration, metadata, load_wazuh_basic @pytest.mark.tier(level=0) @pytest.mark.parametrize('configuration, metadata', zip(t2_configurations, t2_configuration_metadata), ids=t2_case_ids) -@pytest.mark.parametrize('configure_local_internal_options_eps', [timeframe_eps_t2], indirect=True) +@pytest.mark.parametrize('configure_local_internal_options_module', local_internal_configuration_t2, indirect=True) def test_process_old_events_multi_thread(configuration, metadata, load_wazuh_basic_configuration, - set_wazuh_configuration_analysisd, truncate_monitored_files, - restart_wazuh_daemon_function): + set_wazuh_configuration, configure_local_internal_options_module, + truncate_monitored_files, restart_wazuh_daemon_function): ''' description: Check that `wazuh-analysisd` processes queued events first instead of new events. To do this, it is sent three groups of messages with different content per groups (A, B and C). Then, it checks that @@ -193,7 +199,7 @@ def test_process_old_events_multi_thread(configuration, metadata, load_wazuh_bas custom_message = SYSLOG_CUSTOM_MESSAGE params_process_old_events_multithread.update({'message': f"\"{custom_message}\""}) syslog_simulator(params_process_old_events_multithread) - sleep(timeframe_eps_t2[0] / 2) + sleep(metadata['timeframe'] / 2) # Create a filemonitor file_monitor = FileMonitor(ALERT_FILE_PATH) # Get total PATTERN_A messages @@ -203,7 +209,7 @@ def test_process_old_events_multi_thread(configuration, metadata, load_wazuh_bas custom_message = custom_message.replace(PATTERN_A, PATTERN_B) params_process_old_events_multithread.update({'message': f"\"{custom_message}\""}) syslog_simulator(params_process_old_events_multithread) - sleep(timeframe_eps_t2[0] / 2) + sleep(metadata['timeframe'] / 2) # Get total PATTERN_B messages total_msg_list.append(evm.get_messages_info(file_monitor, regex, messages_sent)) @@ -211,7 +217,7 @@ def test_process_old_events_multi_thread(configuration, metadata, load_wazuh_bas custom_message = custom_message.replace(PATTERN_B, PATTERN_C) params_process_old_events_multithread.update({'message': f"\"{custom_message}\""}) syslog_simulator(params_process_old_events_multithread) - sleep(timeframe_eps_t2[0] / 2) + sleep(metadata['timeframe'] / 2) # Get total PATTERN_C messages total_msg_list.append(evm.get_messages_info(file_monitor, regex, messages_sent)) # Check messages order pattern diff --git a/tests/integration/test_analysisd/test_eps/test_start_dropping_events_when_queue_full.py b/tests/integration/test_analysisd/test_eps/test_start_dropping_events_when_queue_full.py index 56b014a0db..3518df8ef1 100644 --- a/tests/integration/test_analysisd/test_eps/test_start_dropping_events_when_queue_full.py +++ b/tests/integration/test_analysisd/test_eps/test_start_dropping_events_when_queue_full.py @@ -4,7 +4,7 @@ from wazuh_testing.tools.configuration import load_configuration_template, get_test_cases_data, \ get_simulate_agent_configuration -from wazuh_testing.modules.analysisd import event_monitor as evm +from wazuh_testing.modules.eps import event_monitor as evm from wazuh_testing.modules.analysisd import PERCENTAGE_PROCESS_MSGS, QUEUE_SIZE @@ -29,19 +29,23 @@ # Get simulate agent configurations (t1) params_start_dropping_events_when_queue_full = get_simulate_agent_configuration(configurations_simulate_agent_path) -timeframe_eps_t1 = [metadata['timeframe'] for metadata in t1_configuration_metadata] num_messages = 16500 # of 1Kb message of 16384 Kb of queue size. Total dropped aproximatelly 116 expected_msg_dropped = num_messages - QUEUE_SIZE params_start_dropping_events_when_queue_full.update({'num_messages': num_messages}) +local_internal_configuration_t1 = [ + {'wazuh_modules.debug': '2', 'monitord.rotate_log': '0', 'analysisd.state_interval': metadata['timeframe']} + for metadata in t1_configuration_metadata +] @pytest.mark.tier(level=0) @pytest.mark.parametrize('configuration, metadata', zip(t1_configurations, t1_configuration_metadata), ids=t1_case_ids) -@pytest.mark.parametrize('configure_local_internal_options_eps', [timeframe_eps_t1], indirect=True) +@pytest.mark.parametrize('configure_local_internal_options_module', local_internal_configuration_t1, indirect=True) @pytest.mark.parametrize('simulate_agent_function', [params_start_dropping_events_when_queue_full], indirect=True) def test_start_dropping_events_when_queue_full(configuration, metadata, load_wazuh_basic_configuration, - set_wazuh_configuration_analysisd, truncate_monitored_files, - restart_wazuh_daemon_function, simulate_agent_function): + set_wazuh_configuration, configure_local_internal_options_module, + truncate_monitored_files, restart_wazuh_daemon_function, + simulate_agent_function): ''' description: Check that the `events_dropped` value in the `/var/ossec/var/run/wazuh-analysisd.state` file must be greater than 1 and, `event_queue_usage` is equal to 1 diff --git a/tests/integration/test_analysisd/test_eps/test_start_queuing_events_when_limit_reached.py b/tests/integration/test_analysisd/test_eps/test_start_queuing_events_when_limit_reached.py