diff --git a/deps/wazuh_testing/wazuh_testing/__init__.py b/deps/wazuh_testing/wazuh_testing/__init__.py index 70ff66a10b..a5cc547dd0 100644 --- a/deps/wazuh_testing/wazuh_testing/__init__.py +++ b/deps/wazuh_testing/wazuh_testing/__init__.py @@ -19,6 +19,7 @@ WAZUH_PATH = os.path.join("/var", "ossec") +WAZUH_CONF_PATH = os.path.join(WAZUH_PATH, 'etc', 'ossec.conf') WAZUH_LOGS_PATH = os.path.join(WAZUH_PATH, 'logs') CLIENT_KEYS_PATH = os.path.join(WAZUH_PATH, 'etc' if platform.system() == 'Linux' else '', 'client.keys') DB_PATH = os.path.join(WAZUH_PATH, 'queue', 'db') diff --git a/tests/integration/test_analysisd/test_eps/data/configuration_template/basic_test_module/configuration_disabled.yaml b/tests/integration/test_analysisd/test_eps/data/configuration_template/basic_test_module/configuration_disabled.yaml new file mode 100644 index 0000000000..3f3f7143e2 --- /dev/null +++ b/tests/integration/test_analysisd/test_eps/data/configuration_template/basic_test_module/configuration_disabled.yaml @@ -0,0 +1,5 @@ +- sections: + - section: vulnerability-detector + elements: + - enabled: + value: 'no' diff --git a/tests/integration/test_analysisd/test_eps/data/configuration_template/basic_test_module/configuration_enabled.yaml b/tests/integration/test_analysisd/test_eps/data/configuration_template/basic_test_module/configuration_enabled.yaml new file mode 100644 index 0000000000..abca5be254 --- /dev/null +++ b/tests/integration/test_analysisd/test_eps/data/configuration_template/basic_test_module/configuration_enabled.yaml @@ -0,0 +1,11 @@ +- sections: + - section: global + elements: + - limits: + elements: + - eps: + elements: + - maximum: + value: MAXIMUM + - timeframe: + value: TIMEFRAME diff --git a/tests/integration/test_analysisd/test_eps/data/test_cases/cases_disabled.yaml b/tests/integration/test_analysisd/test_eps/data/test_cases/cases_disabled.yaml index 033cea9389..e62768a272 100644 --- a/tests/integration/test_analysisd/test_eps/data/test_cases/cases_disabled.yaml +++ b/tests/integration/test_analysisd/test_eps/data/test_cases/cases_disabled.yaml @@ -1,8 +1,8 @@ -- name: EPS Limits disabled +- name: no configuration block description: EPS Limits disabled configuration_parameters: MAXIMUM: '0' - TIMEFRAME: '5' + TIMEFRAME: '0' metadata: maximum: 0 - timeframe: 5 + timeframe: 0 diff --git a/tests/integration/test_analysisd/test_eps/data/test_cases/cases_enabled.yaml b/tests/integration/test_analysisd/test_eps/data/test_cases/cases_enabled.yaml index e08ad87780..1d9de44ea6 100644 --- a/tests/integration/test_analysisd/test_eps/data/test_cases/cases_enabled.yaml +++ b/tests/integration/test_analysisd/test_eps/data/test_cases/cases_enabled.yaml @@ -1,26 +1,8 @@ -- name: EPS Limits enabled +- name: maximum 20 - timeframe 5 description: EPS Limits enabled configuration_parameters: - MAXIMUM: '10' + MAXIMUM: '20' TIMEFRAME: '5' metadata: - maximum: 10 + maximum: 20 timeframe: 5 - -- name: EPS Limits enabled - description: EPS Limits enabled - configuration_parameters: - MAXIMUM: '500' - TIMEFRAME: '30' - metadata: - maximum: 500 - timeframe: 30 - -- name: EPS Limits enabled - description: EPS Limits enabled - configuration_parameters: - MAXIMUM: '1500' - TIMEFRAME: '120' - metadata: - maximum: 1500 - timeframe: 120 diff --git a/tests/integration/test_analysisd/test_eps/test_basic.py b/tests/integration/test_analysisd/test_eps/test_basic.py new file mode 100644 index 0000000000..8a76d80a62 --- /dev/null +++ b/tests/integration/test_analysisd/test_eps/test_basic.py @@ -0,0 +1,57 @@ +import os +import pytest + +from wazuh_testing.tools.configuration import load_configuration_template, get_test_cases_data +from wazuh_testing.modules.analysisd import event_monitor as evm +from wazuh_testing.modules.analysisd import ANALYSISD_STATE_INTERNAL_DEFAULT +from wazuh_testing.processes import check_if_daemons_are_running + +pytestmark = [pytest.mark.server] + + +# Generic vars +TEST_DATA_PATH = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'data') +CONFIGURATIONS_PATH = os.path.join(TEST_DATA_PATH, 'configuration_template', 'basic_test_module') +TEST_CASES_PATH = os.path.join(TEST_DATA_PATH, 'test_cases', 'basic_test_module') +local_internal_options = {'wazuh_modules.debug': '2', 'monitord.rotate_log': '0', + 'analysisd.state_interval': f"{ANALYSISD_STATE_INTERNAL_DEFAULT}"} + +# ------------------------------- TEST_ENABLED ------------------------------------------------------------------------- +# Configuration and cases data +configurations_path = os.path.join(CONFIGURATIONS_PATH, 'configuration_enabled.yaml') +t1_cases_path = os.path.join(TEST_CASES_PATH, 'cases_enabled.yaml') + +# Enabled test configurations (t1) +t1_configuration_parameters, t1_configuration_metadata, t1_case_ids = get_test_cases_data(t1_cases_path) +t1_configurations = load_configuration_template(configurations_path, t1_configuration_parameters, + t1_configuration_metadata) + +# ------------------------------- TEST_DISABLED ------------------------------------------------------------------------ +# Configuration and cases data +t2_configurations_path = os.path.join(CONFIGURATIONS_PATH, 'configuration_disabled.yaml') +t2_cases_path = os.path.join(TEST_CASES_PATH, 'cases_disabled.yaml') + +# Disabled test configurations (t2) +t2_configuration_parameters, t2_configuration_metadata, t2_case_ids = get_test_cases_data(t2_cases_path) +t2_configurations = load_configuration_template(t2_configurations_path, t2_configuration_parameters, + t2_configuration_metadata) + + +@pytest.mark.tier(level=0) +@pytest.mark.parametrize('configuration, metadata', zip(t1_configurations, t1_configuration_metadata), ids=t1_case_ids) +def test_enabled(configuration, metadata, load_wazuh_basic_configuration, set_wazuh_configuration, + configure_local_internal_options_module, truncate_monitored_files, restart_wazuh_daemon_function): + evm.check_eps_enabled(metadata['maximum'], metadata['timeframe']) + + # Check that wazuh-analysisd is running + assert check_if_daemons_are_running(['wazuh-analysisd'])[0], 'wazuh-analysisd is not running. Maybe it has crashed' + + +@pytest.mark.tier(level=0) +@pytest.mark.parametrize('configuration, metadata', zip(t2_configurations, t2_configuration_metadata), ids=t2_case_ids) +def test_disabled(configuration, metadata, load_wazuh_basic_configuration, set_wazuh_configuration, + configure_local_internal_options_module, truncate_monitored_files, restart_wazuh_daemon_function): + evm.check_eps_disabled() + + # Check that wazuh-analysisd is running + assert check_if_daemons_are_running(['wazuh-analysisd'])[0], 'wazuh-analysisd is not running. Maybe it has crashed'