Migrate test_configuration (1/2) of test_logcollector documentation to qa-docs
#2163
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
50 tasks
1 task
…migrate-doc-logc-configuration-1
added 2 commits
January 7, 2022 13:24
…migrate-doc-logc-configuration-1
QA-docs execution
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
As part of epic #1796, this PR adds the missing documentation and migrates the current documentation to the new format used by qa-docs.
The schema used is the one defined in issue #1694
New tags
The following tags are added to the wiki:
logcollector_configurationGenerated documentation
test_basic_configuration_age.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "The 'wazuh-logcollector' daemon monitors configured files and commands for new log messages. Specifically, these tests will check if the logcollector detects invalid values for the 'age' tag and the Wazuh API returns the same values for the configured 'localfile' section. Log data collection is the real-time process of making sense out of the records generated by servers or devices. This component can receive logs through text files or Windows event logs. It can also directly receive logs via remote syslog which is useful for firewalls and other such devices.", "tier": 0, "modules": [ "logcollector" ], "components": [ "agent", "manager" ], "daemons": [ "wazuh-logcollector", "wazuh-apid" ], "os_platform": [ "linux", "windows" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6", "Windows 10", "Windows 8", "Windows 7", "Windows Server 2019", "Windows Server 2016", "Windows Server 2012", "Windows Server 2003", "Windows XP" ], "references": [ "https://documentation.wazuh.com/current/user-manual/capabilities/log-data-collection/index.html", "https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/localfile.html#age" ], "tags": [ "logcollector_configuration" ], "name": "test_basic_configuration_age.py", "id": 1, "group_id": 0, "tests": [ { "description": "Check if the 'wazuh-logcollector' daemon detects invalid configurations for the 'age' tag. For this purpose, the test will set a 'localfile' section using valid/invalid values for that tag. Then, it will check if the 'analyzing' event is triggered when using a valid value, or if an error event is generated when using an invalid one. Finally, the test will verify that the Wazuh API returns the same values for the 'localfile' section that the configured one.", "wazuh_min_version": "4.2.0", "parameters": [ { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_environment": { "type": "fixture", "brief": "Configure a custom environment for testing." } } ], "assertions": [ "Verify that the logcollector generates error events when using invalid values for the 'age' tag.", "Verify that the logcollector generates 'analyzing' events when using valid values for the 'age' tag.", "Verify that the Wazuh API returns the same values for the 'localfile' section as the configured one." ], "input_description": "A configuration template (test_basic_configuration_age) is contained in an external YAML file (wazuh_basic_configuration.yaml). That template is combined with different test cases defined in the module. Those include configuration settings for the 'wazuh-logcollector' daemon.", "expected_output": [ "r'Analyzing file.*'", "r'Invalid .* for localfile'", "r'Configuration error at .*'" ], "tags": [ "invalid_settings" ], "name": "test_configuration_age", "inputs": [ "/tmp/testing.txt_syslog_3s", "/tmp/testing.txt_syslog_4000s", "/tmp/testing.txt_syslog_5m", "/tmp/testing.txt_syslog_99h", "/tmp/testing.txt_syslog_94201d", "/tmp/testing.txt_syslog_44sTesting", "/tmp/testing.txt_syslog_Testing44s", "/tmp/testing.txt_syslog_9hTesting", "/tmp/testing.txt_syslog_400mTesting", "/tmp/testing.txt_syslog_3992", "/tmp/testing.txt_syslog_Testing" ] } ] }test_basic_configuration_age.yaml
test_basic_configuration_alias.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "The 'wazuh-logcollector' daemon monitors configured files and commands for new log messages. Specifically, these tests will check if the log collector generates events using the alias specified in the 'alias' tag when monitoring a command, and the Wazuh API returns the same values for the configured 'localfile' section. Log data collection is the real-time process of making sense out of the records generated by servers or devices. This component can receive logs through text files or Windows event logs. It can also directly receive logs via remote syslog which is useful for firewalls and other such devices.", "tier": 0, "modules": [ "logcollector" ], "components": [ "agent", "manager" ], "daemons": [ "wazuh-logcollector", "wazuh-apid" ], "os_platform": [ "linux", "windows" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6", "Windows 10", "Windows 8", "Windows 7", "Windows Server 2019", "Windows Server 2016", "Windows Server 2012", "Windows Server 2003", "Windows XP" ], "references": [ "https://documentation.wazuh.com/current/user-manual/capabilities/log-data-collection/index.html", "https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/localfile.html#alias" ], "tags": [ "logcollector_configuration" ], "name": "test_basic_configuration_alias.py", "id": 2, "group_id": 0, "tests": [ { "description": "Check if the 'wazuh-logcollector' daemon changes a command name in the log messages by the one defined in the 'alias' tag. For this purpose, the test will monitor a command using an alias. Then, it will verify that the 'reading command' event is generated. This event includes the output of the command executed and its alias. Finally, the test will verify that the Wazuh API returns the same values for the 'localfile' section that the configured one.", "wazuh_min_version": "4.2.0", "parameters": [ { "get_local_internal_options": { "type": "fixture", "brief": "Get local internal options from the module." } }, { "configure_local_internal_options": { "type": "fixture", "brief": "Configure the Wazuh local internal options." } }, { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_environment": { "type": "fixture", "brief": "Configure a custom environment for testing." } }, { "restart_logcollector": { "type": "fixture", "brief": "Clear the 'ossec.log' file and start a new monitor." } } ], "assertions": [ "Verify that the logcollector monitors a command with an assigned alias.", "Verify that the Wazuh API returns the same values for the 'localfile' section as the configured one." ], "input_description": "A configuration template (test_basic_configuration_alias) is contained in an external YAML file (wazuh_basic_configuration.yaml). That template is combined with two test cases defined in the module. Those include configuration settings for the 'wazuh-logcollector' daemon.", "expected_output": [ "r'Reading command message.*'" ], "tags": [ "logs" ], "name": "test_configuration_alias", "inputs": [ "command_ps -aux_alias", "full_command_ps -aux_alias2" ] } ] }test_basic_configuration_alias.yaml
test_basic_configuration_command.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "The 'wazuh-logcollector' daemon monitors configured files and commands for new log messages. Specifically, these tests will check if monitored commands that use several parameters are correctly executed by the logcollector, and the Wazuh API returns the same values for the configured 'localfile' section. Log data collection is the real-time process of making sense out of the records generated by servers or devices. This component can receive logs through text files or Windows event logs. It can also directly receive logs via remote syslog which is useful for firewalls and other such devices.", "tier": 0, "modules": [ "logcollector" ], "components": [ "agent", "manager" ], "daemons": [ "wazuh-logcollector", "wazuh-apid" ], "os_platform": [ "linux", "windows" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6", "Windows 10", "Windows 8", "Windows 7", "Windows Server 2019", "Windows Server 2016", "Windows Server 2012", "Windows Server 2003", "Windows XP" ], "references": [ "https://documentation.wazuh.com/current/user-manual/capabilities/log-data-collection/index.html", "https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/localfile.html#command", "https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/localfile.html#alias", "https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/localfile.html#log-format" ], "tags": [ "logcollector_configuration" ], "name": "test_basic_configuration_command.py", "id": 3, "group_id": 0, "tests": [ { "description": "Check if the 'wazuh-logcollector' daemon can monitor commands that use multiple parameters. For this purpose, the test will configure the logcollector to monitor a command, setting it in the 'command' tag. Once the logcollector has started, it will check if the 'monitoring' event, indicating that the command is being monitored, has been generated. Finally, the test will verify that the Wazuh API returns the same values for the 'localfile' section that the configured one.", "wazuh_min_version": "4.2.0", "parameters": [ { "get_local_internal_options": { "type": "fixture", "brief": "Get local internal options from the module." } }, { "configure_local_internal_options": { "type": "fixture", "brief": "Configure the Wazuh local internal options." } }, { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_environment": { "type": "fixture", "brief": "Configure a custom environment for testing." } }, { "restart_logcollector": { "type": "fixture", "brief": "Clear the 'ossec.log' file and start a new monitor." } } ], "assertions": [ "Verify that the logcollector monitors the command specified in the 'command' tag.", "Verify that the Wazuh API returns the same values for the 'localfile' section as the configured one." ], "input_description": "A configuration template (test_basic_configuration_location) is contained in an external YAML file (wazuh_basic_configuration.yaml). That template is combined with different test cases defined in the module. Those include configuration settings for the 'wazuh-logcollector' daemon.", "expected_output": [ { "r'INFO": "Monitoring .