Merge pull request #2478 from wazuh/2353-refactor-registry-file-limit

IT FIM- Refactor Registry file limit tests

deps/wazuh_testing/wazuh_testing/fim_module/fim_variables.py

@@ -13,52 +13,58 @@
 # Variables
 SIZE_LIMIT_CONFIGURED_VALUE = 10 * 1024
 
-# Key variables
+# Key Variables
 WINDOWS_HKEY_LOCAL_MACHINE = 'HKEY_LOCAL_MACHINE'
 MONITORED_KEY = 'SOFTWARE\\random_key'
 MONITORED_KEY_2 = "SOFTWARE\\Classes\\random_key_2"
 WINDOWS_REGISTRY = 'WINDOWS_REGISTRY'
 
 
-# Value key
+# Value Key
 SYNC_INTERVAL = 'SYNC_INTERVAL'
 SYNC_INTERVAL_VALUE = MAX_EVENTS_VALUE = 20
 
 
-# Folders variables
+# Folder Variables
 TEST_DIR_1 = 'testdir1'
 TEST_DIRECTORIES = 'TEST_DIRECTORIES'
 TEST_REGISTRIES = 'TEST_REGISTRIES'
 
 
-# Syscheck attributes
+# Syscheck Attributes
 REPORT_CHANGES = 'report_changes'
 DIFF_SIZE_LIMIT = 'diff_size_limit'
 FILE_SIZE_ENABLED = 'FILE_SIZE_ENABLED'
 FILE_SIZE_LIMIT = 'FILE_SIZE_LIMIT'
 DISK_QUOTA_ENABLED = 'DISK_QUOTA_ENABLED'
 DISK_QUOTA_LIMIT = 'DISK_QUOTA_LIMIT'
 
-# Syscheck values
+# Syscheck Values
 DIFF_LIMIT_VALUE = 2
 DIFF_DEFAULT_LIMIT_VALUE = 51200
 
 
-# FIM modules
+# FIM Modes
 SCHEDULE_MODE = 'scheduled'
 
 # Yaml Configuration
 YAML_CONF_REGISTRY_RESPONSE = 'wazuh_conf_registry_responses_win32.yaml'
 YAML_CONF_SYNC_WIN32 = 'wazuh_sync_conf_win32.yaml'
 YAML_CONF_DIFF = 'wazuh_conf_diff.yaml'
 
-# Synchronization options
+# Synchronization Options
 SYNCHRONIZATION_ENABLED = 'SYNCHRONIZATION_ENABLED'
 SYNCHRONIZATION_REGISTRY_ENABLED = 'SYNCHRONIZATION_REGISTRY_ENABLED'
 
-# Callbacks message
+# Callback Messages
 CB_INTEGRITY_CONTROL_MESSAGE = r'.*Sending integrity control message: (.+)$'
 CB_REGISTRY_DBSYNC_NO_DATA = r'.*#!-fim_registry dbsync no_data (.+)'
+CB_FILE_LIMIT_CAPACITY = r".*Sending DB (\d+)% full alert."
+CB_FILE_LIMIT_BACK_TO_NORMAL = r".*(Sending DB back to normal alert)."
+CB_COUNT_REGISTRY_FIM_ENTRIES = r".*Fim registry entries: (\d+)"
+CB_DATABASE_FULL_COULD_NOT_INSERT = r".*Couldn't insert '.*' (value )?entry into DB\. The DB is full.*"
+CB_FILE_LIMIT_VALUE = r".*Maximum number of entries to be monitored: '(\d+)'"
+CB_FILE_SIZE_LIMIT_BIGGER_THAN_DISK_QUOTA = r".*Setting 'disk_quota' to (\d+), 'disk_quota' must be greater than 'file_size'"
 CB_MAXIMUM_FILE_SIZE = r'.*Maximum file size limit to generate diff information configured to \'(\d+) KB\'.*'
 CB_FILE_LIMIT_CAPACITY = r".*Sending DB (\d+)% full alert."
 CB_FILE_LIMIT_BACK_TO_NORMAL = r".*(Sending DB back to normal alert)."
@@ -70,8 +76,6 @@
 
