Migrate test_general_setting documentation to qa-docs #2387
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
9 tasks
roronoasins
reviewed
Dec 23, 2021
|
|
||
| references: | ||
| - https://documentation.wazuh.com/current/user-manual/capabilities/vulnerability-detection/index.html | ||
| - https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/vuln-detector.html#ignore-time |
There was a problem hiding this comment.
Suggested change
| - https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/vuln-detector.html#ignore-time | |
| - https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/vuln-detector.html#interval |
There was a problem hiding this comment.
Done in this link
roronoasins
reviewed
Dec 23, 2021
| the wazuh_interval.yaml file. | ||
|
|
||
| expected_output: | ||
| - 'Missing sleep between scans' |
There was a problem hiding this comment.
Suggested change
| - 'Missing sleep between scans' | |
| - r'.* Sleeping for (.*)...' |
There was a problem hiding this comment.
Done in this link
roronoasins
reviewed
Dec 23, 2021
Comment on lines
147
to
149
| - 'Alert did not appear at the start of the test' | ||
| - 'Alert appeared before ignore_time was finished' | ||
| - 'Alert did not appear at the end of the test' |
There was a problem hiding this comment.
Suggested change
| - 'Alert did not appear at the start of the test' | |
| - 'Alert appeared before ignore_time was finished' | |
| - 'Alert did not appear at the end of the test' | |
| - r''.* is vulnerable to .*' |
There was a problem hiding this comment.
Done in this link
roronoasins
reviewed
Dec 23, 2021
Comment on lines
130
to
131
| - 'Could not find vulnerability starting scan log' | ||
| - 'Found starting scan log when run on start is disabled' |
There was a problem hiding this comment.
Suggested change
| - 'Could not find vulnerability starting scan log' | |
| - 'Found starting scan log when run on start is disabled' | |
| - 'Starting vulnerability scan' | |
| - 'Vulnerability scan finished' |
There was a problem hiding this comment.
Done in this link
roronoasins
suggested changes
Dec 23, 2021
roronoasins
reviewed
Dec 24, 2021
| real_nvd_feed.json is used to check for vulnerabilities. | ||
|
|
||
| expected_output: | ||
| - r''.* is vulnerable to .*' |
There was a problem hiding this comment.
I would add time travel callback
Suggested change
| - r''.* is vulnerable to .*' | |
| - r''.* is vulnerable to .*' | |
| - r'.*Sending FIM event: (.+)$' |
There was a problem hiding this comment.
Done in this link
58 tasks
1 task
snaow
approved these changes
Jan 7, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
As part of epic #1796, this PR adds the missing documentation and migrates the current documentation to the new format used by qa-docs.
The schema used is the one defined in issue #1694
Generated documentation
test_general_settings_enabled.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "Wazuh is able to detect vulnerabilities in the applications installed in agents using the Vulnerability Detector module. This software audit is performed through the integration of vulnerability feeds indexed by Redhat, Canonical, Debian, Amazon Linux and NVD Database.", "tier": 0, "modules": [ "vulnerability_detector" ], "components": [ "manager" ], "daemons": [ "wazuh-modulesd", "wazuh-db", "wazuh-analysisd" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/capabilities/vulnerability-detection/index.html", "https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/vuln-detector.html#enabled" ], "tags": [ "settings", "vulnerability", "vulnerability_detector" ], "name": "test_general_settings_enabled.py", "id": 1, "group_id": 0, "path": "tests/integration/test_vulnerability_detector/test_general_settings/test_general_settings_enabled.py", "tests": [ { "description": "Check if the `enabled ` option of the vulnerability detector module is working correctly. To do this, it checks the `ossec.log` file for the message indicating that the vulnerability detector is enabled or disabled.", "wazuh_min_version": "4.2.0", "parameters": [ { "tags_to_apply": { "type": "string", "brief": "Tags used for use cases." } }, { "custom_callback": { "type": "string", "brief": "Custom callback for the use case." } }, { "custom_error_message": { "type": "string", "brief": "The