Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

CVEs alerts inventory for Vulnerability Detector - VDT and WDB Integration Tests implementation #1243

Merged
merged 124 commits into from
Jan 27, 2022
Merged
Show file tree
Hide file tree
Changes from 119 commits
Commits
Show all changes
124 commits
Select commit Hold shift + click to select a range
8f651b8
Revised and implemented new test cases for Wazuh DB commands
MiguelazoDS Apr 8, 2021
9d2e925
Cleaning table at the end of the test cases.
MiguelazoDS Apr 8, 2021
ac905c5
Fix according to review
MiguelazoDS Apr 8, 2021
371f985
Added new test case for set triaged command
MiguelazoDS Apr 9, 2021
591183b
Changes according to review
MiguelazoDS Apr 9, 2021
b3cdbc0
Wazuh-db socket timeout validation
MiguelazoDS May 13, 2021
8faac81
Fixes for pycodestyle compliance
MiguelazoDS May 13, 2021
52ef4d3
Update tests/integration/test_wazuh_db/test_wazuh_db.py
MiguelazoDS May 13, 2021
3a62ae7
Update tests/integration/test_wazuh_db/test_wazuh_db.py
MiguelazoDS May 13, 2021
b1ea961
Update tests/integration/test_wazuh_db/test_wazuh_db.py
MiguelazoDS May 13, 2021
35cb40c
Code review changes
MiguelazoDS May 13, 2021
274dc37
Code review change
MiguelazoDS May 14, 2021
de48286
Code review change
MiguelazoDS May 14, 2021
71f251c
Added new wazuh-db integration tests
MiguelazoDS May 14, 2021
e2b01f1
Code review changes
MiguelazoDS May 14, 2021
2538764
Added new tests to documentation and minor comment fixes
MiguelazoDS May 17, 2021
d5ac04a
Fix timeout integration test
MiguelazoDS May 19, 2021
4110787
Updating IT with new vuln_cves fields
pereyra-m Jun 1, 2021
d4ca42c
Updating vuln_cves IT after review
pereyra-m Jun 2, 2021
6b5bbf7
Fixing tests after rebase
pereyra-m Nov 1, 2021
8c02b28
Adding comments and improving structure
pereyra-m Nov 1, 2021
2c2bd04
Fixing agent_messages tests after rebase
pereyra-m Nov 2, 2021
48ee29e
Remove ignore_time tests due to deprecation
BraulioV May 13, 2021
3bf30ea
Minor improvements in the code base
BraulioV May 18, 2021
f999f85
Add test: test_min_full_scan_interval
mdengra May 25, 2021
4910c84
Add test documentation
mdengra May 25, 2021
525bfdf
Update general info in test_general_settings documentation
mdengra May 25, 2021
58f2a58
Replace identity testing with equality testing in some sentences
mdengra May 25, 2021
dee9036
Change the way the distro name is parsed to avoid false negatives
mdengra May 26, 2021
0ed8677
Move interval_to_time_modifier function to time.py module of wazuh_te…
mdengra May 28, 2021
02e381e
Refactor test_min_full_scan_interval to use a minimal number of offli…
mdengra May 28, 2021
a2506f1
Update documentation #1359
mdengra May 28, 2021
af77f19
Use feed paths from vulnerability_detector module
mdengra May 31, 2021
6dfa4e3
Delete old offline feed files #1359
mdengra May 31, 2021
f9ab71c
Enable syscollector in manager
mdengra May 31, 2021
993040d
Use the wdb socket to make database changes
mdengra Jun 2, 2021
45cc1ba
Fix documentation #1359
mdengra Jun 7, 2021
9be0472
Modify the insert_package function of the vulnerability_detector modu…
mdengra Jun 7, 2021
8fdf1d3
Add test_partial_scan_type to vulnerability detector tests
mdengra Jun 8, 2021
194e509
