diff --git a/module/options.go b/module/options.go index 746a7dd0b..6d089ca68 100644 --- a/module/options.go +++ b/module/options.go @@ -78,8 +78,13 @@ func GetStringArray(options map[string]interface{}, key string) ([]string, error var value []string if gen, ok := options[key]; ok { value = make([]string, 0) - for _, iface := range gen.([]interface{}) { - value = append(value, iface.(string)) + switch gen.(type) { + case []interface{}: + for _, iface := range gen.([]interface{}) { + value = append(value, iface.(string)) + } + case interface{}: + value = append(value, gen.(string)) } } else { err = errors.New("Required option is missing: " + key + " ([]string)") diff --git a/module/options_test.go b/module/options_test.go index e5494fb0e..b9a4a2b9b 100644 --- a/module/options_test.go +++ b/module/options_test.go @@ -103,3 +103,14 @@ func TestGetStringArrayDefault(tester *testing.T) { assert.Equal(tester, "MyValue1", actual[0]) assert.Equal(tester, "MyValue2", actual[1]) } + +func TestGetStringArrayFromString(tester *testing.T) { + options := make(map[string]interface{}) + _, err := GetStringArray(options, "MyKey") + assert.Error(tester, err) + options["MyKey"] = "single_line" + actual, err := GetStringArray(options, "MyKey") + if assert.Nil(tester, err) { + assert.Equal(tester, "single_line", actual[0]) + } +} diff --git a/server/modules/elastalert/elastalert_test.go b/server/modules/elastalert/elastalert_test.go index 53b64e19f..b0c8e62f3 100644 --- a/server/modules/elastalert/elastalert_test.go +++ b/server/modules/elastalert/elastalert_test.go @@ -426,6 +426,7 @@ func TestSigmaToElastAlertSunnyDayLicensed(t *testing.T) { assert.NoError(t, err) // License + defer licensing.Shutdown() licensing.Test(licensing.FEAT_NTF, 0, 0, "", "") wrappedRule, err := engine.wrapRule(det, query) assert.NoError(t, err) @@ -477,10 +478,7 @@ func TestSigmaToElastAlertCustomNotificationLicensed(t *testing.T) { })).Return([]byte(""), 0, time.Duration(0), nil) config := make(module.ModuleConfig) - alerters := make([]interface{}, 0) - alerters = append(alerters, "post2") - alerters = append(alerters, "pagerduty") - config["MyAlerters"] = alerters + config["MyAlerters"] = "post2" config["MyParams"] = "foo: car" engine := ElastAlertEngine{ @@ -511,7 +509,6 @@ tags: - so.params.MyParams `, Title: "Test Detection", - Tags: []string{"so.alerters.MyAlerters", "so.params.MyParams"}, Severity: model.SeverityHigh, } @@ -519,6 +516,7 @@ tags: assert.NoError(t, err) // License + defer licensing.Shutdown() licensing.Test(licensing.FEAT_NTF, 0, 0, "", "") wrappedRule, err := engine.wrapRule(det, query) assert.NoError(t, err) @@ -532,7 +530,6 @@ sigma_level: high alert: - modules.so.securityonion-es.SecurityOnionESAlerter - post2 - - pagerduty index: .ds-logs-* name: Test Detection -- 00000000-0000-0000-0000-000000000000 type: any @@ -570,10 +567,7 @@ func TestSigmaToElastAlertCustomNotificationUnlicensed(t *testing.T) { })).Return([]byte(""), 0, time.Duration(0), nil) config := make(module.ModuleConfig) - alerters := make([]interface{}, 0) - alerters = append(alerters, "post2") - alerters = append(alerters, "pagerduty") - config["MyAlerters"] = alerters + config["MyAlerters"] = "post2" config["MyParams"] = "foo: car" engine := ElastAlertEngine{ @@ -610,8 +604,6 @@ tags: query, err := engine.sigmaToElastAlert(context.Background(), det) assert.NoError(t, err) - // License - licensing.Shutdown() wrappedRule, err := engine.wrapRule(det, query) assert.NoError(t, err) @@ -684,7 +676,6 @@ tags: - so.notification `, Title: "Test Detection", - Tags: []string{"so.notification"}, Severity: model.SeverityHigh, } @@ -692,6 +683,7 @@ tags: assert.NoError(t, err) // License + defer licensing.Shutdown() licensing.Test(licensing.FEAT_NTF, 0, 0, "", "") wrappedRule, err := engine.wrapRule(det, query) assert.NoError(t, err) @@ -767,11 +759,9 @@ tags: - so.notification `, Title: "Test Detection", - Tags: []string{"so.notification"}, Severity: model.SeverityHigh, } - licensing.Shutdown() query, err := engine.sigmaToElastAlert(context.Background(), det) assert.NoError(t, err)