message shows the vulnerability detector state." } }, { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_environment": { "type": "fixture", "brief": "Configure a custom environment for testing." } }, { "restart_modulesd": { "type": "callable", "brief": "Restart the `wazuh-modulesd` daemon." } } ], "assertions": [ "Verify that when the `enabled` option is set to `yes`, the vulnerability detector module is running.", "Verify that when the `enabled` option is set to `no`, the vulnerability detector module is stopped." ], "input_description": [ "Two use cases are found in the test module and include parameters for `enabled` option (`yes` and `no`)." ], "expected_output": [ "r'(.*)wazuh-modulesd:vulnerability-detector(.*)'", "r'DEBUG: Module disabled. Exiting...'", "Vulnerability detector is disabled", "Vulnerability detector is enabled" ], "name": "test_enabled", "inputs": [ "get_configuration0-tags_to_apply0-callback_detect_vulnerability_detector_enabled-Vulnerability detector is disabled", "get_configuration0-tags_to_apply1-callback_detect_vulnerability_detector_disabled-Vulnerability detector is enabled", "get_configuration1-tags_to_apply0-callback_detect_vulnerability_detector_enabled-Vulnerability detector is disabled", "get_configuration1-tags_to_apply1-callback_detect_vulnerability_detector_disabled-Vulnerability detector is enabled" ] } ] }test_general_settings_ignore_time.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "Wazuh is able to detect vulnerabilities in the applications installed in agents using the Vulnerability Detector module. This software audit is performed through the integration of vulnerability feeds indexed by Redhat, Canonical, Debian, Amazon Linux and NVD Database.", "tier": 0, "modules": [ "vulnerability_detector" ], "components": [ "manager" ], "daemons": [ "wazuh-modulesd", "wazuh-db", "wazuh-analysisd" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/capabilities/vulnerability-detection/index.html", "https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/vuln-detector.html#ignore-time" ], "tags": [ "settings", "vulnerability", "vulnerability_detector" ], "name": "test_general_settings_ignore_time.py", "id": 1, "group_id": 0, "path": "tests/integration/test_vulnerability_detector/test_general_settings/test_general_settings_ignore_time.py", "tests": [ { "description": "Check if an alert is not fired during the ignore time interval. To do this, it inserts a custom vulnerability and vulnerable package, it checks the initial vulnerability alert, advances the time clock before the set time, and check that the alert has not been generated. Finally, it advances the time clock just after the set time and checks that the alert has been generated.", "wazuh_min_version": "4.2.0", "parameters": [ { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_environment": { "type": "fixture", "brief": "Configure a custom environment for testing." } }, { "restart_modulesd": { "type": "callable", "brief": "Restart the `wazuh-modulesd` daemon." } }, { "prepare_agent": { "type": "fixture", "brief": "Add a mock agent, add a package to it and insert a vulnerability for that package." } } ], "assertions": [ "Verify that alerts do not appear before ignore time was finished." ], "input_description": [ "Three use cases are found in the test module and include ignore time intervals of 3600s, 60m, and 1h. The file real_nvd_feed.json is used to check for vulnerabilities." ], "expected_output": [ "Alert did not appear at the start of the test", "Alert appeared before ignore_time was finished", "Alert did not appear at the end of the test" ], "name": "test_ignore_time", "inputs": [ "get_configuration0", "get_configuration1", "get_configuration2" ] } ] }test_general_settings_interval.