Add documentation for test_partial_scan_type #1425
mdengra Jun 8, 2021
d20c8e0
Improve modify_nvd_metadata_vuldet function of vulnerability_detector…
mdengra Jun 9, 2021
2c10849
Change alerts.log to alerts.json as a file to process alerts
mdengra Jun 9, 2021
6d57a5e
Add test_baseline_scan_type to vulnerability detector tests
mdengra Jun 4, 2021
f10209e
Add documentation for test_baseline_scan_type
mdengra Jun 4, 2021
7cdceaf
Modify the insert_package function of the vulnerability_detector modu…
mdengra Jun 7, 2021
72c7fbc
Update documentation #1409
mdengra Jun 7, 2021
4eb20ce
Add modify_nvd_metadata_vuldet function to vulnerability_detector module
mdengra Jun 8, 2021
d37e61a
Fix some typos in the documentation
mdengra Jun 8, 2021
92f54b5
Change alerts.log to alerts.json as a file to process alerts
mdengra Jun 9, 2021
3c321fb
Add documentation for test_full_scan_type #1437
mdengra Jun 10, 2021
3f07749
Add test_full_scan_type to vulnerability detector tests
mdengra Jun 10, 2021
1543a59
Add test_alert_vulnerability_removal to vulnerability detector tests
mdengra Jun 9, 2021
e45ac23
Move test_alert_vulnerability_removal to test_scan_results category
mdengra Jun 9, 2021
68cb683
vuldet retry_interval setting test
MiguelazoDS Jun 17, 2021
7227125
Update docs/tests/integration/test_vulnerability_detector/test_genera…
MiguelazoDS Jun 23, 2021
1f3e4a8
Update tests/integration/test_vulnerability_detector/test_general_set…
MiguelazoDS Jun 23, 2021
8a676cc
Test unification and improvements.
MiguelazoDS Jun 23, 2021
54096a2
Removing local internal configuration from the Vulnerability Detector…
DProvinciani Jun 23, 2021
861c8a3
Update tests/integration/test_vulnerability_detector/test_general_set…
MiguelazoDS Jun 24, 2021
e50e860
Adding agent's OS info
pereyra-m Jun 9, 2021
2783102
Stabilize nvd scan result tests
Jun 11, 2021
4213c04
Insert OS info for redhat test
MiguelazoDS Jun 11, 2021
2afc461
Adding check_vulnerability_scan_inventory method
pereyra-m Jun 14, 2021
c17ac27
Add removed alerts and log functionality to VulnerabilityDetector
Jun 14, 2021
4797b15
Check vulnerabilities in alerts json file
MiguelazoDS Jun 14, 2021
79bcd7f
Ignore discarded vulnerabilities to be checked in log file
MiguelazoDS Jun 15, 2021
052531e
Add function to check kernel packages discarded in log file
MiguelazoDS Jun 15, 2021
a84b841
Checking inserted vulnerabilities in vuln_cves table
pereyra-m Jun 15, 2021
ea93eb8
Check discarded kernel packages for Debian and RH
MiguelazoDS Jun 15, 2021
bde3288
Reordering some methods calls
pereyra-m Jun 16, 2021
7e7514d
Add vulnerability removal checks
Jun 17, 2021
157c75f
Adding architecture check for vulnerabilities in the cves inventory f…
DProvinciani Jun 18, 2021
1e87d9f
Added architecture and version to vulnerability feeds
MiguelazoDS Jun 18, 2021
4a3ebde
pycodestyle compliance changes
MiguelazoDS Jun 22, 2021
8548208
Rebase fix
MiguelazoDS Jun 22, 2021
e8ddfde
Removed unneeded wazuh-db service restart
MiguelazoDS Jun 23, 2021
c9dc2a7
Fix test_windows ITs
MiguelazoDS Jun 28, 2021
c85df9c
Removing wazuh-db restart before tables removal
pereyra-m Jun 28, 2021
6c2d2ad
Disabling unused modules to improve stability
pereyra-m Jun 24, 2021
