diff --git a/pytest_splunk_addon/standard_lib/event_ingestors/requirement_event_ingester.py b/pytest_splunk_addon/standard_lib/event_ingestors/requirement_event_ingester.py index 7b6e7080..4dddcba1 100644 --- a/pytest_splunk_addon/standard_lib/event_ingestors/requirement_event_ingester.py +++ b/pytest_splunk_addon/standard_lib/event_ingestors/requirement_event_ingester.py @@ -162,6 +162,25 @@ def get_events(self): LOGGER.info( f"sending data transport_type:forwarder/uf_file_monitor filename:{filename} " ) + elif transport_type in ( + "scripted_input", + "scripted input", + "hec_raw", + ): + transport_type = "scripted_input" + host, source, sourcetype = self.extract_params( + event_tag + ) + LOGGER.info( + f"sending data transport_type:scripted_input or hec_raw filename:{filename} " + ) + elif transport_type == "file_monitor": + host, source, sourcetype = self.extract_params( + event_tag + ) + LOGGER.info( + f"sending data transport_type:file_monitor filename:{filename} " + ) else: transport_type = "default" unescaped_event = self.extract_raw_events(event_tag) diff --git a/pytest_splunk_addon/standard_lib/requirement_tests/test_generator.py b/pytest_splunk_addon/standard_lib/requirement_tests/test_generator.py index f0f829ee..c99a0367 100644 --- a/pytest_splunk_addon/standard_lib/requirement_tests/test_generator.py +++ b/pytest_splunk_addon/standard_lib/requirement_tests/test_generator.py @@ -150,6 +150,11 @@ def generate_cim_req_params(self): "dbx", "windows_input", "hec_event", + "scripted_input", + "scripted input", + "hec_raw", + "file_monitor", + "forwarder", ): host, source, sourcetype = self.extract_params(event_tag) host, source, sourcetype = self.escape_host_src_srctype( @@ -160,18 +165,8 @@ def generate_cim_req_params(self): "source": source, "sourcetype": sourcetype, } - elif transport_type.lower() == "forwarder": - host, source, sourcetype = self.extract_params(event_tag) - host, source, sourcetype = self.escape_host_src_srctype( - host, source, sourcetype - ) - transport_type_params = { - "host": host, - "source": source, - "sourcetype": sourcetype, - } else: - # todo: non syslog/modinput events are skipped currently until we support it + # todo: non syslog/modinput/non forwarder/scripted_input events are skipped currently until we support it continue escaped_event = self.escape_char_event(unescaped_event) diff --git a/tests/constants.py b/tests/constants.py index 879b5f7c..f144fe4e 100644 --- a/tests/constants.py +++ b/tests/constants.py @@ -770,3 +770,12 @@ TA_REQUIREMENTS_UF_FAILED = [ "*test_splunk_app_requirements_uf.py::Test_App::test_requirement_params* FAILED*", ] + +TA_REQUIREMENTS_SCRIPTED_PASSED = [ + "*test_splunk_app_requirements_scripted.py::Test_App::test_events_with_untokenised_values* PASSED*", + "*test_splunk_app_requirements_scripted.py::Test_App::test_requirement_params* PASSED*", +] + +TA_REQUIREMENTS_SCRIPTED_FAILED = [ + "*test_splunk_app_requirements_scripted.py::Test_App::test_requirement_params* FAILED*", +] diff --git a/tests/requirement_test_scripted/sample_requirement_test_scripted.log b/tests/requirement_test_scripted/sample_requirement_test_scripted.log new file mode 100644 index 00000000..c295115a --- /dev/null +++ b/tests/requirement_test_scripted/sample_requirement_test_scripted.log @@ -0,0 +1,37 @@ + + + Nix + Nix + + + + + + + + + Unix service information. Data is collected from live instance. Data is generated from systemctl command. + + + + + + + Endpoint:Services + + + + + + + + + + service_id + service_path + user + + + + + diff --git a/tests/requirement_test_scripted/sample_requirement_test_scripted_failure.log b/tests/requirement_test_scripted/sample_requirement_test_scripted_failure.log new file mode 100644 index 00000000..85ac5c9c --- /dev/null +++ b/tests/requirement_test_scripted/sample_requirement_test_scripted_failure.log @@ -0,0 +1,38 @@ + + + Nix + Nix + + + + + + + + + Unix service information. Data is collected from live instance. Data is generated from systemctl command. + + + + + + + Endpoint:Services + + + + + + + + + + + service_id + service_path + user + + + + + diff --git a/tests/requirement_test_uf/sample_requirement_test_uf_failure.log b/tests/requirement_test_uf/sample_requirement_test_uf_failure.log index c13c9c67..c4668422 100644 --- a/tests/requirement_test_uf/sample_requirement_test_uf_failure.log +++ b/tests/requirement_test_uf/sample_requirement_test_uf_failure.log @@ -5,7 +5,7 @@ - + Logs for Failed login attempt.(Live Sample) diff --git a/tests/test_splunk_addon.py b/tests/test_splunk_addon.py index f9931e57..ac24283c 100644 --- a/tests/test_splunk_addon.py +++ b/tests/test_splunk_addon.py @@ -54,6 +54,12 @@ def setup_test_dir(testdir): ), os.path.join(testdir.tmpdir, "tests/requirement_test_uf"), ) + shutil.copytree( + os.path.join( + testdir.request.config.invocation_dir, "tests/requirement_test_scripted" + ), + os.path.join(testdir.tmpdir, "tests/requirement_test_scripted"), + ) shutil.copy( os.path.join(testdir.request.config.invocation_dir, "Dockerfile.splunk"), @@ -640,3 +646,50 @@ def empty_method(): # make sure that that we get a non '0' exit code for the testsuite as it contains failure assert result.ret != 0 + + +@pytest.mark.docker +def test_splunk_app_requirements_scripted(testdir): + """Make sure that pytest accepts our fixture.""" + + testdir.makepyfile( + """ + from pytest_splunk_addon.standard_lib.addon_basic import Basic + class Test_App(Basic): + def empty_method(): + pass + """ + ) + + shutil.copytree( + os.path.join(testdir.request.fspath.dirname, "addons/TA_requirement_test_uf"), + os.path.join(testdir.tmpdir, "package"), + ) + + setup_test_dir(testdir) + SampleGenerator.clean_samples() + Rule.clean_rules() + + # run pytest with the following cmd args + result = testdir.runpytest( + "--splunk-type=docker", + "-v", + "-m splunk_searchtime_requirements", + "--search-interval=4", + "--search-retry=4", + "--search-index=*,_internal", + "--requirement-test=tests/requirement_test_scripted", + ) + logger.info(result.outlines) + logger.info(len(constants.TA_REQUIREMENTS_SCRIPTED_PASSED)) + logger.info(len(constants.TA_REQUIREMENTS_SCRIPTED_FAILED)) + result.stdout.fnmatch_lines_random( + constants.TA_REQUIREMENTS_SCRIPTED_PASSED + + constants.TA_REQUIREMENTS_SCRIPTED_FAILED + ) + result.assert_outcomes( + passed=len(constants.TA_REQUIREMENTS_SCRIPTED_PASSED), failed=1 + ) + + # make sure that that we get a non '0' exit code for the testsuite as it contains failure + assert result.ret != 0