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "Wazuh is able to detect vulnerabilities in the applications installed in agents using the Vulnerability Detector module. This software audit is performed through the integration of vulnerability feeds indexed by Redhat, Canonical, Debian, Amazon Linux and NVD Database.", "tier": 0, "modules": [ "vulnerability_detector" ], "components": [ "manager" ], "daemons": [ "wazuh-modulesd", "wazuh-db", "wazuh-analysisd" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/capabilities/vulnerability-detection/index.html", "https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/vuln-detector.html#ignore-time" ], "tags": [ "settings", "vulnerability", "vulnerability_detector" ], "name": "test_general_settings_interval.py", "id": 1, "group_id": 0, "path": "tests/integration/test_vulnerability_detector/test_general_settings/test_general_settings_interval.py", "tests": [ { "description": "Check if modulesd waits `interval` between one vulnerability detector scan and another. To do this, it checks in the `ossec.log` file appears the corresponding message.", "wazuh_min_version": "4.2.0", "parameters": [ { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_environment": { "type": "fixture", "brief": "Configure a custom environment for testing." } }, { "restart_modulesd": { "type": "callable", "brief": "Restart the `wazuh-modulesd` daemon." } } ], "assertions": [ "Verify that the Vulnerability Detector process thread sleeps the time set, checking `ossec.log` message." ], "input_description": [ "Test cases are defined in the list interval_values and interval_units. This test gets their configuration of the wazuh_interval.yaml file." ], "expected_output": [ "Missing sleep between scans" ], "name": "test_interval", "inputs": [ "1s", "1m", "1h", "1d", "2s", "2m", "2h", "2d", "5s", "5m", "5h", "5d" ] } ] }test_general_settings_run_on_start.json
{ "copyright": "Copyright (C) 2015-2021, Wazuh Inc.\nCreated by Wazuh, Inc. <[email protected]>.\nThis program is free software; you can redistribute it and/or modify it under the terms of GPLv2", "type": "integration", "brief": "Wazuh is able to detect vulnerabilities in the applications installed in agents using the Vulnerability Detector module. This software audit is performed through the integration of vulnerability feeds indexed by Redhat, Canonical, Debian, Amazon Linux and NVD Database.", "tier": 0, "modules": [ "vulnerability_detector" ], "components": [ "manager" ], "daemons": [ "wazuh-modulesd", "wazuh-db", "wazuh-analysisd" ], "os_platform": [ "linux" ], "os_version": [ "Arch Linux", "Amazon Linux 2", "Amazon Linux 1", "CentOS 8", "CentOS 7", "CentOS 6", "Ubuntu Focal", "Ubuntu Bionic", "Ubuntu Xenial", "Ubuntu Trusty", "Debian Buster", "Debian Stretch", "Debian Jessie", "Debian Wheezy", "Red Hat 8", "Red Hat 7", "Red Hat 6" ], "references": [ "https://documentation.wazuh.com/current/user-manual/capabilities/vulnerability-detection/index.html", "https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/vuln-detector.html#run-on-start" ], "tags": [ "settings", "vulnerability", "vulnerability_detector" ], "name": "test_general_settings_run_on_start.py", "id": 1, "group_id": 0, "path": "tests/integration/test_vulnerability_detector/test_general_settings/test_general_settings_run_on_start.py", "tests": [ { "description": "Check if modulesd detects the vulnerability detector scan after starting. To do this, it checks If the parameter run_on_start is set to 'yes'. Modulesd will have to report the vulnerability detector scan. In case of the value 'no', do not report anything.", "wazuh_min_version": "4.2.0", "parameters": [ { "get_configuration": { "type": "fixture", "brief": "Get configurations from the module." } }, { "configure_environment": { "type": "fixture", "brief": "Configure a custom environment for testing." } }, { "restart_modulesd": { "type": "callable", "brief": "Restart the `wazuh-modulesd` daemon." } } ], "assertions": [ "Verify that when the `run_on_start` option is set to `yes`, the vulnerability detector module starts when service starts.", "Verify that when the `run_on_start` option is set to `no`, the vulnerability detector module has not started." ], "input_description": [ "Two use cases are found in the test module and include parameters for `run_on_start` option (`yes` and `no`). The test case uses the custom_nvd_feed.json file as input file to start scanning for vulnerabilities." ], "expected_output": [ "Could not find vulnerability starting scan log", "Found starting scan log when run on start is disabled" ], "name": "test_run_on_start", "inputs": [ "run_on_start_yes", "run_on_start_no" ] } ] }Tests
pycodestyle --max-line-length=120 --show-source --show-pep8 file.py.qa-docstool does not raise any error.