Test Report

Result	Test	Duration
Passed	tests/end_to_end/test_virustotal_integration/test_virustotal_integration.py::test_virustotal_integration[remove_malicious_file]	55.87
-----------------------------Captured stdout setup------------------------------ PLAY [Test manager configuration] ******************************************** TASK [Gathering Facts] ***************************************************** ok: [wazuh-manager] TASK [Configure Virustotal integration and active response] **************** changed: [wazuh-manager] TASK [Configure local rules virus total integration] *********************** changed: [wazuh-manager] TASK [Truncate alert.json] ************************************************* changed: [wazuh-manager] TASK [Restart the manager] ************************************************* changed: [wazuh-manager] PLAY [Test agent configuration] ******************************************** TASK [Gathering Facts] ***************************************************** ok: [wazuh-agent] TASK [Configure syscheck] ************************************************** changed: [wazuh-agent] TASK [Add active response script] ****************************************** ok: [wazuh-agent] TASK [Install jq (CentOS)] ************************************************* changed: [wazuh-agent] TASK [Change remove-threat.sh owner and permissions] *********************** changed: [wazuh-agent] TASK [Restart the agent] *************************************************** changed: [wazuh-agent] PLAY RECAP ******************************************************************* wazuh-agent : ok=6 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 wazuh-manager : ok=5 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 { "ansible_connection": "ssh", "ansible_python_interpreter": "/usr/bin/python3", "ansible_ssh_private_key_file": "/home/juliamagan/Desktop/QA/2893/.vagrant/machines/centos_manager/virtualbox/private_key", "ansible_user": "vagrant", "aws_access_key_id": "AKIA6B6B4XJHMKALDJGT", "aws_region": "us-east-1", "aws_secret_access_key": "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", "bucket_name": "aws-cloudtrail-logs-966237403726-09245154", "dashboard_password": "l1+ut5xmuZHIHCLidsic5m6q6MzvuUs", "dashboard_user": "admin", "ip_address": "172.17.1.65", "s3_url": "https://s3.amazonaws.com/ci.wazuh.com/qa/testing_files/end_to_end", "slack_channel": "C03EZKLR682", "slack_token": "xoxb-746532534132-3509688290194-ITgoGLhy542RzfE7p2FxVHVN", "virustotal_key": "3e4db70c621cd9dd9e3400254297eea03215987facca9931a42dcb86ffb8aa78", "web_hook_url": "https://hooks.slack.com/services/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" } PLAY [Generate events] ****************************************************** TASK [Gathering Facts] ***************************************************** ok: [wazuh-agent] TASK [Download malicious file] ********************************************* changed: [wazuh-agent] TASK [Wait for alert] ****************************************************** ok: [wazuh-agent] PLAY [Get logs] ************************************************************ TASK [Gathering Facts] ***************************************************** ok: [wazuh-manager] TASK [Get alerts.json] ***************************************************** changed: [wazuh-manager] PLAY RECAP ******************************************************************* wazuh-agent : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 wazuh-manager : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 -------------------------------Captured log call-------------------------------- WARNING root:utils.py:46 Exception: "Alert not indexed". 2/3 remaining attempts. Waiting 10 seconds.
Passed	tests/end_to_end/test_virustotal_integration/test_virustotal_integration.py::test_virustotal_integration[harmless_file]	50.72
-----------------------------Captured stdout setup------------------------------ PLAY [Generate events] ******************************************************* TASK [Gathering Facts] ***************************************************** ok: [wazuh-agent] TASK [Create harmless file] ************************************************ changed: [wazuh-agent] TASK [Wait for alert] ****************************************************** ok: [wazuh-agent] PLAY [Get logs] ************************************************************ TASK [Gathering Facts] ***************************************************** ok: [wazuh-manager] TASK [Get alerts.json] ***************************************************** changed: [wazuh-manager] PLAY RECAP ***************************************************************** wazuh-agent : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 wazuh-manager : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 -------------------------------Captured log call-------------------------------- WARNING root:utils.py:46 Exception: "Alert not indexed". 2/3 remaining attempts. Waiting 10 seconds. ----------------------------Captured stdout teardown---------------------------- PLAY [Cleanup manager environment] ***************************************** TASK [Gathering Facts] ***************************************************** ok: [wazuh-manager] TASK [Delete Virustotal integration and active response configuration] ***** changed: [wazuh-manager] TASK [Delete local rules virus total integration] ************************** changed: [wazuh-manager] TASK [Restart wazuh-manager] *********************************************** changed: [wazuh-manager] PLAY [Cleanup agent environment] ******************************************* TASK [Gathering Facts] ***************************************************** ok: [wazuh-agent] TASK [Delete syscheck configuration] *************************************** changed: [wazuh-agent] TASK [Delete active response script] *************************************** ok: [wazuh-agent] TASK [Delete created file] ************************************************* changed: [wazuh-agent] TASK [Restart wazuh-agent] ************************************************* changed: [wazuh-agent] PLAY RECAP ******************************************************************* wazuh-agent : ok=5 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 wazuh-manager : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0

