Skip to content

Commit 26c0b36

Browse files
spanchal-crestspanchal-crest
committed
chore: ADDON-80802 Fixed the unit test case
1 parent dc1ca8e commit 26c0b36

File tree

5 files changed

+134
-110
lines changed

5 files changed

+134
-110
lines changed

pytest_splunk_addon/event_ingestors/hec_event_ingestor.py

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,8 @@ def ingest(self, events, thread_count):
6060
"sourcetype": "sample_HEC",
6161
"source": "sample_source",
6262
"host": "sample_host",
63-
"event": "event_str"
63+
"event": "event_str",
64+
"fields": {"unique_identifier": "uuid"}
6465
}
6566
6667
The format of dictionary for ingesting a batch of events::
@@ -70,13 +71,15 @@ def ingest(self, events, thread_count):
7071
"sourcetype": "sample_HEC",
7172
"source": "sample_source",
7273
"host": "sample_host",
73-
"event": "event_str1"
74+
"event": "event_str1",
75+
"fields": {"unique_identifier": "uuid"}
7476
},
7577
{
7678
"sourcetype": "sample_HEC",
7779
"source": "sample_source",
7880
"host": "sample_host",
79-
"event": "event_str2"
81+
"event": "event_str2",
82+
"fields": {"unique_identifier": "uuid"}
8083
},
8184
]
8285
@@ -92,7 +95,7 @@ def ingest(self, events, thread_count):
9295
"source": event.metadata.get("source", "pytest_splunk_addon:hec:event"),
9396
"event": event.event,
9497
"index": event.metadata.get("index", "main"),
95-
"fields": {"unique_identifier": event.unique_identifier}
98+
"fields": {"unique_identifier": event.unique_identifier},
9699
}
97100

98101
if event.metadata.get("host_type") in ("plugin", None):

pytest_splunk_addon/fields_tests/test_templates.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -189,7 +189,7 @@ def test_requirements_fields(
189189
if param_value is not None:
190190
basic_search += f" {param}={param_value}"
191191

192-
search = f"search {index_list} {basic_search} unique_identifier=\"{unique_identifier}\" | fields *"
192+
search = f'search {index_list} {basic_search} unique_identifier="{unique_identifier}" | fields *'
193193

194194
self.logger.info(f"Executing the search query: {search}")
195195

tests/unit/tests_standard_lib/test_event_ingestors/conftest.py

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@
66
@dataclass()
77
class SampleEvent:
88
event: str
9+
unique_identifier: str
910
metadata: dict
1011
sample_name: str
1112
key_fields: dict = None
@@ -17,6 +18,7 @@ def modinput_events():
1718
return [
1819
SampleEvent(
1920
event="test_modinput_1 host=modinput_host_event_time_plugin.samples_1",
21+
unique_identifier="uuid",
2022
key_fields={"host": ["modinput_host_event_time_plugin.samples_1"]},
2123
metadata={
2224
"sourcetype": "test:indextime:sourcetype:modinput_host_event_time_plugin",
@@ -33,6 +35,7 @@ def modinput_events():
3335
),
3436
SampleEvent(
3537
event="test_modinput_2 host=modinput_host_event_time_plugin.samples_2",
38+
unique_identifier="uuid",
3639
key_fields={"host": ["modinput_host_event_time_plugin.samples_2"]},
3740
metadata={
3841
"sourcetype": "test:indextime:sourcetype:modinput_host_event_time_plugin",
@@ -49,6 +52,7 @@ def modinput_events():
4952
),
5053
SampleEvent(
5154
event="fake event nothing happened",
55+
unique_identifier="uuid",
5256
key_fields={},
5357
metadata={
5458
"host_type": "plugin",
@@ -73,18 +77,21 @@ def modinput_posts_sent():
7377
'"source": "pytest-splunk-addon:modinput", '
7478
'"event": "test_modinput_1 host=modinput_host_event_time_plugin.samples_1", '
7579
'"index": "main", '
80+
'"fields": {"unique_identifier": "uuid"}, '
7681
'"host": "modinput_host_event_time_plugin.samples_1"'
7782
"}, {"
7883
'"sourcetype": "test:indextime:sourcetype:modinput_host_event_time_plugin", '
7984
'"source": "pytest-splunk-addon:modinput", '
8085
'"event": "test_modinput_2 host=modinput_host_event_time_plugin.samples_2", '
8186
'"index": "main", '
87+
'"fields": {"unique_identifier": "uuid"}, '
8288
'"host": "modinput_host_event_time_plugin.samples_2"'
8389
"}, {"
8490
'"sourcetype": "pytest_splunk_addon", '
8591
'"source": "pytest_splunk_addon:hec:event", '
8692
'"event": "fake event nothing happened", '
8793
'"index": "fake_index", '
94+
'"fields": {"unique_identifier": "uuid"}, '
8895
'"host": "fake host", '
8996
'"time": 1234.5678'
9097
"}]",
@@ -98,6 +105,7 @@ def file_monitor_events():
98105
SampleEvent(
99106
event="host=test-host-file_monitor_host_prefix.sample-2 Test for host_prefix file_monitor"
100107
"host=test-host-file_monitor_host_prefix.sample-4 Test for host_prefix file_monitor",
108+
unique_identifier="uuid",
101109
metadata={
102110
"interval": "60",
103111
"earliest": "-60s",
@@ -118,6 +126,7 @@ def file_monitor_events():
118126
SampleEvent(
119127
event="test_failing_1 src=10.1.0.81 dest_ip=10.100.0.91 src_port=4889 dest_port=21 "
120128
"dvc=172.16.22.73 user=user297 test_list_all=a [email protected]",
129+
unique_identifier="uuid",
121130
metadata={
122131
"sourcetype": "test:indextime:failing",
123132
"host_type": "plugin",
@@ -135,6 +144,7 @@ def file_monitor_events():
135144
),
136145
SampleEvent(
137146
event="fake event nothing happened src=0.0.0.0 src_port=5050 dest=10.0.0.1 dest_port=6060",
147+
unique_identifier="uuid",
138148
metadata={
139149
"input_type": "file_monitor",
140150
"index": "fake_index",
@@ -223,6 +233,7 @@ def requirement_events():
223233
return [
224234
SampleEvent(
225235
event="requirement event",
236+
unique_identifier="uuid",
226237
metadata={
227238
"source": "requirement source",
228239
"sourcetype": "requirement source type",
@@ -245,6 +256,7 @@ def sc4s_events():
245256
return [
246257
SampleEvent(
247258
event='sc4s-host-plugin-time-sample-31 EPOEvents - EventFwd [agentInfo@3401 tenantId="1" bpsId="1" tenantGUID="50486da4-b851-47eb-9e27-a3337f14522f',
259+
unique_identifier="uuid",
248260
metadata={
249261
"timestamp_type": "event",
250262
"sourcetype": "mcafee:epo:syslog",
@@ -261,6 +273,7 @@ def sc4s_events():
261273
),
262274
SampleEvent(
263275
event='sc4s-host-plugin-time-sample-32 EPOEvents - EventFwd [agentInfo@3401 tenantId="1" bpsId="1" tenantGUID="523efa00-cb66-4682-8ad7-c8b800adabd1"',
276+
unique_identifier="uuid",
264277
metadata={
265278
"timestamp_type": "event",
266279
"sourcetype": "mcafee:epo:syslog",

