Skip to content

Commit 90c8c52

Browse files
spanchal-crestspanchal-crest
committed
chore: ADDON-80802 Fixed the unit test case
1 parent dc1ca8e commit 90c8c52

File tree

5 files changed

+133
-110
lines changed

5 files changed

+133
-110
lines changed

pytest_splunk_addon/event_ingestors/hec_event_ingestor.py

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,8 @@ def ingest(self, events, thread_count):
6060
"sourcetype": "sample_HEC",
6161
"source": "sample_source",
6262
"host": "sample_host",
63-
"event": "event_str"
63+
"event": "event_str",
64+
"fields": {"unique_identifier": "uuid"}
6465
}
6566
6667
The format of dictionary for ingesting a batch of events::
@@ -70,13 +71,15 @@ def ingest(self, events, thread_count):
7071
"sourcetype": "sample_HEC",
7172
"source": "sample_source",
7273
"host": "sample_host",
73-
"event": "event_str1"
74+
"event": "event_str1",
75+
"fields": {"unique_identifier": "uuid"}
7476
},
7577
{
7678
"sourcetype": "sample_HEC",
7779
"source": "sample_source",
7880
"host": "sample_host",
79-
"event": "event_str2"
81+
"event": "event_str2",
82+
"fields": {"unique_identifier": "uuid"}
8083
},
8184
]
8285
@@ -92,7 +95,7 @@ def ingest(self, events, thread_count):
9295
"source": event.metadata.get("source", "pytest_splunk_addon:hec:event"),
9396
"event": event.event,
9497
"index": event.metadata.get("index", "main"),
95-
"fields": {"unique_identifier": event.unique_identifier}
98+
"fields": {"unique_identifier": event.unique_identifier},
9699
}
97100

98101
if event.metadata.get("host_type") in ("plugin", None):

pytest_splunk_addon/fields_tests/test_templates.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -189,7 +189,7 @@ def test_requirements_fields(
189189
if param_value is not None:
190190
basic_search += f" {param}={param_value}"
191191

192-
search = f"search {index_list} {basic_search} unique_identifier=\"{unique_identifier}\" | fields *"
192+
search = f'search {index_list} {basic_search} unique_identifier="{unique_identifier}" | fields *'
193193

194194
self.logger.info(f"Executing the search query: {search}")
195195

tests/unit/tests_standard_lib/test_event_ingestors/conftest.py

Lines changed: 13 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,7 @@
66
@dataclass()
77
class SampleEvent:
88
event: str
9+
unique_identifier: str
910
metadata: dict
1011
sample_name: str
1112
key_fields: dict = None
@@ -17,6 +18,7 @@ def modinput_events():
1718
return [
1819
SampleEvent(
1920
event="test_modinput_1 host=modinput_host_event_time_plugin.samples_1",
21+
unique_identifier="uuid",
2022
key_fields={"host": ["modinput_host_event_time_plugin.samples_1"]},
2123
metadata={
2224
"sourcetype": "test:indextime:sourcetype:modinput_host_event_time_plugin",
@@ -33,6 +35,7 @@ def modinput_events():
3335
),
3436
SampleEvent(
3537
event="test_modinput_2 host=modinput_host_event_time_plugin.samples_2",
38+
unique_identifier="uuid",
3639
key_fields={"host": ["modinput_host_event_time_plugin.samples_2"]},
3740
metadata={
3841
"sourcetype": "test:indextime:sourcetype:modinput_host_event_time_plugin",
@@ -49,6 +52,7 @@ def modinput_events():
4952
),
5053
SampleEvent(
5154
event="fake event nothing happened",
55+
unique_identifier="uuid",
5256
key_fields={},
5357
metadata={
5458
"host_type": "plugin",
@@ -73,18 +77,21 @@ def modinput_posts_sent():
7377
'"source": "pytest-splunk-addon:modinput", '
7478
'"event": "test_modinput_1 host=modinput_host_event_time_plugin.samples_1", '
7579
'"index": "main", '
80+
'"fields": {"unique_identifier": "uuid"}, '
7681
'"host": "modinput_host_event_time_plugin.samples_1"'
7782
"}, {"
7883
'"sourcetype": "test:indextime:sourcetype:modinput_host_event_time_plugin", '
7984
'"source": "pytest-splunk-addon:modinput", '
8085
'"event": "test_modinput_2 host=modinput_host_event_time_plugin.samples_2", '
8186
'"index": "main", '
87+
'"fields": {"unique_identifier": "uuid"}, '
8288
'"host": "modinput_host_event_time_plugin.samples_2"'
8389
"}, {"
8490
'"sourcetype": "pytest_splunk_addon", '
8591
'"source": "pytest_splunk_addon:hec:event", '
8692
'"event": "fake event nothing happened", '
8793
'"index": "fake_index", '
94+
'"fields": {"unique_identifier": "uuid"}, '
8895
'"host": "fake host", '
8996
'"time": 1234.5678'
9097
"}]",
@@ -98,6 +105,7 @@ def file_monitor_events():
98105
SampleEvent(
99106
event="host=test-host-file_monitor_host_prefix.sample-2 Test for host_prefix file_monitor"
100107
"host=test-host-file_monitor_host_prefix.sample-4 Test for host_prefix file_monitor",
108+
unique_identifier="uuid",
101109
metadata={
102110
"interval": "60",
103111
"earliest": "-60s",
@@ -118,6 +126,7 @@ def file_monitor_events():
118126
SampleEvent(
119127
event="test_failing_1 src=10.1.0.81 dest_ip=10.100.0.91 src_port=4889 dest_port=21 "
120128
"dvc=172.16.22.73 user=user297 test_list_all=a test_email=user297@email.com",
129+
unique_identifier="uuid",
121130
metadata={
122131
"sourcetype": "test:indextime:failing",
123132
"host_type": "plugin",
@@ -135,6 +144,7 @@ def file_monitor_events():
135144
),
136145
SampleEvent(
137146
event="fake event nothing happened src=0.0.0.0 src_port=5050 dest=10.0.0.1 dest_port=6060",
147+
unique_identifier="uuid",
138148
metadata={
139149
"input_type": "file_monitor",
140150
"index": "fake_index",
@@ -223,6 +233,7 @@ def requirement_events():
223233
return [
224234
SampleEvent(
225235
event="requirement event",
236+
unique_identifier="uuid",
226237
metadata={
227238
"source": "requirement source",
228239
"sourcetype": "requirement source type",
@@ -245,6 +256,7 @@ def sc4s_events():
245256
return [
246257
SampleEvent(
247258
event='sc4s-host-plugin-time-sample-31 EPOEvents - EventFwd [agentInfo@3401 tenantId="1" bpsId="1" tenantGUID="50486da4-b851-47eb-9e27-a3337f14522f',
259+
unique_identifier="uuid",
248260
metadata={
249261
"timestamp_type": "event",
250262
"sourcetype": "mcafee:epo:syslog",
@@ -261,6 +273,7 @@ def sc4s_events():
261273
),
262274
SampleEvent(
263275
event='sc4s-host-plugin-time-sample-32 EPOEvents - EventFwd [agentInfo@3401 tenantId="1" bpsId="1" tenantGUID="523efa00-cb66-4682-8ad7-c8b800adabd1"',
276+
unique_identifier="uuid",
264277
metadata={
265278
"timestamp_type": "event",
266279
"sourcetype": "mcafee:epo:syslog",