index a15ac39a66..e75a59151d 100644 --- a/tests/integration/test_analysisd/test_eps/test_start_queuing_events_when_limit_reached.py +++ b/tests/integration/test_analysisd/test_eps/test_start_queuing_events_when_limit_reached.py @@ -4,7 +4,7 @@ from wazuh_testing.tools.configuration import load_configuration_template, get_test_cases_data, \ get_simulate_agent_configuration -from wazuh_testing.modules.analysisd import event_monitor as evm +from wazuh_testing.modules.eps import event_monitor as evm from wazuh_testing.modules.analysisd import PERCENTAGE_PROCESS_MSGS, QUEUE_SIZE @@ -33,18 +33,22 @@ # Get simulate agent configurations (t1) params_start_queuing_events_when_limit_reached = get_simulate_agent_configuration(configurations_simulate_agent_path) maximum_eps = [metadata['maximum'] for metadata in t1_configuration_metadata] -timeframe_eps_t1 = [metadata['timeframe'] for metadata in t1_configuration_metadata] -num_messages = maximum_eps[0] * timeframe_eps_t1[0] + int(QUEUE_SIZE / 2) +local_internal_configuration_t1 = [ + {'wazuh_modules.debug': '2', 'monitord.rotate_log': '0', 'analysisd.state_interval': metadata['timeframe']} + for metadata in t1_configuration_metadata +] +num_messages = maximum_eps[0] * t1_configuration_metadata[0]['timeframe'] + int(QUEUE_SIZE / 2) params_start_queuing_events_when_limit_reached.update({'num_messages': num_messages}) @pytest.mark.tier(level=0) @pytest.mark.parametrize('configuration, metadata', zip(t1_configurations, t1_configuration_metadata), ids=t1_case_ids) -@pytest.mark.parametrize('configure_local_internal_options_eps', [timeframe_eps_t1], indirect=True) +@pytest.mark.parametrize('configure_local_internal_options_module', local_internal_configuration_t1, indirect=True) @pytest.mark.parametrize('simulate_agent_function', [params_start_queuing_events_when_limit_reached], indirect=True) def test_start_queuing_events_when_limit_reached(configuration, metadata, load_wazuh_basic_configuration, - set_wazuh_configuration_analysisd, truncate_monitored_files, - restart_wazuh_daemon_function, simulate_agent_function): + set_wazuh_configuration, configure_local_internal_options_module, + truncate_monitored_files, restart_wazuh_daemon_function, + simulate_agent_function): ''' description: Check that the `events_processed` value in the `/var/ossec/var/run/wazuh-analysisd.state` file must be lower or equal than `maximum` * `timeframe` and, the `events_received` value must be greater than diff --git a/tests/integration/test_analysisd/test_eps/test_stop_processing_events.py b/tests/integration/test_analysisd/test_eps/test_stop_processing_events.py index e6285aa020..f2209e2ea2 100644 --- a/tests/integration/test_analysisd/test_eps/test_stop_processing_events.py +++ b/tests/integration/test_analysisd/test_eps/test_stop_processing_events.py @@ -4,7 +4,7 @@ from wazuh_testing.tools.configuration import load_configuration_template, get_test_cases_data, \ get_simulate_agent_configuration -from wazuh_testing.modules.analysisd import event_monitor as evm +from wazuh_testing.modules.eps import event_monitor as evm from wazuh_testing.modules.analysisd import PERCENTAGE_PROCESS_MSGS @@ -29,20 +29,23 @@ # Get simulate agent configurations (t1) params_stop_processing_events = get_simulate_agent_configuration(configurations_simulate_agent_path) maximum_eps = [metadata['maximum'] for metadata in t1_configuration_metadata] -timeframe_eps_t1 = [metadata['timeframe'] for metadata in t1_configuration_metadata] # It is sent `width_frame` time frame width to reduce test time execution width_frame = 3 -num_messages = maximum_eps[0] * timeframe_eps_t1[0] * width_frame +local_internal_configuration_t1 = [ + {'wazuh_modules.debug': '2', 'monitord.rotate_log': '0', 'analysisd.state_interval': metadata['timeframe']} + for metadata in t1_configuration_metadata +] +num_messages = maximum_eps[0] * t1_configuration_metadata[0]['timeframe'] * width_frame params_stop_processing_events.update({'num_messages': num_messages}) @pytest.mark.tier(level=0) @pytest.mark.parametrize('configuration, metadata', zip(t1_configurations, t1_configuration_metadata), ids=t1_case_ids) -@pytest.mark.parametrize('configure_local_internal_options_eps', [timeframe_eps_t1], indirect=True) +@pytest.mark.parametrize('configure_local_internal_options_module', local_internal_configuration_t1, indirect=True) @pytest.mark.parametrize('simulate_agent_function', [params_stop_processing_events], indirect=True) def test_stops_processing_events(configuration, metadata, load_wazuh_basic_configuration, - set_wazuh_configuration_analysisd, truncate_monitored_files, - restart_wazuh_daemon_function, simulate_agent_function): + set_wazuh_configuration, configure_local_internal_options_module, + truncate_monitored_files, restart_wazuh_daemon_function, simulate_agent_function): ''' description: Check that the `events_processed` value in the `/var/ossec/var/run/wazuh-analysisd.state` file must be lower or equal than `maximum` * `timeframe`