Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Testcases for all PAWS collectors #318

Open
wants to merge 39 commits into
base: master
Choose a base branch
from
Open

Testcases for all PAWS collectors #318

Show file tree
Hide file tree
Changes from 22 commits
Commits
Show all changes
39 commits
Select commit Hold shift + click to select a range
8c8ed05
Auth0 Testcase Added
Pranav-Arya37 Jan 24, 2023
2786637
Merge branch 'alertlogic:master' into pranav-fork-branch
Pranav-Arya37 Jan 24, 2023
1358bbd
updated package.json version for auth0 collector
Pranav-Arya37 Jan 24, 2023
5d69890
Added Test Cases for auth0_collector
Pranav-Arya37 Jan 25, 2023
4770616
Merge branch 'alertlogic:master' into pranav-fork-branch
Pranav-Arya37 Jan 25, 2023
957c049
updated package.json version for auth0 collector
Pranav-Arya37 Jan 25, 2023
c44b581
changes in package.json test scripts
Pranav-Arya37 Jan 25, 2023
edeab5e
Merge branch 'alertlogic:master' into pranav-fork-branch
Pranav-Arya37 Jan 27, 2023
a50b6c4
Auth0 Testcase Added
Pranav-Arya37 Jan 24, 2023
2011867
updated package.json version for auth0 collector
Pranav-Arya37 Jan 24, 2023
c0367db
Added Test Cases for auth0_collector
Pranav-Arya37 Jan 25, 2023
f9f996a
changes in package.json test scripts
Pranav-Arya37 Jan 25, 2023
b74653a
updated auth0_mock.js and auth0_test.js
Pranav-Arya37 Jan 27, 2023
7eccf99
changes in package.json test scripts
Pranav-Arya37 Jan 25, 2023
2db7796
Merge branch 'pranav-fork-branch' of https://github.com/Pranav-Arya37…
Pranav-Arya37 Jan 29, 2023
bb85165
Merge branch 'alertlogic:master' into pranav-fork-branch
Pranav-Arya37 Jan 30, 2023
d028934
changes in auth0_mock.js and auth0_test.js
Pranav-Arya37 Jan 31, 2023
ec6bb05
updated package.json version
Pranav-Arya37 Feb 1, 2023
0676e48
updated auth0_test.js and utils_test.js
Pranav-Arya37 Feb 2, 2023
078ffd9
Merge branch 'alertlogic:master' into pranav-fork-branch
Pranav-Arya37 Feb 8, 2023
9ed908b
carbon black testcases added
Pranav-Arya37 Feb 9, 2023
fc03856
Merge branch 'pranav-fork-branch' of https://github.com/Pranav-Arya37…
Pranav-Arya37 Feb 9, 2023
8ea7473
updated log format testcase for auth0
Pranav-Arya37 Feb 17, 2023
e14dd72
updated testcase
Pranav-Arya37 Feb 17, 2023
6574067
added testcase for googlestackdriver when the difference between the …
Pranav-Arya37 Feb 17, 2023
0f985df
testcases added for crowdstrike
Pranav-Arya37 Feb 17, 2023
a77f036
updated version in package.json
Pranav-Arya37 Feb 17, 2023
293c68e
added one testcase for googlestackdriver
Pranav-Arya37 Feb 20, 2023
d64d6aa
added testcases for gsuite collector
Pranav-Arya37 Feb 22, 2023
a198c8e
added testcases for salesforce collector
Pranav-Arya37 Feb 23, 2023
954c5e9
added testcases for sentinelone collector
Pranav-Arya37 Feb 23, 2023
b0868e4
testcases added for sophossiem collector
Pranav-Arya37 Feb 27, 2023
2d7fa17
added testcases for sophos collector
Pranav-Arya37 Feb 27, 2023
c09c93b
added testcases for office365 collector
Pranav-Arya37 Feb 27, 2023
c2027a5
changes in office365 PR
Pranav-Arya37 Feb 28, 2023
e801301
added few more testcases for carbonblack
Pranav-Arya37 Feb 28, 2023
9eaf5d0
added testcases for ciscoamp collector
Pranav-Arya37 Feb 28, 2023
b9cdde7
added one testcase for crowdstrike collector
Pranav-Arya37 Feb 28, 2023
ab6cd63
added testcases for ciscoduo collector
Pranav-Arya37 Feb 28, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion collectors/auth0/package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "auth0-collector",
"version": "1.1.44",
"version": "1.1.45",
"description": "Alert Logic AWS based Auth0 Log Collector extension",
"repository": {},
"private": true,
Expand Down
2 changes: 1 addition & 1 deletion collectors/auth0/test/auth0_mock.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ const AUTH0_LOG_EVENT = {
"log_id": "90020200113151943625000993024408641221974042823186448498",
"_id": "90020200113151943625000993024408641221974042823186448498",
"isMobile": false
};
};