12d5804
Disabling modules in test_feeds tests
pereyra-m Jun 29, 2021
32be95f
Adding agent's OS info
pereyra-m Jun 9, 2021
03d4425
Reordering some methods calls
pereyra-m Jun 16, 2021
1550a98
Add vulnerability removal checks
Jun 17, 2021
bbe6a45
Checking score and severity for scan_results tests
pereyra-m Jun 17, 2021
0091945
Calculating severity from base_score
pereyra-m Jun 17, 2021
4f1d639
Updating MacOS test
pereyra-m Jun 17, 2021
0838895
Updating msu test
pereyra-m Jun 17, 2021
fff4168
Fixing RedHat test
pereyra-m Jun 17, 2021
3a1cd36
Fixing different_cves test
pereyra-m Jun 17, 2021
beab3e3
Updating scan_nvd test
pereyra-m Jun 18, 2021
e3065da
Fixing scan_providers_and_nvd test
pereyra-m Jun 19, 2021
df62643
Updating ubuntu test
pereyra-m Jun 19, 2021
aece591
Updating arch_linux test
pereyra-m Jun 19, 2021
20ada8b
Updating alert_vulnerability_removal test
pereyra-m Jun 19, 2021
6ae3bfd
Documenting new methods
pereyra-m Jun 22, 2021
4aa7e82
Fixing long lines and extra whitespaces
pereyra-m Jun 22, 2021
649279a
Updating check_vulnerability_scan_inventory for removed condition
pereyra-m Jun 24, 2021
03289a0
Fix after rebase
MiguelazoDS Sep 30, 2021
1fe59db
Disable unneeded modules
MiguelazoDS Oct 1, 2021
75d26fa
Fixing tests after rebase
pereyra-m Nov 5, 2021
74f1626
Fixing insert_package parameter list
pereyra-m Nov 8, 2021
bc9fc4a
Fixing scan providers and NVD feed test
pereyra-m Nov 8, 2021
f2ce2f3
Added removal vulnerability verification in ALAS
MiguelazoDS Nov 8, 2021
89245e0
Enabling authd for add_simulated_agent fixture
pereyra-m Nov 8, 2021
37d105f
Enabling skipped tests
pereyra-m Nov 8, 2021
c668ce7
Fixing fixture that adds package is not always executed
MiguelazoDS Nov 9, 2021
a12ba4d
Deprecate agent simulators
MiguelazoDS Nov 1, 2021
ae9a5a7
Code style fix
MiguelazoDS Nov 3, 2021
1dd1bf2
Code review changes
MiguelazoDS Nov 4, 2021
d65943d
Added check if score key exists
MiguelazoDS Nov 4, 2021
b5f86c5
Add friendly test IDs and in-code Documentation
Nov 5, 2021
88587c9
Code review fixes
Nov 9, 2021
6eb80c1
Update deps/wazuh_testing/wazuh_testing/wazuh_db.py
DProvinciani Nov 9, 2021
d5341b9
Update deps/wazuh_testing/wazuh_testing/vulnerability_detector.py
DProvinciani Nov 9, 2021
dae6d59
Merge pull request #1496 from wazuh/1261-cve-alerts-inventory
DProvinciani Nov 9, 2021
08dc7f7
Fixing error in expected output of Wazuh DB integration test
DProvinciani Nov 9, 2021
8d07c54
Restoring tests to skipped state
pereyra-m Nov 10, 2021
e093ae5
Setting a low retry_interval for scan_types tests
pereyra-m Nov 10, 2021
d1966af
Skip flaky tests using direct VulDet queries
Nov 10, 2021
5cf5fe5
fix: Remove stop wazuh-db
juliamagan Nov 15, 2021
f55d8e4
fix: Change `mock_agent` to `mock_agent_module`
juliamagan Nov 15, 2021
0ba0725
fix: Fix documentation
juliamagan Nov 15, 2021
55fdb68
Skip `test_wazuh_db_chunks` due to #2217
juliamagan Nov 15, 2021
5cf18aa
Merge branch 'master' of github.com:wazuh/wazuh-qa into dev-cves-aler…
jmv74211 Jan 18, 2022
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 2 additions & 3 deletions deps/wazuh_testing/wazuh_testing/remote.py
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,9 @@
import time