* of command.*'" } ], "tags": [ "logs" ], "name": "test_configuration_command", "inputs": [ "command_echo Testing", "command_df -P", "command_find / -type f -perm 4000", "command_ls /tmp/*", "command_/tmp/script/my_script -a 1 -v 2 -b 3 -g 444 -k Testing", "full_command_echo Testing", "full_command_df -P", "full_command_find / -type f -perm 4000", "full_command_ls /tmp/*", "full_command_/tmp/script/my_script -a 1 -v 2 -b 3 -g 444 -k Testing" ] } ] }test_basic_configuration_command.yaml
test_basic_configuration_exclude.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "The 'wazuh-logcollector' daemon monitors configured files and commands for new log messages. Specifically, these tests will check if the Wazuh component (agent or manager) starts when the 'exclude' tag is set in the configuration, and the Wazuh API returns the same values for the configured 'localfile' section. Log data collection is the real-time process of making sense out of the records generated by servers or devices. This component can receive logs through text files or Windows event logs. It can also directly receive logs via remote syslog which is useful for firewalls and other such devices.", "tier": 0, "modules": [ "logcollector" ], "components": [ "agent", "manager" ], "daemons": [ "wazuh-logcollector", "wazuh-apid" ], "os_platform": [ "linux", "windows" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6", "Windows 10", "Windows 8", "Windows 7", "Windows Server 2019", "Windows Server 2016", "Windows Server 2012", "Windows Server 2003", "Windows XP" ], "references": [ "https://documentation.wazuh.com/current/user-manual/capabilities/log-data-collection/index.html", "https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/localfile.html#exclude" ], "tags": [ "logcollector_configuration" ], "name": "test_basic_configuration_exclude.py", "id": 4, "group_id": 0, "tests": [ { "description": "Check if the 'wazuh-logcollector' daemon starts properly when the 'exclude' tag is used. For this purpose, the test will configure the logcollector to monitor a 'syslog' directory and exclude log files by setting a wildcard in the 'exclude' tag. Finally, the test will verify that the Wazuh component is started by checking its process, and the Wazuh API returns the same values for the 'localfile' section that the configured one.", "wazuh_min_version": "4.2.0", "parameters": [ { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_environment": { "type": "fixture", "brief": "Configure a custom environment for testing." } }, { "restart_logcollector": { "type": "fixture", "brief": "Clear the 'ossec.log' file and start a new monitor." } } ], "assertions": [ "Verify that the Wazuh component (agent or manager) can start when the 'exclude' tag is used.", "Verify that the Wazuh API returns the same value for the 'localfile' section as the configured one." ], "input_description": "A configuration template (test_basic_configuration_exclude) is contained in an external YAML file (wazuh_basic_configuration.yaml). That template is combined with different test cases defined in the module. Those include configuration settings for the 'wazuh-logcollector' daemon.", "expected_output": [ "Boolean values to indicate the state of the Wazuh component." ], "name": "test_configuration_exclude", "inputs": [ "syslog_/tmp/testing/*_/tmp/testing/file.txt", "syslog_/tmp/testing/*_/tmp/testing/f*", "syslog_/tmp/testing/*_/tmp/testing/*g", "syslog_/tmp/testing/*_/tmp/testing/file?.txt", "syslog_/tmp/testing/*_/tmp/testing/file.log-%Y-%m-%d" ] } ] }test_basic_configuration_exclude.yaml