const FUNCTION_ARN = 'arn:aws:lambda:us-east-1:352283894008:function:test-01-CollectLambdaFunction-2CWNLPPW5XO8';
const FUNCTION_NAME = 'test-TestCollectLambdaFunction-1JNNKQIPOTEST';
Expand Down
42 changes: 42 additions & 0 deletions collectors/auth0/test/auth0_test.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -154,6 +154,48 @@ describe('Unit Tests', function () {
done();
});
});

it('log format when type is null or undefined', function (done) {
let ctx = {
invokedFunctionArn: auth0Mock.FUNCTION_ARN,
fail: function (error) {
assert.fail(error);
done();
},
succeed: function () {
done();
}
};

Auth0Collector.load().then(function (creds) {
var collector = new Auth0Collector(ctx, creds);
auth0Mock.AUTH0_LOG_EVENT.type = null;
let fmt = collector.pawsFormatLog(auth0Mock.AUTH0_LOG_EVENT.type);
assert.equal(fmt.messageTypeId, undefined);
done();
});
});

it('log format when date is null or undefined', function (done) {
let ctx = {
invokedFunctionArn: auth0Mock.FUNCTION_ARN,
fail: function (error) {
assert.fail(error);
done();
},
succeed: function () {
done();
}
};

Auth0Collector.load().then(function (creds) {
var collector = new Auth0Collector(ctx, creds);
auth0Mock.AUTH0_LOG_EVENT.date=null;
let fmt = collector.pawsFormatLog(auth0Mock.AUTH0_LOG_EVENT.date);
Pranav-Arya37 marked this conversation as resolved.
Show resolved Hide resolved
assert.equal(fmt.messageTsUs, undefined);
done();
});
});
});

describe('pawsGetLogs', function () {
Expand Down
30 changes: 30 additions & 0 deletions collectors/auth0/test/utils_test.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,36 @@ describe('Unit Tests', function () {
});
});

describe('Get API Logs with error', function () {
it('Get API Logs with error', function (done) {
getLogsStub = sinon.stub(auth0Client, 'getLogs').callsFake(
function fakeFn() {
return new Promise(function (resolve, reject) {
return reject({ statusCode: 503,
error: "Service Unavailable",
message: "The API service is temporarily unavailable, please try again later"
});
});
});

const startDate = moment().subtract(5, 'minutes');
let state = {
since: startDate.toISOString(),
poll_interval_sec: 1
};
let maxPagesPerInvocation = 5;
let accumulator = [];

utils.getAPILogs(auth0Client, state, accumulator, maxPagesPerInvocation)
.catch(err => {
assert.equal(err.message, "The API service is temporarily unavailable, please try again later", "Error message is not correct");
getLogsStub.restore();
done();
});
});
});


describe('Get API Logs with last log id', function () {
it('Get API Logs with last log id', function (done) {
getLogsStub = sinon.stub(auth0Client, 'getLogs').callsFake(
Expand Down
2 changes: 2 additions & 0 deletions collectors/carbonblack/test/carbonblack_mock.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,8 @@ process.env.paws_api_secret = "api-secret";
process.env.collector_streams = "[\"AuditLogEvents\", \"SearchAlerts\",\"SearchAlertsCBAnalytics\", \"SearchAlertsWatchlist\"]";
process.env.paws_collector_param_string_2 = "carbonblackOrgKey";
process.env.paws_endpoint = "https://api-url.conferdeploy.net";
process.env.collector_streams_null = "[\"AuditLogEventsCB\", \"SearchAlertsCB\",\"SearchAlertsCBAnalyticsCB\", \"SearchAlertsWatchlistCB\"]";
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

collector_streams_null what is the purpose of adding this env variable?