-----------------------------Captured stdout setup------------------------------
PLAY [Test manager configuration] ********************************************** TASK [Gathering Facts] ********************************************************* ok: [wazuh-manager] TASK [Configure Virustotal integration and active response] ******************** changed: [wazuh-manager] TASK [Configure local rules virus total integration] *************************** changed: [wazuh-manager] TASK [Truncate alert.json] ***************************************************** changed: [wazuh-manager] TASK [Restart the manager] ***************************************************** changed: [wazuh-manager] PLAY [Test agent configuration] ************************************************ TASK [Gathering Facts] ********************************************************* ok: [wazuh-agent] TASK [Configure syscheck] ****************************************************** changed: [wazuh-agent] TASK [Add active response script] ********************************************** ok: [wazuh-agent] TASK [Install jq (CentOS)] ***************************************************** changed: [wazuh-agent] TASK [Change remove-threat.sh owner and permissions] *************************** changed: [wazuh-agent] TASK [Restart the agent] ******************************************************* changed: [wazuh-agent] PLAY RECAP ********************************************************************* wazuh-agent : ok=6 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 wazuh-manager : ok=5 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 { "ansible_connection": "ssh", "ansible_python_interpreter": "/usr/bin/python3", "ansible_ssh_private_key_file": "/home/juliamagan/Desktop/QA/2893/.vagrant/machines/centos_manager/virtualbox/private_key", "ansible_user": "vagrant", "aws_access_key_id": "AKIA6B6B4XJHMKALDJGT", "aws_region": "us-east-1", "aws_secret_access_key": "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", "bucket_name": "aws-cloudtrail-logs-966237403726-09245154", "dashboard_password": "l1+ut5xmuZHIHCLidsi*c5m6q6MzvuUs", "dashboard_user": "admin", "ip_address": "172.17.1.65", "s3_url": "https://s3.amazonaws.com/ci.wazuh.com/qa/testing_files/end_to_end", "slack_channel": "C03EZKLR682", "slack_token": "xoxb-746532534132-3509688290194-ITgoGLhy542RzfE7p2FxVHVN", "virustotal_key": "3e4db70c621cd9dd9e3400254297eea03215987facca9931a42dcb86ffb8aa78", "web_hook_url": "https://hooks.slack.com/services/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" } PLAY [Generate events] ********************************************************* TASK [Gathering Facts] ********************************************************* ok: [wazuh-agent] TASK [Download malicious file] ************************************************* changed: [wazuh-agent] TASK [Wait for alert] ********************************************************** ok: [wazuh-agent] PLAY [Get logs] **************************************************************** TASK [Gathering Facts] ********************************************************* ok: [wazuh-manager] TASK [Get alerts.json] ********************************************************* changed: [wazuh-manager] PLAY RECAP ********************************************************************* wazuh-agent : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 wazuh-manager : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0
-------------------------------Captured log call--------------------------------
WARNING root:utils.py:46 Exception: "Alert not indexed". 2/3 remaining attempts. Waiting 10 seconds.

Packages	{"pluggy": "0.13.1", "py": "1.10.0", "pytest": "6.2.2"}
Platform	Linux-5.18.10-76051810-generic-x86_64-with-glibc2.35
Plugins	{"html": "3.1.1", "metadata": "2.0.1", "testinfra": "5.0.0"}
Python	3.9.7