test_basic_configuration_frequency.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "The 'wazuh-logcollector' daemon monitors configured files and commands for new log messages. Specifically, these tests will check if the logcollector detects invalid values for the 'frequency' tag and the Wazuh API returns the same values for the configured 'localfile' section. Log data collection is the real-time process of making sense out of the records generated by servers or devices. This component can receive logs through text files or Windows event logs. It can also directly receive logs via remote syslog which is useful for firewalls and other such devices.", "tier": 0, "modules": [ "logcollector" ], "components": [ "agent", "manager" ], "daemons": [ "wazuh-logcollector", "wazuh-apid" ], "os_platform": [ "linux", "windows" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6", "Windows 10", "Windows 8", "Windows 7", "Windows Server 2019", "Windows Server 2016", "Windows Server 2012", "Windows Server 2003", "Windows XP" ], "references": [ "https://documentation.wazuh.com/current/user-manual/capabilities/log-data-collection/index.html", "https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/localfile.html#frequency" ], "tags": [ "logcollector_configuration" ], "name": "test_basic_configuration_frequency.py", "id": 5, "group_id": 0, "tests": [ { "description": "Check if the 'wazuh-logcollector' daemon detects invalid configurations for the 'frequency' tag. For this purpose, the test will set a 'localfile' section using valid/invalid values for that tag. Then, it will check if the 'monitoring' event is triggered when using a valid value, or if an error event is generated when using an invalid one. Finally, the test will verify that the Wazuh API returns the same values for the 'localfile' section that the configured one.", "wazuh_min_version": "4.2.0", "parameters": [ { "get_local_internal_options": { "type": "fixture", "brief": "Get local internal options from the module." } }, { "configure_local_internal_options": { "type": "fixture", "brief": "Configure the Wazuh local internal options." } }, { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_environment": { "type": "fixture", "brief": "Configure a custom environment for testing." } } ], "assertions": [ "Verify that the logcollector generates error events when using invalid values for the 'frequency' tag.", "Verify that the logcollector generates 'monitoring' events when using valid values for the 'frequency' tag.", "Verify that the Wazuh API returns the same values for the 'localfile' section as the configured one." ], "input_description": "A configuration template (test_basic_configuration_frequency) is contained in an external YAML file (wazuh_basic_configuration.yaml). That template is combined with different test cases defined in the module. Those include configuration settings for the 'wazuh-logcollector' daemon.", "expected_output": [ { "r'INFO": "Monitoring .* of command.*'" }, "r'Invalid value for element .*'", "r'Configuration error at .*'" ], "tags": [ "invalid_settings" ], "name": "test_configuration_frequency", "inputs": [ "command_ps -aux_3", "command_ps -aux_10", "command_ps -aux_100000", "command_ps -aux_3s", "command_ps -aux_Testing", "command_ps -aux_3Testing", "command_ps -aux_3s5m", "command_ps -aux_Testing3", "full_command_ps -aux_3", "full_command_ps -aux_10", "full_command_ps -aux_100000", "full_command_ps -aux_3s", "full_command_ps -aux_Testing", "full_command_ps -aux_3Testing", "full_command_ps -aux_3s5m", "full_command_ps -aux_Testing3" ] } ] }test_basic_configuration_frequency.yaml
test_basic_configuration_ignore_binaries.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "The 'wazuh-logcollector' daemon monitors configured files and commands for new log messages. Specifically, these tests will check if the logcollector detects invalid values for the 'ignore_binaries' tag and the Wazuh API returns the same values for the configured 'localfile' section. Log data collection is the real-time process of making sense out of the records generated by servers or devices. This component can receive logs through text files or Windows event logs. It can also directly receive logs via remote syslog which is useful for firewalls and other such devices.", "tier": 0, "modules": [ "logcollector" ], "components": [ "agent", "manager" ], "daemons": [ "wazuh-logcollector", "wazuh-apid" ], "os_platform": [ "linux", "windows" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6", "Windows 10", "Windows 8", "Windows 7", "Windows Server 2019", "Windows Server 2016", "Windows Server 2012", "Windows Server 2003", "Windows XP" ], "references": [ "https://documentation.wazuh.com/current/user-manual/capabilities/log-data-collection/index.html", "https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/localfile.html#ignore_binaries" ], "tags": [ "logcollector_configuration" ], "name": "test_basic_configuration_ignore_binaries.py", "id": 6, "group_id": 0, "tests": [ { "description": "Check if the 'wazuh-logcollector' daemon detects invalid configurations for the 'ignore_binaries' tag. For this purpose, the test will set a 'localfile' section using valid/invalid values for that tag. Then, it will check if an error event is generated when using an invalid value. Finally, the test will verify that the Wazuh API returns the same values for the 'localfile' section that the configured one.", "wazuh_min_version": "4.2.0", "parameters": [ { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_environment": { "type": "fixture", "brief": "Configure a custom environment for testing." } } ], "assertions": [ "Verify that the logcollector generates error events when using invalid values for the 'ignore_binaries' tag.", "Verify that the Wazuh API returns the same values for the 'localfile' section as the configured one." ], "input_description": "A configuration template (test_basic_configuration_ignore_binaries) is contained in an external YAML file (wazuh_basic_configuration.yaml). That template is combined with different test cases defined in the module. Those include configuration settings for the 'wazuh-logcollector' daemon.", "expected_output": [ "r'Invalid value for element .*'", "r'Configuration error at .*'" ], "tags": [ "invalid_settings" ], "name": "test_ignore_binaries", "inputs": [ "/tmp/testing/files*_syslog_yes", "/tmp/testing/files*_syslog_no", "/tmp/testing/files*_syslog_yesTesting", "/tmp/testing/files*_syslog_noTesting", "/tmp/testing/files*_syslog_testingvalue", "/tmp/testing/files*_syslog_1234" ] } ] }test_basic_configuration_ignore_binaries.yaml
test_basic_configuration_label.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "The 'wazuh-logcollector' daemon monitors configured files and commands for new log messages. Specifically, these tests will check if the Wazuh component (agent or manager) starts when the 'label' tag is set in the configuration, and the Wazuh API returns the same values for the configured 'localfile' section. Log data collection is the real-time process of making sense out of the records generated by servers or devices. This component can receive logs through text files or Windows event logs. It can also directly receive logs via remote syslog which is useful for firewalls and other such devices.", "tier": 0, "modules": [ "logcollector" ], "components": [ "agent", "manager" ], "daemons": [ "wazuh-logcollector", "wazuh-apid" ], "os_platform": [ "linux", "windows" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6", "Windows 10", "Windows 8", "Windows 7", "Windows Server 2019", "Windows Server 2016", "Windows Server 2012", "Windows Server 2003", "Windows XP" ], "references": [ "https://documentation.wazuh.com/current/user-manual/capabilities/log-data-collection/index.html", "https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/localfile.html#label" ], "tags": [ "logcollector_configuration" ], "name": "test_basic_configuration_label.py", "id": 7, "group_id": 0, "tests": [ { "description": "Check if the 'wazuh-logcollector' daemon can monitor log files configured to use labels. For this purpose, the test will configure the logcollector to use labels, setting them in the label 'tag'. Once the logcollector has started, it will check if the 'analyzing' event, indicating that the testing log file is being monitored, has been generated. Finally, the test will verify that the Wazuh API returns the same values for the 'localfile' section that the configured one.", "wazuh_min_version": "4.2.0", "parameters": [ { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_environment": { "type": "fixture", "brief": "Configure a custom environment for testing." } }, { "restart_logcollector": { "type": "fixture", "brief": "Clear the 'ossec.log' file and start a new monitor." } } ], "assertions": [ "Verify that the logcollector monitors files when using the 'label' tag.", "Verify that the Wazuh API returns the same values for the 'localfile' section as the configured one." ], "input_description": "A configuration template (test_basic_configuration_label) is contained in an external YAML file (wazuh_basic_configuration.yaml). That template is combined with different test cases defined in the module. Those include configuration settings for the 'wazuh-logcollector' daemon.", "expected_output": [ "r'Analyzing file.*'" ], "tags": [ "invalid_settings", "logs" ], "name": "test_configuration_label", "inputs": [ "/tmp/testing.txt_myapp_@source", "/tmp/testing.txt_myapp_agent.type", "/tmp/testing.txt_myapp_agent.location", "/tmp/testing.txt_myapp_agent.idgroup", "/tmp/testing.txt_myapp_group.groupnname", "/tmp/testing.txt_myapp_109304", "/tmp/testing.txt_myapp_TestingTagNames", "/tmp/testing.txt_myapp_?\\xbfatag_tname" ] } ] }test_basic_configuration_label.yaml
Tests
pycodestyle --max-line-length=120 --show-source --show-pep8 file.py.python3 DocGenerator.py -s