tests/unit/tests_standard_lib/test_fields_tests/test_test_generator.py

Lines changed: 107 additions & 103 deletions
Original file line numberDiff line numberDiff line change
@@ -411,115 +411,119 @@ def test_generate_field_tests(
411411
assert param_mock.call_count == len(expected_output)
412412

413413

414-
@pytest.mark.parametrize(
415-
"tokenised_events, expected_output",
416-
[
417-
(
418-
[
419-
SampleEvent(
420-
event_string="escaped_event",
421-
metadata={
422-
"input_type": "modinput",
423-
"sourcetype_to_search": "dummy_sourcetype",
424-
"host": "dummy_host",
425-
},
426-
sample_name="file1.xml",
427-
requirement_test_data={
428-
"cim_fields": {
429-
"dest": "192.168.0.1",
430-
"severity": "low",
431-
"signature_id": "405001",
432-
"src": "192.168.0.1",
433-
"type": "event",
414+
with patch("uuid.uuid4", return_value="uuid"):
415+
416+
@pytest.mark.parametrize(
417+
"tokenised_events, expected_output",
418+
[
419+
(
420+
[
421+
SampleEvent(
422+
event_string="escaped_event",
423+
metadata={
424+
"input_type": "modinput",
425+
"sourcetype_to_search": "dummy_sourcetype",
426+
"host": "dummy_host",
434427
},
435-
"exceptions": {"mane_1": "value_1", "dest": "192.168.0.1"},
436-
"other_fields": {
437-
"vendor_product": "Pytest Splunk Addon",
438-
"target_users": "[email protected]",
428+
sample_name="file1.xml",
429+
requirement_test_data={
430+
"cim_fields": {
431+
"dest": "192.168.0.1",
432+
"severity": "low",
433+
"signature_id": "405001",
434+
"src": "192.168.0.1",
435+
"type": "event",
436+
},
437+
"exceptions": {"mane_1": "value_1", "dest": "192.168.0.1"},
438+
"other_fields": {
439+
"vendor_product": "Pytest Splunk Addon",
440+
"target_users": "[email protected]",
441+
},
439442
},
440-
},
441-
),
442-
SampleEvent(
443-
event_string="escaped_event",
444-
metadata={
445-
"input_type": "syslog_tcp",
446-
"sourcetype_to_search": "dummy_sourcetype",
447-
"host": "dummy_host_syslog",
448-
},
449-
sample_name="file1.xml",
450-
requirement_test_data={},
451-
),
452-
SampleEvent(
453-
event_string="escaped_event",
454-
metadata={
455-
"input_type": "syslog_tcp",
456-
"sourcetype_to_search": "dummy_sourcetype",
457-
"host": "dummy_host_syslog",
458-
},
459-
sample_name="file1.xml",
460-
requirement_test_data={
461-
"cim_fields": {
462-
"src": "192.168.0.1",
463-
"type": "event",
443+
),
444+
SampleEvent(
445+
event_string="escaped_event",
446+
metadata={
447+
"input_type": "syslog_tcp",
448+
"sourcetype_to_search": "dummy_sourcetype",
449+
"host": "dummy_host_syslog",
464450
},
465-
"exceptions": {},
466-
"other_fields": {
467-
"vendor_product": "Pytest Splunk Addon",
468-
"target_users": "[email protected]",
451+
sample_name="file1.xml",
452+
requirement_test_data={},
453+
),
454+
SampleEvent(
455+
event_string="escaped_event",
456+
metadata={
457+
"input_type": "syslog_tcp",
458+
"sourcetype_to_search": "dummy_sourcetype",
459+
"host": "dummy_host_syslog",
469460
},
470-
},
471-
),
472-
],
473-
[
474-
(
475-
{
476-
"escaped_event": "escaped_event",
477-
"fields": {
478-
"severity": "low",
479-
"signature_id": "405001",
480-
