From 184e88ddafb0b56cc25ba70d428dc68a71ffd1dd Mon Sep 17 00:00:00 2001 From: Julien Doutre Date: Thu, 2 Dec 2021 16:38:40 +0100 Subject: [PATCH] Less verbose integration test output --- tools/tests/test_backend_datadog.py | 128 ++++++++++++++++------------ 1 file changed, 74 insertions(+), 54 deletions(-) diff --git a/tools/tests/test_backend_datadog.py b/tools/tests/test_backend_datadog.py index 6c169a330..11de22776 100644 --- a/tools/tests/test_backend_datadog.py +++ b/tools/tests/test_backend_datadog.py @@ -1,3 +1,19 @@ +# Output backends for sigmac +# Copyright 2021 Datadog, Inc. + +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. + +# You should have received a copy of the GNU Lesser General Public License +# along with this program. If not, see . + import os import yaml @@ -17,60 +33,6 @@ class TestDatadogBackend(unittest.TestCase): "detection": {"selection": {"attribute": "test"}, "condition": "selection"} } - def generate_query( - self, rule, backend_options=dict(), config=dict(), fieldmappings=dict() - ): - cfg = SigmaConfiguration() - cfg.config = config - cfg.fieldmappings = fieldmappings - backend = DatadogLogsBackend(cfg, backend_options) - parser = SigmaParser(rule, cfg) - - return backend.generate(parser) - - def test_all_sigma_rules(self): - """Test the Datadog backend over all the Sigma rules in the repository.""" - - skipped = 0 - errors = 0 - successes = 0 - total = 0 - - config = SigmaConfiguration() - backend = DatadogLogsBackend(config) - - for (dirpath, _, filenames) in os.walk("../rules"): - for filename in filenames: - if filename.endswith(".yaml") or filename.endswith(".yml"): - with self.subTest(filename): - rule_path = os.path.join(dirpath, filename) - - with open(rule_path, "r") as rule_file: - total += 1 - parser = SigmaParser(yaml.safe_load(rule_file), config) - - try: - query = backend.generate(parser) - except NotImplementedError as err: - print("[SKIPPED] {}: {}".format(rule_path, err)) - skipped += 1 - except BaseException as err: - print("[FAILED] {}: {}".format(rule_path, err)) - errors += 1 - else: - print("[OK] {}".format(rule_path)) - successes += 1 - - print("\n==========Statistics==========\n") - print( - "SUCCESSES: {}/{} ({:.2f}%)".format( - successes, total, successes / total * 100 - ) - ) - print("SKIPPED: {}/{} ({:.2f}%)".format(skipped, total, skipped / total * 100)) - print("ERRORS: {}/{} ({:.2f}%)".format(errors, total, errors / total * 100)) - print("\n==============================\n") - def test_attribute(self): query = self.generate_query(self.basic_rule) expected_query = "@attribute:test" @@ -110,3 +72,61 @@ class TestDatadogBackend(unittest.TestCase): ) expected_query = "@another_attribute:test" self.assertEqual(query, expected_query) + + def generate_query( + self, rule, backend_options=dict(), config=dict(), fieldmappings=dict() + ): + cfg = SigmaConfiguration() + cfg.config = config + cfg.fieldmappings = fieldmappings + backend = DatadogLogsBackend(cfg, backend_options) + parser = SigmaParser(rule, cfg) + + return backend.generate(parser) + + def test_all_sigma_rules(self): + """Test the Datadog backend over all the Sigma rules in the repository.""" + verbose_report = False + + skipped = 0 + errors = 0 + successes = 0 + total = 0 + + config = SigmaConfiguration() + backend = DatadogLogsBackend(config) + + for (dirpath, _, filenames) in os.walk("../rules"): + for filename in filenames: + if filename.endswith(".yaml") or filename.endswith(".yml"): + with self.subTest(filename): + rule_path = os.path.join(dirpath, filename) + + with open(rule_path, "r") as rule_file: + total += 1 + parser = SigmaParser(yaml.safe_load(rule_file), config) + + try: + query = backend.generate(parser) + except NotImplementedError as err: + if verbose_report: + print("[SKIPPED] {}: {}".format(rule_path, err)) + skipped += 1 + except BaseException as err: + if verbose_report: + print("[FAILED] {}: {}".format(rule_path, err)) + errors += 1 + else: + if verbose_report: + print("[OK] {}".format(rule_path)) + successes += 1 + + print("\n==========Statistics==========\n") + print( + "SUCCESSES: {}/{} ({:.2f}%)".format( + successes, total, successes / total * 100 + ) + ) + print("SKIPPED: {}/{} ({:.2f}%)".format(skipped, total, skipped / total * 100)) + print("ERRORS: {}/{} ({:.2f}%)".format(errors, total, errors / total * 100)) + print("\n==============================\n")