FIM System tests: Test actions and implement first scenario

tests/system/fim/common_tasks/create_files.yml

@@ -0,0 +1,42 @@
+---
+- block:
+ - name: Run script generate_files.py on agents | Linux
+ script: "generate_files.py -c {{ files_config_linux_destination_path }} -o {{ files_generated_output_path }}"
+ args:
+ executable: "python3"
+ chdir: "{{ agents_linux_output_path }}"
+
+ - name: Copy list of created files from Agents to Ansible Controller host | Linux
+ fetch:
+ src: "{{ agents_linux_output_path }}/{{ files_generated_output_path }}"
+ dest: "agents_outputs/{{ event }}/{{ files_generated_output_path }}-{{ inventory_hostname }}"
+ flat: yes
+
+ become: yes
+ when:
+ - inventory_hostname in groups['linuxagents']
+
+
+- block:
+ - name: Run script generate_files.py on agents | Windows
+ script: "generate_files.py -c {{ files_config_windows_destination_path }} -o {{ files_generated_output_path }}"
+ args:
+ executable: "python"
+ chdir: "{{ agents_windows_output_path }}"
+
+ - name: Copy list of created files from Windows Agents to Ansible Controller host | Windows
+ fetch:
+ src: "{{ agents_windows_output_path }}/{{ files_generated_output_path }}"
+ dest: "agents_outputs/{{ event }}/{{ files_generated_output_path }}-{{ inventory_hostname }}"
+ flat: yes
+
+ when:
+ - inventory_hostname in groups['windowsagents']
+
+- name: Copy the output files from Ansible Controller to the Managers
+ become: true
+ synchronize:
+ src: "agents_outputs/added/"
+ dest: "{{ agents_results_manager_path }}/{{ event }}/"
+ when:
+ - inventory_hostname in groups['masters']

tests/system/fim/common_tasks/delete_files.py

@@ -15,14 +15,18 @@
 
 def delete_files(input_file_path, n, output_file_path):
  """
- Delete files, given a file with complete list of files where each line 
+ Delete files, given a file with complete list of files where each line
  represents a file path, we will randomly delete n files of them.
 
  :param str input_file_path: path of the input file which contains the list of files.
  :param int n: number of file to delete.
  :return: Returns a file with the list of the deleted files.
  """
- logger = logging.getLogger()
+ log_filename = 'delete_files.log'
+ logging.basicConfig(
+ filename=log_filename,
+ level=logging.DEBUG,
+ )
  data = []
  # Read data into the variable 'data'
  try:
@@ -31,31 +35,31 @@ def delete_files(input_file_path, n, output_file_path):
  data_ = f.readlines()
  # remove whitespace characters like `\n` at the end of each line
  data = [x.strip() for x in data_]
- f.close() # close f
- except Exception as e:
- logger.error('Failed when reading the input file: ', exc_info=True)
+ f.close()  # close f
+ except Exception:
+ logging.error('Failed when reading the input file: ', exc_info=True)
 
-
- if n is not None: # Randomly select n paths from data
- to_delete = random.sample(data,n)
- else: # Delete all files
+ if n is not None: # Randomly select n paths from data
+ to_delete = random.sample(data, n)
+ else: # Delete all files
  to_delete = data
 
  # Delete the selected files
  try:
  for path in to_delete:
  os.remove(path)
- except Exception as e:
- logger.error('Failed when deleting the selected files: ', exc_info=True)
+ except Exception:
+ logging.error('Failed when deleting the selected files: ', exc_info=True)
 
  # Write the list of the deleted files into output_file_path
  try:
  with open(output_file_path, 'w') as f:
  for item in to_delete:
  f.write("%s\n" % item)
  f.close()
- except Exception as e:
- logger.error('Failed when writing to the output file: ', exc_info=True)
+ except Exception:
+ logging.error('Failed when writing to the output file: ', exc_info=True)
+
 
 def main():
  parser = argparse.ArgumentParser()
@@ -72,5 +76,6 @@ def main():
 
  delete_files(args.input_file, args.n_files, args.output_file)
 