"src": "192.168.0.1",
481-
"type": "event",
482-
"vendor_product": "Pytest Splunk Addon",
483-
"target_users": "[email protected]",
461+
sample_name="file1.xml",
462+
requirement_test_data={
463+
"cim_fields": {
464+
"src": "192.168.0.1",
465+
"type": "event",
466+
},
467+
"exceptions": {},
468+
"other_fields": {
469+
"vendor_product": "Pytest Splunk Addon",
470+
"target_users": "[email protected]",
471+
},
484472
},
485-
"modinput_params": {"sourcetype": "dummy_sourcetype"},
486-
},
487-
"sample_name::file1.xml::host::dummy_host",
488-
),
489-
(
490-
{
491-
"escaped_event": "escaped_event",
492-
"fields": {
493-
"src": "192.168.0.1",
494-
"type": "event",
495-
"vendor_product": "Pytest Splunk Addon",
496-
"target_users": "[email protected]",
473+
),
474+
],
475+
[
476+
(
477+
{
478+
"escaped_event": "escaped_event",
479+
"fields": {
480+
"severity": "low",
481+
"signature_id": "405001",
482+
"src": "192.168.0.1",
483+
"type": "event",
484+
"vendor_product": "Pytest Splunk Addon",
485+
"target_users": "[email protected]",
486+
},
487+
"modinput_params": {"sourcetype": "dummy_sourcetype"},
488+
"unique_identifier": "uuid",
497489
},
498-
"modinput_params": {"sourcetype": "dummy_sourcetype"},
499-
},
500-
"sample_name::file1.xml::host::dummy_host_syslog",
501-
),
502-
],
503-
),
504-
],
505-
)
506-
def test_generate_requirement_tests(tokenised_events, expected_output):
507-
with patch.object(
508-
xml_event_parser, "strip_syslog_header", return_value="escaped_event"
509-
), patch.object(
510-
xml_event_parser, "escape_char_event", return_value="escaped_event"
511-
), patch.object(
512-
pytest, "param", side_effect=lambda x, id: (x, id)
513-
) as param_mock:
514-
out = list(
515-
FieldTestGenerator(
516-
"app_path",
517-
tokenised_events,
518-
"field_bank",
519-
).generate_requirements_tests()
520-
)
521-
assert out == expected_output
522-
assert param_mock.call_count == len(expected_output)
490+
"sample_name::file1.xml::host::dummy_host",
491+
),
492+
(
493+
{
494+
"escaped_event": "escaped_event",
495+
"fields": {
496+
"src": "192.168.0.1",
497+
"type": "event",
498+
"vendor_product": "Pytest Splunk Addon",
499+
"target_users": "[email protected]",
500+
},
501+
"modinput_params": {"sourcetype": "dummy_sourcetype"},
502+
"unique_identifier": "uuid",
503+
},
504+
"sample_name::file1.xml::host::dummy_host_syslog",
505+
),
506+
],
507+
),
508+
],
509+
)
510+
def test_generate_requirement_tests(tokenised_events, expected_output):
511+
with patch.object(
512+
xml_event_parser, "strip_syslog_header", return_value="escaped_event"
513+
), patch.object(
514+
xml_event_parser, "escape_char_event", return_value="escaped_event"
515+
), patch.object(
516+
pytest, "param", side_effect=lambda x, id: (x, id)
517+
) as param_mock:
518+
out = list(
519+
FieldTestGenerator(
520+
"app_path",
521+
tokenised_events,
522+
"field_bank",
523+
).generate_requirements_tests()
524+
)
525+
assert out == expected_output
526+
assert param_mock.call_count == len(expected_output)
523527

524528

525529
@pytest.mark.parametrize(

0 commit comments

Comments
 (0)