tests/unit/tests_standard_lib/test_fields_tests/test_test_generator.py

Lines changed: 106 additions & 103 deletions
Original file line numberDiff line numberDiff line change
@@ -411,115 +411,118 @@ def test_generate_field_tests(
411411
assert param_mock.call_count == len(expected_output)
412412

413413

414-
@pytest.mark.parametrize(
415-
"tokenised_events, expected_output",
416-
[
417-
(
418-
[
419-
SampleEvent(
420-
event_string="escaped_event",
421-
metadata={
422-
"input_type": "modinput",
423-
"sourcetype_to_search": "dummy_sourcetype",
424-
"host": "dummy_host",
425-
},
426-
sample_name="file1.xml",
427-
requirement_test_data={
428-
"cim_fields": {
429-
"dest": "192.168.0.1",
430-
"severity": "low",
431-
"signature_id": "405001",
432-
"src": "192.168.0.1",
433-
"type": "event",
414+
with patch("uuid.uuid4", return_value="uuid"):
415+
@pytest.mark.parametrize(
416+
"tokenised_events, expected_output",
417+
[
418+
(
419+
[
420+
SampleEvent(
421+
event_string="escaped_event",
422+
metadata={
423+
"input_type": "modinput",
424+
"sourcetype_to_search": "dummy_sourcetype",
425+
"host": "dummy_host",
434426
},
435-
"exceptions": {"mane_1": "value_1", "dest": "192.168.0.1"},
436-
"other_fields": {
437-
"vendor_product": "Pytest Splunk Addon",
438-
"target_users": "dummy.user@splunk.com",
427+
sample_name="file1.xml",
428+
requirement_test_data={
429+
"cim_fields": {
430+
"dest": "192.168.0.1",
431+
"severity": "low",
432+
"signature_id": "405001",
433+
"src": "192.168.0.1",
434+
"type": "event",
435+
},
436+
"exceptions": {"mane_1": "value_1", "dest": "192.168.0.1"},
437+
"other_fields": {
438+
"vendor_product": "Pytest Splunk Addon",
439+
"target_users": "dummy.user@splunk.com",
440+
},
439441
},
440-
},
441-
),
442-
SampleEvent(
443-
event_string="escaped_event",
444-
metadata={
445-
"input_type": "syslog_tcp",
446-
"sourcetype_to_search": "dummy_sourcetype",
447-
"host": "dummy_host_syslog",
448-
},
449-
sample_name="file1.xml",
450-
requirement_test_data={},
451-
),
452-
SampleEvent(
453-
event_string="escaped_event",
454-
metadata={
455-
"input_type": "syslog_tcp",
456-
"sourcetype_to_search": "dummy_sourcetype",
457-
"host": "dummy_host_syslog",
458-
},
459-
sample_name="file1.xml",
460-
requirement_test_data={
461-
"cim_fields": {
462-
"src": "192.168.0.1",
463-
"type": "event",
442+
),
443+
SampleEvent(
444+
event_string="escaped_event",
445+
metadata={
446+
"input_type": "syslog_tcp",
447+
"sourcetype_to_search": "dummy_sourcetype",
448+
"host": "dummy_host_syslog",
464449
},
465-
"exceptions": {},
466-
"other_fields": {
467-
"vendor_product": "Pytest Splunk Addon",
468-
"target_users": "dummy.user@splunk.com",
450+
sample_name="file1.xml",
451+
requirement_test_data={},
452+
),
453+
SampleEvent(
454+
event_string="escaped_event",
455+
metadata={
456+
"input_type": "syslog_tcp",
457+
"sourcetype_to_search": "dummy_sourcetype",
458+
"host": "dummy_host_syslog",
469459
},
470-
},
471-
),
472-
],
473-
[
474-
(
475-
{
476-
"escaped_event": "escaped_event",
477-
"fields": {
478-
"severity": "low",
479-
"signature_id": "405001",
480-