+
 if __name__ == '__main__':
- main()
+ main()

tests/system/fim/common_tasks/delete_files.yml

@@ -0,0 +1,43 @@
+---
+- block:
+ - name: "Delete FIM test files at Wazuh Agents | Linux"
+ script: "delete_files.py -i {{ files_generated_output_path }} -o {{ files_deleted_output_path }}"
+ args:
+ executable: "python3"
+ chdir: "{{ agents_linux_output_path }}"
+
+ - name: Copy list of deleted files from Agents to Ansible Controller host | Linux
+ fetch:
+ src: "{{ agents_linux_output_path }}/{{ files_deleted_output_path }}"
+ dest: "agents_outputs/{{ event }}/{{ files_deleted_output_path }}-{{ inventory_hostname }}"
+ flat: yes
+
+ become: yes
+ when:
+ - inventory_hostname in groups['linuxagents']
+
+
+- block:
+ - name: "Delete FIM test files at Wazuh Agents | Windows"
+ script: "delete_files.py -i {{ files_generated_output_path }} -o {{ files_deleted_output_path }}"
+ args:
+ executable: "python"
+ chdir: "{{ agents_windows_output_path }}"
+
+ - name: Copy list of deleted files from Windows Agents to Ansible Controller host
+ fetch:
+ src: "{{ agents_windows_output_path }}/{{ files_deleted_output_path }}"
+ dest: "agents_outputs/{{ event }}/{{ files_deleted_output_path }}-{{ inventory_hostname }}"
+ flat: yes
+
+ when:
+ - inventory_hostname in groups['windowsagents']
+
+
+- name: Copy the output files from Ansible Controller to the Managers
+ become: true
+ synchronize:
+ src: "agents_outputs/added/"
+ dest: "{{ agents_results_manager_path }}/{{ event }}/"
+ when:
+ - inventory_hostname in groups['masters']

tests/system/fim/common_tasks/files_configuration.json.jinja

@@ -0,0 +1,12 @@
+{
+ "root_folder": "{{ agents_fim_testing_path }}",
+ "recursion_level": 3,
+ "folder_length": 5,
+ "file_length": 5,
+ "file_size_specifications":[
+ { "size": 10240, "amount": 4000},
+ { "size": 524288, "amount": 500},
+ { "size": 1048576, "amount": 500},
+ { "size": 10485760, "amount": 10}
+ ]
+}

tests/system/fim/common_tasks/files_generator.py → tests/system/fim/common_tasks/generate_files.py

@@ -12,6 +12,7 @@
 import json
 import random
 import string
+import secrets
 import argparse
 
 
@@ -118,7 +119,13 @@ def create_files(files_path):
  """
  for key, value in files_path.items():
  with open(key, "wb") as f:
- f.write(b'0'*value)
+ if value > 1048576:
+ nval = value // 1048576
+ for val in range(nval):
+ f.write(b'0' * 1048576)
+ else:
+ f.write(b'0' * value)
+ f.write(secrets.token_bytes(32))
 
 
 def create_file_summary(files_path, logfile):
@@ -132,7 +139,7 @@ def create_file_summary(files_path, logfile):
  os.remove(logfile)
  with open(logfile, 'w') as f:
  for path in files_path:
- f.write(path+'\n')
+ f.write(path + '\n')
 
 
 def main():
@@ -146,10 +153,10 @@ def main():
  output_file = args.output_list
  config = parse_files_configuration(config_file)
  folders = generate_folders_paths(
-  config["root_folder"],
-  config["recursion_level"],
-  config["folder_length"]
-  )
+ config["root_folder"],
+ config["recursion_level"],
+ config["folder_length"]
+ )
  create_folders(folders)
  n_files = sum(x['amount'] for x in config['file_size_specifications'])
  files = generate_files_paths(folders, n_files, config["file_length"])

tests/system/fim/common_tasks/files_modify.py → tests/system/fim/common_tasks/modify_files.py

@@ -12,6 +12,8 @@
 import sys
 import random
 import platform
+import argparse
+import logging
 if platform.system() == 'Linux':
  import pwd
  import grp
@@ -51,7 +53,7 @@ def modify_file(filepath, owner, group, mode):
  'uid': uid,
  'gid': gid,
  'mode': oct(mode).split('o')[1].zfill(3) # convert to octal string
-  }
+ }
 
 
 def modify_file_content(filepath):
@@ -60,22 +62,63 @@ def modify_file_content(filepath):
 