3174-3-test-virustotal-integration.html

Environment

Summary

Results

Result	Test	Duration
No results found. Try to check the filters
Passed	tests/end_to_end/test_virustotal_integration/test_virustotal_integration.py::test_virustotal_integration[remove_malicious_file]	55.87
-----------------------------Captured stdout setup------------------------------ PLAY [Test manager configuration] ******************************************** TASK [Gathering Facts] ***************************************************** ok: [wazuh-manager] TASK [Configure Virustotal integration and active response] **************** changed: [wazuh-manager] TASK [Configure local rules virus total integration] *********************** changed: [wazuh-manager] TASK [Truncate alert.json] ************************************************* changed: [wazuh-manager] TASK [Restart the manager] ************************************************* changed: [wazuh-manager] PLAY [Test agent configuration] ******************************************** TASK [Gathering Facts] ***************************************************** ok: [wazuh-agent] TASK [Configure syscheck] ************************************************** changed: [wazuh-agent] TASK [Add active response script] ****************************************** ok: [wazuh-agent] TASK [Install jq (CentOS)] ************************************************* changed: [wazuh-agent] TASK [Change remove-threat.sh owner and permissions] *********************** changed: [wazuh-agent] TASK [Restart the agent] *************************************************** changed: [wazuh-agent] PLAY RECAP ******************************************************************* wazuh-agent : ok=6 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 wazuh-manager : ok=5 changed=4 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 { "ansible_connection": "ssh", "ansible_python_interpreter": "/usr/bin/python3", "ansible_ssh_private_key_file": "/home/juliamagan/Desktop/QA/2893/.vagrant/machines/centos_manager/virtualbox/private_key", "ansible_user": "vagrant", "aws_access_key_id": "AKIA6B6B4XJHMKALDJGT", "aws_region": "us-east-1", "aws_secret_access_key": "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", "bucket_name": "aws-cloudtrail-logs-966237403726-09245154", "dashboard_password": "l1+ut5xmuZHIHCLidsic5m6q6MzvuUs", "dashboard_user": "admin", "ip_address": "172.17.1.65", "s3_url": "https://s3.amazonaws.com/ci.wazuh.com/qa/testing_files/end_to_end", "slack_channel": "C03EZKLR682", "slack_token": "xoxb-746532534132-3509688290194-ITgoGLhy542RzfE7p2FxVHVN", "virustotal_key": "3e4db70c621cd9dd9e3400254297eea03215987facca9931a42dcb86ffb8aa78", "web_hook_url": "https://hooks.slack.com/services/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" } PLAY [Generate events] ****************************************************** TASK [Gathering Facts] ***************************************************** ok: [wazuh-agent] TASK [Download malicious file] ********************************************* changed: [wazuh-agent] TASK [Wait for alert] ****************************************************** ok: [wazuh-agent] PLAY [Get logs] ************************************************************ TASK [Gathering Facts] ***************************************************** ok: [wazuh-manager] TASK [Get alerts.json] ***************************************************** changed: [wazuh-manager] PLAY RECAP ******************************************************************* wazuh-agent : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 wazuh-manager : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 -------------------------------Captured log call-------------------------------- WARNING root:utils.py:46 Exception: "Alert not indexed". 2/3 remaining attempts. Waiting 10 seconds.
Passed	tests/end_to_end/test_virustotal_integration/test_virustotal_integration.py::test_virustotal_integration[harmless_file]	50.72
-----------------------------Captured stdout setup------------------------------ PLAY [Generate events] ******************************************************* TASK [Gathering Facts] ***************************************************** ok: [wazuh-agent] TASK [Create harmless file] ************************************************ changed: [wazuh-agent] TASK [Wait for alert] ****************************************************** ok: [wazuh-agent] PLAY [Get logs] ************************************************************ TASK [Gathering Facts] ***************************************************** ok: [wazuh-manager] TASK [Get alerts.json] ***************************************************** changed: [wazuh-manager] PLAY RECAP ***************************************************************** wazuh-agent : ok=3 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 wazuh-manager : ok=2 changed=1 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 -------------------------------Captured log call-------------------------------- WARNING root:utils.py:46 Exception: "Alert not indexed". 2/3 remaining attempts. Waiting 10 seconds. ----------------------------Captured stdout teardown---------------------------- PLAY [Cleanup manager environment] ***************************************** TASK [Gathering Facts] ***************************************************** ok: [wazuh-manager] TASK [Delete Virustotal integration and active response configuration] ***** changed: [wazuh-manager] TASK [Delete local rules virus total integration] ************************** changed: [wazuh-manager] TASK [Restart wazuh-manager] *********************************************** changed: [wazuh-manager] PLAY [Cleanup agent environment] ******************************************* TASK [Gathering Facts] ***************************************************** ok: [wazuh-agent] TASK [Delete syscheck configuration] *************************************** changed: [wazuh-agent] TASK [Delete active response script] *************************************** ok: [wazuh-agent] TASK [Delete created file] ************************************************* changed: [wazuh-agent] TASK [Restart wazuh-agent] ************************************************* changed: [wazuh-agent] PLAY RECAP ******************************************************************* wazuh-agent : ok=5 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 wazuh-manager : ok=4 changed=3 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0