forked from SpiderLabs/OWASP-CRS-regressions
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathCRS_Tests_Journal.py
59 lines (54 loc) · 2.05 KB
/
CRS_Tests_Journal.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
from ftw import ruleset, logchecker, testrunner
import pytest
import sys
import re
import os
import ConfigParser
def test_crs(ruleset, test, logchecker_obj, with_journal, tablename, destaddr):
runner = testrunner.TestRunner()
for stage in test.stages:
if destaddr is not None:
stage.input.dest_addr = destaddr
runner.run_stage_with_journal(test.ruleset_meta['name'], test, with_journal, tablename, logchecker_obj)
class FooLogChecker(logchecker.LogChecker):
def reverse_readline(self, filename):
with open(filename) as f:
f.seek(0, os.SEEK_END)
position = f.tell()
line = ''
while position >= 0:
f.seek(position)
next_char = f.read(1)
if next_char == "\n":
yield line[::-1]
line = ''
else:
line += next_char
position -= 1
yield line[::-1]
def get_logs(self):
import datetime
config = ConfigParser.ConfigParser()
config.read("settings.ini")
log_location = config.get('settings', 'log_location')
our_logs = []
pattern = re.compile(r"\[([A-Z][a-z]{2} [A-z][a-z]{2} \d{1,2} \d{1,2}\:\d{1,2}\:\d{1,2}\.\d+? \d{4})\]")
for lline in self.reverse_readline(log_location):
# Extract dates from each line
match = re.match(pattern,lline)
if match:
log_date = match.group(1)
# Convert our date
log_date = datetime.datetime.strptime(log_date, "%a %b %d %H:%M:%S.%f %Y")
ftw_start = self.start
ftw_end = self.end
# If we have a log date in range
if log_date <= ftw_end and log_date >= ftw_start:
our_logs.append(lline)
# If our log is from before FTW started stop
if(log_date < ftw_start):
break
return our_logs
@pytest.fixture
def logchecker_obj():
return FooLogChecker()