Copy link
Author

@Pranav-Arya37 Pranav-Arya37 Feb 16, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

image

I have added this, to include this default functionality in the test-case

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

rename the variable name collector_streams_null



const AIMS_TEST_CREDS = {
access_key_id: 'test-access-key-id',
Expand Down
99 changes: 99 additions & 0 deletions collectors/carbonblack/test/utils_test.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -115,5 +115,104 @@ describe('Unit Tests', function () {
});
});
});
describe('Get API Logs (GET) with Error', function () {
Pranav-Arya37 marked this conversation as resolved.
Show resolved Hide resolved
it('Get API Logs with Error (GET)', function (done) {
alserviceStub.get = sinon.stub(RestServiceClient.prototype, 'get').callsFake(
function fakeFn(path, extraOptions) {
return new Promise(function (resolve, reject) {
return reject(new Error("Failed to fetch API logs due to an authentication issue"));
});
});
let maxPagesPerInvocation = 5;
const startDate = moment().subtract(5, 'minutes');
let state = {
stream: "AuditLogEvents",
since: startDate.toISOString(),
until: startDate.add(5, 'minutes').toISOString(),
poll_interval_sec: 1
};
let apiDetails = {
url: "url",
method: "GET",
requestBody:"",
typeIdPaths: [{ path: ["eventId"] }],
tsPaths: [{ path: ["eventTime"] }]
};
let accumulator = [];
const apiEndpoint = process.env.paws_endpoint;
const clientSecret = process.env.paws_api_secret;
const clientId = process.env.paws_api_client_id;

utils.getAPILogs(apiDetails, accumulator, apiEndpoint, state, clientSecret, clientId, maxPagesPerInvocation).catch(err => {
assert.equal(err.message, "Failed to fetch API logs due to an authentication issue", "Error message is not correct");
alserviceStub.get.restore();
done();
});
});
});


describe('Get API Logs (POST Request) with Error', function () {
it('Get API Logs with Error (POST)', function (done) {
alserviceStub.post = sinon.stub(RestServiceClient.prototype, 'post').callsFake(
function fakeFn(path, extraOptions) {
return new Promise(function (resolve, reject) {
return reject(new Error("Failed to fetch API logs due to an authentication issue"));
});
});
let maxPagesPerInvocation = 5;
const startDate = moment().subtract(5, 'minutes');
let state = {
stream: "SearchAlerts",
since: startDate.toISOString(),
until: startDate.add(5, 'minutes').toISOString(),
poll_interval_sec: 1
};
let apiDetails = {
url: "url",
method: "POST",
requestBody:{
"criteria": {
"create_time": {
"end": state.until,
"start": state.since
},
},
"rows": 0,
"start": 0
},
typeIdPaths: [{ path: ["id"] }],
tsPaths: [{ path: ["last_update_time"] }]
};
let accumulator = [];
const apiEndpoint = process.env.paws_endpoint;
const clientSecret = process.env.paws_api_secret;
const clientId = process.env.paws_api_client_id;

utils.getAPILogs(apiDetails, accumulator, apiEndpoint, state, clientSecret, clientId, maxPagesPerInvocation).catch(err => {
assert.equal(err.message, "Failed to fetch API logs due to an authentication issue", "Error message is not correct");
alserviceStub.post.restore();
done();
});
});
});

describe('Get API Details when state.stream is null', function () {
it('Get API Details when state.stream is null', function (done) {
const startDate = moment().subtract(5, 'minutes');
const orgKey = "orgKey";
let apiDetails = [];
const apiNames = JSON.parse(process.env.collector_streams_null);
apiNames.map(stream => {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

process.env.collector_streams_null pls rename to proper name

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

pls check the above comment and resolve

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have added the reason, why I have added this code, in this comment. (#318 (comment))

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

rename the variable name collector_streams_null

let state = {
stream: null,
since: startDate.toISOString(),
until: startDate.add(5, 'minutes').toISOString(),
poll_interval_sec: 1
};
apiDetails.push(utils.getAPIDetails(state, orgKey));
});
assert(apiDetails.length == apiNames.length, "apiDetails length is wrong");
done();
});
});