"src": "192.168.0.1",
481-
"type": "event",
482-
"vendor_product": "Pytest Splunk Addon",
483-
"target_users": "dummy.user@splunk.com",
460+
sample_name="file1.xml",
461+
requirement_test_data={
462+
"cim_fields": {
463+
"src": "192.168.0.1",
464+
"type": "event",
465+
},
466+
"exceptions": {},
467+
"other_fields": {
468+
"vendor_product": "Pytest Splunk Addon",
469+
"target_users": "dummy.user@splunk.com",
470+
},
484471
},
485-
"modinput_params": {"sourcetype": "dummy_sourcetype"},
486-
},
487-
"sample_name::file1.xml::host::dummy_host",
488-
),
489-
(
490-
{
491-
"escaped_event": "escaped_event",
492-
"fields": {
493-
"src": "192.168.0.1",
494-
"type": "event",
495-
"vendor_product": "Pytest Splunk Addon",
496-
"target_users": "dummy.user@splunk.com",
472+
),
473+
],
474+
[
475+
(
476+
{
477+
"escaped_event": "escaped_event",
478+
"fields": {
479+
"severity": "low",
480+
"signature_id": "405001",
481+
"src": "192.168.0.1",
482+
"type": "event",
483+
"vendor_product": "Pytest Splunk Addon",
484+
"target_users": "dummy.user@splunk.com",
485+
},
486+
"modinput_params": {"sourcetype": "dummy_sourcetype"},
487+
"unique_identifier": "uuid",
497488
},
498-
"modinput_params": {"sourcetype": "dummy_sourcetype"},
499-
},
500-
"sample_name::file1.xml::host::dummy_host_syslog",
501-
),
502-
],
503-
),
504-
],
505-
)
506-
def test_generate_requirement_tests(tokenised_events, expected_output):
507-
with patch.object(
508-
xml_event_parser, "strip_syslog_header", return_value="escaped_event"
509-
), patch.object(
510-
xml_event_parser, "escape_char_event", return_value="escaped_event"
511-
), patch.object(
512-
pytest, "param", side_effect=lambda x, id: (x, id)
513-
) as param_mock:
514-
out = list(
515-
FieldTestGenerator(
516-
"app_path",
517-
tokenised_events,
518-
"field_bank",
519-
).generate_requirements_tests()
520-
)
521-
assert out == expected_output
522-
assert param_mock.call_count == len(expected_output)
489+
"sample_name::file1.xml::host::dummy_host",
490+
),
491+
(
492+
{
493+
"escaped_event": "escaped_event",
494+
"fields": {
495+
"src": "192.168.0.1",
496+
"type": "event",
497+
"vendor_product": "Pytest Splunk Addon",
498+
"target_users": "dummy.user@splunk.com",
499+
},
500+
"modinput_params": {"sourcetype": "dummy_sourcetype"},
501+
"unique_identifier": "uuid",
502+
},
503+
"sample_name::file1.xml::host::dummy_host_syslog",
504+
),
505+
],
506+
),
507+
],
508+
)
509+
def test_generate_requirement_tests(tokenised_events, expected_output):
510+
with patch.object(
511+
xml_event_parser, "strip_syslog_header", return_value="escaped_event"
512+
), patch.object(
513+
xml_event_parser, "escape_char_event", return_value="escaped_event"
514+
), patch.object(
515+
pytest, "param", side_effect=lambda x, id: (x, id)
516+
) as param_mock:
517+
out = list(
518+
FieldTestGenerator(
519+
"app_path",
520+
tokenised_events,
521+
"field_bank",
522+
).generate_requirements_tests()
523+
)
524+
assert out == expected_output
525+
assert param_mock.call_count == len(expected_output)
523526

524527

525528
@pytest.mark.parametrize(

0 commit comments

Comments
 (0)