Skip to content

Commit

Permalink
fix: test_fim fixed. #2830
Browse files Browse the repository at this point in the history
  • Loading branch information
@mauromalara
mauromalara committed Aug 15, 2022
1 parent 8b8f33e commit 5fb7fde
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 4 deletions.
4 changes: 2 additions & 2 deletions tests/end_to_end/test_fim/data/playbooks/generate_events.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,13 +18,13 @@
path: "{{ path }}"
state: "{{ state }}"
mode: "{{ mode }}"
when: os == "Linux"
when: ansible_system == os

- name: "{{ event_description }}"
win_file:
path: "{{ path }}"
state: "{{ state }}"
when: os == ansible_facts['os_family']
when: ansible_facts['os_family'] == os

- name: Get alerts
hosts: wazuh-manager
Expand Down
5 changes: 3 additions & 2 deletions tests/end_to_end/test_fim/test_fim.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,13 +28,14 @@ def test_fim(configure_environment, metadata, get_dashboard_credentials, generat
rule_level = metadata['rule.level']
rule_description = metadata['rule.description']
syscheck_path = metadata['extra']['syscheck.path']
timestamp = r'\d+\-\d+\-\w+\:\d+\:\d+\.\d+[+|-]\d+'

expected_alert_json = fr'\{{"timestamp":"(\d+\-\d+\-\w+\:\d+\:\d+\.\d+\+\d+)","rule":{{"level":{rule_level},' \
expected_alert_json = fr'.*\{{"timestamp":"({timestamp})","rule":{{"level":{rule_level},' \
fr'"description":"{rule_description}","id":"{rule_id}".*"syscheck":{{"path":' \
fr'"{syscheck_path}".*\}}'

expected_indexed_alert = fr'.*"path": "{syscheck_path}".*"rule":.*"level": {rule_level},.*"description": ' \
fr'"{rule_description}".*"timestamp": "(\d+\-\d+\-\w+\:\d+\:\d+\.\d+\+\d+)".*'
fr'"{rule_description}".*"timestamp": "({timestamp})".*'

# Check that alert has been raised and save timestamp
raised_alert = evm.check_event(callback=expected_alert_json, file_to_monitor=alerts_json,
Expand Down

0 comments on commit 5fb7fde

Please sign in to comment.