Skip to content

Add logtest modules to framework#5870

Merged
davidjiglesias merged 144 commits intofeature/5337-logtest-enhancementfrom
feature/5590-dev-logtest-framework
Oct 22, 2020
Merged

Add logtest modules to framework#5870
davidjiglesias merged 144 commits intofeature/5337-logtest-enhancementfrom
feature/5590-dev-logtest-framework

Conversation

@vicferpoy
Copy link
Copy Markdown
Contributor

@vicferpoy vicferpoy commented Sep 1, 2020
edited
Loading

Hello team, this closes #5590 .

This PR adds new modules to use the logtest tool from the framework. The new logtest endpoints will use these modules.

It includes the addition of a new action/resource to RBAC and new unit tests for these modules.

You can see examples of the new functions here: #5590 (comment)

Tests results

==================================================================================== test session starts ====================================================================================
platform linux -- Python 3.8.5, pytest-5.4.3, py-1.8.2, pluggy-0.13.1
rootdir: /home/vicferpoy/Desktop/Git/wazuh/framework
plugins: asyncio-0.12.0
collected 6 items                                                                                                                                                                           

wazuh/tests/test_logtest.py ......                                                                                                                                                    [100%]

===================================================================================== 6 passed in 0.08s =====================================================================================


==================================================================================== test session starts ====================================================================================
platform linux -- Python 3.8.5, pytest-5.4.3, py-1.8.2, pluggy-0.13.1
rootdir: /home/vicferpoy/Desktop/Git/wazuh/framework
plugins: asyncio-0.12.0
collected 2 items                                                                                                                                                                           

wazuh/core/tests/test_logtest.py ..                                                                                                                                                   [100%]

===================================================================================== 2 passed in 0.03s =====================================================================================

==================================================================================== test session starts ====================================================================================
platform linux -- Python 3.8.5, pytest-5.4.3, py-1.8.2, pluggy-0.13.1
rootdir: /home/vicferpoy/Desktop/Git/wazuh/framework
plugins: asyncio-0.12.0
collected 20 items                                                                                                                                                                          

wazuh/core/tests/test_wazuh_socket.py ....................                                                                                                                            [100%]

==================================================================================== 20 passed in 0.07s =====================================================================================

Regards.

Lopuiz and others added 30 commits July 14, 2020 14:14
@Lopuiz
Declare main functions and structures for wazuh-logtest (#5372)
d870f0f 
Declare main functions and structures for wazuh-logtest
@FernandoCP @JcabreraC
Added structures as parameters in Decoders, Rules and CDBlist functions.
20e3087
@Lopuiz @JcabreraC
Modify functions and structures of rules, decoders, and CDB lists for…
75f55b1 
… wazuh-logtest development.
@Lopuiz @JcabreraC
Change variables names of rules, decoders, and cdblist and document t…
69ecd8a 
…hem.
@Lopuiz @JcabreraC
add wazuh-logtest configuration
b3ddb00
@Lopuiz @JcabreraC
add function tu get rule_test configuration
43b8068
@JcabreraC
Added test for logtest.c file
9942493
@JcabreraC
Added test for Read_Logtest function
f12a7a4
@Lopuiz @JcabreraC
add limits to rule_test configuration
f3968e5
@JcabreraC
Fixed test for Read_Logtest function
2f42fed
@JcabreraC
Fixed memory leak and unit tests
654bf9d
@JcabreraC
Added tests for getRuleTestConfig
4b50df6
@JcabreraC
Fixed unit tests after the merge
ed216bd
@Lopuiz @JcabreraC
Use function get_nproc instead of get_nprocs and modify variable name…
53796c0 
… of logtest configuration
@Lopuiz @JcabreraC
comply with style guide
9b242f0
@Lopuiz @JcabreraC
Minor fixes:
4ddc59c 
- Change type of w_logtest_conf.enabled to boolean
- Change warning messages to error messages in Read_Logtest
- Change debug2 messages to warning messages in Read_Logtest
- Change type of w_logtest_conf.threads and w_logtest_conf.max_sessions to int
@JcabreraC
Fixed unit tests after review
16a624d
@JcabreraC
Changed warning messages to warning_menssage.h
d9e943f
@Lopuiz @JcabreraC
Remove unnecessary mutex
e52adcd
@JcabreraC
Modified EventList structure
8ee9d43
@JcabreraC
Modified Rules hash table structures and functions
9565c04
@Lopuiz @JcabreraC
Modify FTS functions and variables to works with wazuh-logtest
0541ecd
@Lopuiz @JcabreraC
Modify accumulate functions and variables to works with wazuh-logtest
8aa052b
@Lopuiz @JcabreraC
- Add function to initialize FTS engine in Wazuh Logtest
7dde433 
- Document accumulator.h, logtest.h and fts.h
@JcabreraC
Checked inactive sessions
72cf5d1
@Lopuiz @JcabreraC
- Implement function to initialize and remove Logtest client session
f1098a5 
- Modify decoders and cdb list flow to work with wazuh-logtest
- Document the CDB list, rules list, and decoders list
@juliancnn
ReadDecodeXML & Rules_OP_ReadRules - Remove error and warning (#5532)
7b89e90 
* Remove errors and warnings

Remove merror and mwarn from ReadDecodeXML, Rules_OP_ReadRules and other functions for internal use,
instead, errors are returned by parameters
@Lopuiz
Merge branch 'develop' into feature/5337-logtest-enhancement
327a2a8
@Lopuiz @JcabreraC
Fix compilation error in old versions of GCC
fbfecd6
@juliancnn @JcabreraC
Fix cmake for Analysisd test
281aacc
@vikman90 vikman90 changed the base branch from develop to master September 25, 2020 08:02
@vicferpoy vicferpoy force-pushed the feature/5590-dev-logtest-framework branch from 1fe0f87 to 18a502c Compare October 14, 2020 14:34
@vicferpoy vicferpoy changed the base branch from master to feature/5337-logtest-enhancement October 19, 2020 10:55
davidjiglesias
davidjiglesias requested changes Oct 19, 2020
View reviewed changes
Copy link
Copy Markdown
Member

@davidjiglesias davidjiglesias left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add CHANGELOG update

davidjiglesias
davidjiglesias requested changes Oct 22, 2020
View reviewed changes
Comment thread framework/wazuh/core/exception.py Outdated
Comment thread framework/wazuh/core/exception.py Outdated
Comment thread framework/wazuh/logtest.py Outdated
Comment thread framework/wazuh/core/wazuh_socket.py
@davidjiglesias davidjiglesias merged commit 59b37c2 into feature/5337-logtest-enhancement Oct 22, 2020
@davidjiglesias davidjiglesias deleted the feature/5590-dev-logtest-framework branch October 22, 2020 09:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@davidjiglesias davidjiglesias davidjiglesias approved these changes

Assignees

@vicferpoy vicferpoy

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

[Framework] Add support for new logtest tool

7 participants

@vicferpoy @davidjiglesias @Lopuiz @FernandoCP @JcabreraC @juliancnn @jnasselle