import pytest
import wazuh_testing.tools as tools
import wazuh_testing.tools.agent_simulator as ag
from wazuh_testing import TCP, UDP
from wazuh_testing.tools import file, monitoring
import wazuh_testing.tools as tools
from wazuh_testing import UDP, TCP
from wazuh_testing.tools.monitoring import FileMonitor
from wazuh_testing.tools.services import control_service

Expand Down
5 changes: 3 additions & 2 deletions deps/wazuh_testing/wazuh_testing/tools/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@
PREFIX = os.sep

WAZUH_CONF_RELATIVE = os.path.join('etc', 'ossec.conf')
WAZUH_LOCAL_INTERNAL_OPTIONS = os.path.join(f'{WAZUH_PATH}/etc', 'local_internal_options.conf')
WAZUH_LOCAL_INTERNAL_OPTIONS = os.path.join(WAZUH_PATH, 'etc', 'local_internal_options.conf')
WAZUH_CONF = os.path.join(WAZUH_PATH, WAZUH_CONF_RELATIVE)
WAZUH_API_CONF = os.path.join(WAZUH_PATH, 'api', 'configuration', 'api.yaml')
WAZUH_SECURITY_CONF = os.path.join(WAZUH_PATH, 'api', 'configuration', 'security', 'security.yaml')
Expand All @@ -58,7 +58,7 @@
ANALYSIS_STATISTICS_FILE = os.path.join(WAZUH_PATH, 'var', 'run', 'wazuh-analysisd.state')
UPGRADE_PATH = os.path.join(WAZUH_PATH, 'var', 'upgrade')
AGENT_AUTH_BINARY_PATH = os.path.join(WAZUH_PATH, 'bin', 'agent-auth')

GLOBAL_DB_PATH = os.path.join(WAZUH_PATH, 'queue', 'db', 'global.db')

try:
import grp
Expand Down Expand Up @@ -109,6 +109,7 @@ def get_service():

WAZUH_LOGS_PATH = os.path.join(WAZUH_PATH, 'logs')
ALERT_FILE_PATH = os.path.join(WAZUH_LOGS_PATH, 'alerts', 'alerts.json')
ALERT_LOGS_PATH = os.path.join(WAZUH_LOGS_PATH, 'alerts', 'alerts.log')
CLUSTER_LOGS_PATH = os.path.join(WAZUH_LOGS_PATH, 'cluster.log')
QUEUE_SOCKETS_PATH = os.path.join(WAZUH_PATH, 'queue', 'sockets')
QUEUE_ALERTS_PATH = os.path.join(WAZUH_PATH, 'queue', 'alerts')
Expand Down
6 changes: 5 additions & 1 deletion deps/wazuh_testing/wazuh_testing/tools/monitoring.py
Original file line number Diff line number Diff line change
Expand Up @@ -321,7 +321,11 @@ def receive(self, size=False):
bytes: Socket message.
"""
if size:
size = wazuh_unpack(self.sock.recv(4, socket.MSG_WAITALL))
data = self.sock.recv(4, socket.MSG_WAITALL)
if not data:
output = bytes('', 'utf8')
return output
size = wazuh_unpack(data)
output = self.sock.recv(size, socket.MSG_WAITALL)
else:
output = self.sock.recv(4096)
Expand Down
15 changes: 15 additions & 0 deletions deps/wazuh_testing/wazuh_testing/tools/time.py
Original file line number Diff line number Diff line change
Expand Up @@ -256,3 +256,18 @@ def time_to_seconds(time_):
def get_current_timestamp():
"""Get the current timestamp. For example: 1627028708.303002"""
return datetime.now().timestamp()


def interval_to_time_modifier(interval):
"""Convert a string with format (1s, 1m, 1h, 1d) to SQLite date modifier.

Args:
interval (str): Time interval string.

Returns:
str: SQLite date modifier.
"""
interval_units_dict = {'s': 'seconds', 'm': 'minutes', 'h': 'hours', 'd': 'days'}
time_value = interval[:-1]
time_unit = interval[-1]
return f"{time_value} {interval_units_dict[time_unit]}"
Loading