-
Notifications
You must be signed in to change notification settings - Fork 32
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
add: Add callbacks module to the vuln detector lib #2462
- Loading branch information
Showing
2 changed files
with
47 additions
and
21 deletions.
There are no files selected for viewing
47 changes: 47 additions & 0 deletions
47
deps/wazuh_testing/wazuh_testing/modules/vulnerability_detector/callbacks.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
import re | ||
|
||
from wazuh_testing.modules.vulnerability_detector import VULNERABILITY_DETECTOR_PREFIX | ||
|
||
|
||
def make_vuln_callback(pattern, prefix=VULNERABILITY_DETECTOR_PREFIX): | ||
"""Create a callback function from a text pattern. | ||
It already contains the vulnerability-detector prefix. | ||
Args: | ||
pattern (str): String to match on the log. | ||
prefix (str): regular expression used as prefix before the pattern. | ||
Returns: | ||
lambda: function that returns if there's a match in the file | ||
Examples: | ||
>>> callback_bionic_update_started = make_vuln_callback("Starting Ubuntu Bionic database update") | ||
""" | ||
pattern = r'\s+'.join(pattern.split()) | ||
regex = re.compile(r'{}{}'.format(prefix, pattern)) | ||
|
||
return lambda line: regex.match(line) is not None | ||
|
||
|
||
def callback_detect_vulnerability_scan_sleeping(line): | ||
msg = rf"{VULNERABILITY_DETECTOR_PREFIX} Sleeping for (.*)..." | ||
match = re.match(msg, line) | ||
|
||
return match.group(1) if match is not None else "" | ||
|
||
|
||
def callback_detect_vulnerability_detector_disabled(line): | ||
msg = rf"{VULNERABILITY_DETECTOR_PREFIX}DEBUG: Module disabled. Exiting..." | ||
match = re.match(msg, line) | ||
|
||
return match is not None | ||
|
||
|
||
def callback_detect_vulnerability_detector_enabled(line): | ||
msg = r'(.*)wazuh-modulesd:vulnerability-detector(.*)' | ||
match1 = re.match(msg, line) | ||
msg = r'(.*)DEBUG: Module disabled. Exiting...(.*)' | ||
match2 = re.match(msg, line) | ||
|
||
return match1 is not None and match2 is None |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters