Skip to content

Commit

Permalink
up
Browse files Browse the repository at this point in the history
  • Loading branch information
blotus committed Oct 8, 2024
1 parent 607fd65 commit 3209b2d
Showing 1 changed file with 30 additions and 6 deletions.
36 changes: 30 additions & 6 deletions pkg/acquisition/modules/wineventlog/wineventlog_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -240,23 +240,40 @@ func TestOneShotAcquisition(t *testing.T) {
}

tests := []struct {
name string
dsn string
expectedCount int
expectedErr string
name string
dsn string
expectedCount int
expectedErr string
expectedConfigureErr string
}{
{
name: "non-existing file",
dsn: `wineventlog://foo.evtx`,
expectedCount: 0,
expectedErr: "The system cannot find the file specified.",
},
{
name: "empty DSN",
dsn: `wineventlog://`,
expectedCount: 0,
expectedConfigureErr: "empty wineventlog:// DSN",
},
{
name: "existing file",
dsn: `wineventlog://test_files/Setup.evtx`,
expectedCount: 24,
expectedErr: "",
},
{
name: "filter on event_id",
dsn: `wineventlog://test_files/Setup.evtx?event_id=2`,
expectedCount: 1,
},
{
name: "filter on event_id",
dsn: `wineventlog://test_files/Setup.evtx?event_id=2&event_id=3`,
expectedCount: 24,
},
}

exprhelpers.Init(nil)
Expand All @@ -267,7 +284,14 @@ func TestOneShotAcquisition(t *testing.T) {
to := &tomb.Tomb{}
c := make(chan types.Event)
f := WinEventLogSource{}
f.ConfigureByDSN(test.dsn, map[string]string{"type": "wineventlog"}, log.WithField("type", "windowseventlog"), "")
err := f.ConfigureByDSN(test.dsn, map[string]string{"type": "wineventlog"}, log.WithField("type", "windowseventlog"), "")

if test.expectedConfigureErr != "" {
assert.Contains(t, err.Error(), test.expectedConfigureErr)
return
}

require.NoError(t, err)

go func() {
for {
Expand All @@ -280,7 +304,7 @@ func TestOneShotAcquisition(t *testing.T) {
}
}()

err := f.OneShotAcquisition(c, to)
err = f.OneShotAcquisition(c, to)
if test.expectedErr != "" {
assert.Contains(t, err.Error(), test.expectedErr)
} else {
Expand Down

0 comments on commit 3209b2d

Please sign in to comment.