  :param str filepath: The path of the file to modify
  """
- content = 'qazxswedcvbnmklpoiuytggdfert'*random.randint(1, 10)
+ content = 'qazxswedcvbnmklpoiuytggdfert' * random.randint(1, 10)
  content += str(random.random())
+ if not os.path.exists(filepath):
+ raise FileNotFoundError
  with open(filepath, 'ab') as f:
  f.write(bytes(content, 'utf8'))
 
 
+def log_modified_files(files_path, logfile):
+ """
+ Creates a file that summarizes all the modified files
+
+ :param dict files_path: Contains the list of modified files
+ :param str logfile: File to write the list of paths
+ """
+ if os.path.exists(logfile):
+ os.remove(logfile)
+ with open(logfile, 'w') as f:
+ for path in files_path:
+ f.write(path + '\n')
+
+
 def main():
- import argparse
+ log_filename = 'modify_files.log'
+ logging.basicConfig(
+ filename=log_filename,
+ level=logging.DEBUG,
+ )
  parser = argparse.ArgumentParser()
- parser.add_argument("-i", "--input-list", type=str, required=True, dest='input_file',
+ parser.add_argument("-i", "--input-list", type=str,
+ required=True, dest='input_file',
  help="File containing the list of files to modify")
+ parser.add_argument("-o", "--output-list", type=str,
+ required=True, dest='output_file',
+ help="File containing the list of modified files")
  args = parser.parse_args()
+
  input_file = args.input_file
+ output_file = args.output_file
+
+ changed_files = []
+
  with open(input_file) as flist:
  for path in flist:
- modify_file_content(path[:-1])
+ try:
+ modify_file_content(path[:-1])
+ changed_files.append(path[:-1])
+ except PermissionError:
+ logging.error("Not enough permissions to modify: {}".format(path[:-1]))
+ continue
+ except FileNotFoundError:
+ logging.error("File not found: {}".format(path[:-1]))
+ continue
+ except Exception:
+ logging.error("Unexpected error: ", exc_info=True)
+ continue
+ log_modified_files(changed_files, output_file)
 
 
 if __name__ == "__main__":

tests/system/fim/common_tasks/modify_files.yml

@@ -0,0 +1,42 @@
+---
+- block:
+ - name: "Modify FIM test files at Wazuh Managers | Linux"
+ script: "modify_files.py -i {{ files_generated_output_path }} -o {{ files_modified_output_path }}"
+ args:
+ executable: "python3"
+ chdir: "{{ agents_linux_output_path }}"
+
+ - name: Copy list of modified files from Agents to Ansible Controller host | Linux
+ fetch:
+ src: "{{ agents_linux_output_path }}/{{ files_modified_output_path }}"
+ dest: "agents_outputs/{{ event }}/{{ files_modified_output_path }}-{{ inventory_hostname }}"
+ flat: yes
+
+ become: yes
+ when:
+ - inventory_hostname in groups['linuxagents']
+
+
+- block:
+ - name: "Modify FIM test files at Wazuh Managers | Windows"
+ script: "modify_files.py -i {{ files_generated_output_path }} -o {{ files_modified_output_path }}"
+ args:
+ executable: "python"
+ chdir: "{{ agents_windows_output_path }}"
+
+ - name: Copy list of modified files from Agents to Ansible Controller host | Windows
+ fetch:
+ src: "{{ agents_windows_output_path }}/{{ files_generated_output_path }}"
+ dest: "agents_outputs/{{ event }}/{{ files_modified_output_path }}-{{ inventory_hostname }}"
+ flat: yes
+
+ when:
+ - inventory_hostname in groups['windowsagents']
+
+- name: Copy the output files from Ansible Controller to the Managers
+ become: true
+ synchronize:
+ src: "agents_outputs/modified/"
+ dest: "{{ agents_results_manager_path }}/{{ event }}/"
+ when:
+ - inventory_hostname in groups['masters']