 
 #Error Messages
-ERR_MSG_MAXIMUM_FILE_SIZE = 'Did not receive expected "Maximum file size limit configured to \'... KB\'..." event'
-ERR_MSG_WRONG_VALUE_MAXIMUM_FILE_SIZE = 'Wrong value for diff_size_limit' 
 ERR_MSG_DATABASE_PERCENTAGE_FULL_ALERT = 'Did not receive expected "DEBUG: ...: Sending DB ...% full alert." event'
 ERR_MSG_FIM_INODE_ENTRIES = 'Did not receive expected "Fim inode entries: ..., path count: ..." event'
 ERR_MSG_DB_BACK_TO_NORMAL = 'Did not receive expected "DEBUG: ...: Sending DB back to normal alert." event'
@@ -86,3 +90,4 @@
 ERR_MSG_CONTENT_CHANGES_EMPTY = "content_changes is empty"
 ERR_MSG_CONTENT_CHANGES_NOT_EMPTY = "content_changes isn't empty"
 ERR_MSG_MAXIMUM_FILE_SIZE = 'Did not receive expected "Maximum file size limit configured to \'... KB\'..." event'
+ERR_MSG_WRONG_VALUE_MAXIMUM_FILE_SIZE = 'Wrong value for diff_size_limit'

tests/integration/test_fim/test_registry/test_registry_file_limit/test_registry_limit_full.py

@@ -44,7 +44,7 @@
 
 pytest_args:
  - fim_mode:
- scheduled:
+ scheduled: file/registry changes are monitored only at the configured interval
  - tier:
  0: Only level 0 tests are performed, they check basic functionalities and are quick to perform.
  1: Only level 1 tests are performed, they check functionalities of medium complexity.
@@ -173,4 +173,4 @@ def test_file_limit_full(get_configuration, configure_environment, restart_sysch
  callback=generate_monitoring_callback(CB_COUNT_REGISTRY_FIM_ENTRIES),
  error_message=ERR_MSG_FIM_INODE_ENTRIES).result()
 
- assert entries == str(get_configuration['metadata']['file_limit']), ERR_MSG_WRONG_NUMBER_OF_ENTRIES
+ assert entries == str(get_configuration['metadata']['file_limit']), ERR_MSG_WRONG_NUMBER_OF_ENTRIES

tests/integration/test_fim/test_registry/test_registry_report_changes/test_disk_quota/test_registry_disk_quota_bigger_file_limit.py

@@ -200,6 +200,6 @@ def report_changes_validator_diff(event):
  registry_value_update(key, subkey, wazuh_log_monitor, arch=arch, value_list=values, wait_for_scan=True,
  scan_delay=scan_delay, min_timeout=global_parameters.default_timeout, triggers_event=True,
  validators_after_update=[test_callback])
- # Delete the vaue created to clean up enviroment
+ # Delete the value created to clean up enviroment
  registry_value_delete(key, subkey, wazuh_log_monitor, arch=arch, value_list=values, wait_for_scan=True,
  scan_delay=scan_delay, min_timeout=global_parameters.default_timeout, triggers_event=True)

tests/integration/test_fim/test_registry/test_registry_report_changes/test_registry_diff_size_limit_values.py

@@ -77,7 +77,6 @@
  os.path.join(WINDOWS_HKEY_LOCAL_MACHINE, MONITORED_KEY_2)]
 test_data_path = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'data')
 wazuh_log_monitor = FileMonitor(LOG_FILE_PATH)
-size_limit_configured = SIZE_LIMIT_CONFIGURED_VALUE
 scan_delay = 2
 
 # Configurations
@@ -176,7 +175,7 @@ def report_changes_validator_diff(event):
  assert os.path.exists(diff_file), '{diff_file} does not exist'
  assert event['data'].get('content_changes') is not None, ERR_MSG_CONTENT_CHANGES_EMPTY
 
- if size > size_limit_configured:
+ if size > SIZE_LIMIT_CONFIGURED_VALUE:
  callback_test = report_changes_validator_no_diff
  else:
  callback_test = report_changes_validator_diff