add: Add callbacks module to the vuln detector lib #2462

wazuh · Jan 24, 2022 · d613a94 · d613a94
1 parent 1a437c6
commit d613a94
Show file tree

Hide file tree

Showing 2 changed files with 47 additions and 21 deletions.
diff --git a/deps/wazuh_testing/wazuh_testing/modules/vulnerability_detector/callbacks.py b/deps/wazuh_testing/wazuh_testing/modules/vulnerability_detector/callbacks.py
@@ -0,0 +1,47 @@
+import re
+
+from wazuh_testing.modules.vulnerability_detector import VULNERABILITY_DETECTOR_PREFIX
+
+
+def make_vuln_callback(pattern, prefix=VULNERABILITY_DETECTOR_PREFIX):
+ """Create a callback function from a text pattern.
+
+ It already contains the vulnerability-detector prefix.
+
+ Args:
+ pattern (str): String to match on the log.
+ prefix (str): regular expression used as prefix before the pattern.
+
+ Returns:
+ lambda: function that returns if there's a match in the file
+
+ Examples:
+ >>> callback_bionic_update_started = make_vuln_callback("Starting Ubuntu Bionic database update")
+ """
+ pattern = r'\s+'.join(pattern.split())
+ regex = re.compile(r'{}{}'.format(prefix, pattern))
+
+ return lambda line: regex.match(line) is not None
+
+
+def callback_detect_vulnerability_scan_sleeping(line):
+ msg = rf"{VULNERABILITY_DETECTOR_PREFIX} Sleeping for (.*)..."
+ match = re.match(msg, line)
+
+ return match.group(1) if match is not None else ""
+
+
+def callback_detect_vulnerability_detector_disabled(line):
+ msg = rf"{VULNERABILITY_DETECTOR_PREFIX}DEBUG: Module disabled. Exiting..."
+ match = re.match(msg, line)
+
+ return match is not None
+
+
+def callback_detect_vulnerability_detector_enabled(line):
+ msg = r'(.*)wazuh-modulesd:vulnerability-detector(.*)'
+ match1 = re.match(msg, line)
+ msg = r'(.*)DEBUG: Module disabled. Exiting...(.*)'
+ match2 = re.match(msg, line)
+
+ return match1 is not None and match2 is None
diff --git a/deps/wazuh_testing/wazuh_testing/vulnerability_detector.py b/deps/wazuh_testing/wazuh_testing/vulnerability_detector.py
@@ -57,27 +57,6 @@ def magic(*args, **kwargs):
  return magic
 
 
-def callback_detect_vulnerability_scan_sleeping(line):
- msg = rf"{VULNERABILITY_DETECTOR_PREFIX} Sleeping for (.*)..."
- match = re.match(msg, line)
-
- return match.group(1) if match is not None else ""
-
-
-def callback_detect_vulnerability_detector_disabled(line):
- msg = rf"{VULNERABILITY_DETECTOR_PREFIX}DEBUG: Module disabled. Exiting..."
- match = re.match(msg, line)
-
- return match is not None
-
-
-def callback_detect_vulnerability_detector_enabled(line):
- msg = r'(.*)wazuh-modulesd:vulnerability-detector(.*)'
- match1 = re.match(msg, line)
- msg = r'(.*)DEBUG: Module disabled. Exiting...(.*)'
- match2 = re.match(msg, line)
-
- return match1 is not None and match2 is None
 
 
 def make_vuln_callback(pattern, prefix=VULNERABILITY_DETECTOR_PREFIX):