Listen for events and forward to external security scanning services.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

processing_test.go 2.6KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748
  1. package main
  2. import (
  3. "fmt"
  4. "os"
  5. "testing"
  6. "github.com/streadway/amqp"
  7. "github.com/stretchr/testify/assert"
  8. )
  9. func TestProcessWaitingEvent(t *testing.T) {
  10. var delivery amqp.Delivery
  11. openstackActions := connectFakeOpenstack()
  12. delivery.Body = []byte(securityGroupRuleCreateWithIcmpAndCider)
  13. event, err := processWaitingEvent(delivery, openstackActions)
  14. if err != nil {
  15. t.Fatal(err)
  16. }
  17. _ = event
  18. }
  19. func TestLogEvents(t *testing.T) {
  20. hostName, _ := os.Hostname()
  21. IPList := []string{"10.0.0.1", "10.0.0.3"}
  22. logLines := []string{fmt.Sprintf(`{"security_group_rule":{"remote_group_id":null,"direction":"ingress","protocol":"icmp","remote_ip_prefix":"192.168.1.0/24","port_range_max":null,"rule_direction":"","security_group_id":"46d46540-98ac-4c93-ae62-68dddab2282e","tenant_id":"ada3b9b0dbac429f9361e803b54f5f32","port_range_min":null,"ethertype":"IPv4","id":"66d7ac79-3551-4436-83c7-103b50760cfb"},"affected_ip_address":"10.0.0.1","change_type":"sg_rule_add","source_type":"osel","source_message_bus":"%s"}`, hostName), fmt.Sprintf(`{"security_group_rule":{"remote_group_id":null,"direction":"ingress","protocol":"icmp","remote_ip_prefix":"192.168.1.0/24","port_range_max":null,"rule_direction":"","security_group_id":"46d46540-98ac-4c93-ae62-68dddab2282e","tenant_id":"ada3b9b0dbac429f9361e803b54f5f32","port_range_min":null,"ethertype":"IPv4","id":"66d7ac79-3551-4436-83c7-103b50760cfb"},"affected_ip_address":"10.0.0.3","change_type":"sg_rule_add","source_type":"osel","source_message_bus":"%s"}`, hostName)}
  23. logger := connectFakeSyslog()
  24. qualys := connectFakeQualys()
  25. IPs := make(map[string][]string)
  26. IPs["46d46540-98ac-4c93-ae62-68dddab2282e"] = IPList
  27. fakeEvent := Event{
  28. RawData: []byte(securityGroupRuleCreateWithIcmpAndCider),
  29. LogLines: logLines,
  30. Processor: EventSecurityGroupRuleChange{ChangeType: "sg_rule_add"},
  31. IPs: IPs,
  32. }
  33. events := []Event{fakeEvent}
  34. logEvents(events, logger, qualys)
  35. savedLogs := logger.GetLogs()
  36. assert.Equal(t, 2, len(savedLogs))
  37. logLine1 := fmt.Sprintf(`{"affected_ip_address":"10.0.0.1","change_type":"sg_rule_add","qualys_scan_id":"","qualys_scan_error":"Not scanned by Qualys","security_group_rule":{"remote_group_id":null,"direction":"ingress","protocol":"icmp","remote_ip_prefix":"192.168.1.0/24","port_range_max":null,"rule_direction":"","security_group_id":"46d46540-98ac-4c93-ae62-68dddab2282e","tenant_id":"ada3b9b0dbac429f9361e803b54f5f32","port_range_min":null,"ethertype":"IPv4","id":"66d7ac79-3551-4436-83c7-103b50760cfb"},"source_type":"osel1.1","source_message_bus":"%s"}`, hostName)
  38. assert.Equal(t, logLine1, savedLogs[0])
  39. }