Merge pull request #2027 from wazuh/2022-fix-macos-logcollector-tests

Fix test_macos_log_format_only_future_event

deps/wazuh_testing/wazuh_testing/logcollector.py

@@ -93,6 +93,16 @@ def callback_analyzing_file(file):
     return monitoring.make_callback(pattern=msg, prefix=prefix, escape=True)
 
 
+def callback_macos_log(msg):
+    """Create a callback to detect macos log.
+    Args:
+        msg (str): macOS message.
+    Returns:
+        callable: callback to detect this event.
+    """
+    return monitoring.make_callback(pattern=msg, prefix=prefix)
+
+
 def callback_removed_file(file):
     """Create a callback to detect if logcollector has detected that a monitored file has been deleted.
     Args:

deps/wazuh_testing/wazuh_testing/tools/configuration.py

@@ -620,7 +620,7 @@ def get_local_internal_options_dict():
     with open(WAZUH_LOCAL_INTERNAL_OPTIONS, 'r') as local_internal_option_file:
         configuration_options = local_internal_option_file.readlines()
         for configuration_option in configuration_options:
-            if not configuration_option.startswith('#'):
+            if not configuration_option.startswith('#')  and not configuration_option=='\n':
                 option_name, option_value = configuration_option.split('=')
                 local_internal_option_dict[option_name] = option_value
 

tests/integration/test_logcollector/conftest.py

@@ -66,23 +66,3 @@ def init_authd_remote_simulator(get_connection_configuration, request):
 
     remoted_simulator.stop()
     authd_simulator.shutdown()
-
-
-@pytest.fixture(scope="package", autouse=True)
-def configure_local_internal_options_logcollector():
-    """Configure Wazuh with local internal options required for logcollector tests."""
-    backup_options_lines = conf.get_wazuh_local_internal_options()
-    backup_options_dict = conf.local_internal_options_to_dict(backup_options_lines)
-
-    if backup_options_dict != LOGCOLLECTOR_DEFAULT_LOCAL_INTERNAL_OPTIONS:
-        conf.add_wazuh_local_internal_options(LOGCOLLECTOR_DEFAULT_LOCAL_INTERNAL_OPTIONS)
-
-        control_service('restart')
-
-        yield
-
-        conf.set_wazuh_local_internal_options(backup_options_lines)
-
-        control_service('restart')
-    else:
-        yield

tests/integration/test_logcollector/test_macos/data/wazuh_macos_format_basic.yaml

@@ -13,4 +13,6 @@
           value: 'macos'
       - log_format:
           value: 'macos'
+      - query:
+         value: 'process=="custom_log" OR process=="logger"'
 

tests/integration/test_logcollector/test_macos/data/wazuh_macos_format_only_future_events.yaml

@@ -3,14 +3,6 @@
   apply_to_modules:
   - test_macos_format_only_future_events
   sections:
-  - section: client
-    elements:
-        - server:
-            elements:
-            - address:
-                value: '127.0.0.1'
-            - protocol:
-                value: 'tcp'
   - section: localfile
     elements:
       - location:

tests/integration/test_logcollector/test_macos/test_macos_format_basic.py

@@ -4,10 +4,12 @@
 
 import os
 import pytest
+import time
 
 import wazuh_testing.logcollector as logcollector
 from wazuh_testing.tools.configuration import load_wazuh_configurations
-from wazuh_testing.remote import check_agent_received_message
+from wazuh_testing.tools.services import control_service
+
 # Marks
 pytestmark = [pytest.mark.darwin, pytest.mark.tier(level=0)]
 
@@ -17,17 +19,29 @@
 
 configurations = load_wazuh_configurations(configurations_path, __name__)
 
+daemons_handler_configuration = {'daemons': ['wazuh-logcollector']}
+
+local_internal_options = {'logcollector.debug': 2,
+                          'logcollector.sample_log_length': 200}
+
 macos_log_messages = [
     {
         'command': 'os_log',
         'type': 'log',
         'level': 'error',
         'subsystem': 'testing.wazuh-agent.macos',
         'category': 'category',
-        'id': 'example'
+        'id': 'os_log_command'
+    },
+    {
+        'command': 'logger',
+        'message': 'Logger message example',
+        'id': 'logger_command'
     }
 ]
 
+macos_log_message_timeout = 40
+macos_monitoring_macos_log_timeout = 30
 
 # fixtures
 @pytest.fixture(scope="module", params=configurations)
@@ -37,15 +51,22 @@ def get_configuration(request):
 
 
 @pytest.fixture(scope="module")
-def get_connection_configuration():
-    """Get configurations from the module."""
-    return logcollector.DEFAULT_AUTHD_REMOTED_SIMULATOR_CONFIGURATION
+def up_wazuh_after_module():
+
+    yield
+    control_service('restart')
+
+@pytest.fixture(scope="function")
+def restart_logcollector_function():
+    control_service('restart', 'wazuh-logcollector')
+
 
 
 @pytest.mark.parametrize('macos_message', macos_log_messages,
                          ids=[log_message['id'] for log_message in macos_log_messages])
-def test_macos_format_basic(get_configuration, configure_environment, get_connection_configuration,
-                            init_authd_remote_simulator, macos_message, restart_logcollector):
+def test_macos_format_basic(get_configuration, configure_environment, configure_local_internal_options_module,
+                            macos_message, file_monitoring, daemons_handler, up_wazuh_after_module,
+                            restart_logcollector_function):
 
     """Check if logcollector gather correctly macOS unified logging system events.
 
@@ -58,10 +79,11 @@ def test_macos_format_basic(get_configuration, configure_environment, get_connec
     expected_macos_message = ""
     log_command = macos_message['command']
 
-    macos_logcollector_monitored = logcollector.callback_monitoring_macos_logs
-    wazuh_log_monitor.start(timeout=30, callback=macos_logcollector_monitored,
+    log_monitor.start(timeout=macos_monitoring_macos_log_timeout, callback=logcollector.callback_monitoring_macos_logs,
                             error_message=logcollector.GENERIC_CALLBACK_ERROR_TARGET_SOCKET)
 
+    time.sleep(3)
+
     if log_command == 'logger':
         logcollector.generate_macos_logger_log(macos_message['message'])
         expected_macos_message = logcollector.format_macos_message_pattern(macos_message['command'],
@@ -75,4 +97,5 @@ def test_macos_format_basic(get_configuration, configure_environment, get_connec
                                                 logcollector.TEMPLATE_OSLOG_MESSAGE, 'log', macos_message['subsystem'],
                                                 macos_message['category'])
 
-    check_agent_received_message(remoted_simulator.rcv_msg_queue, expected_macos_message, timeout=40)
+    log_monitor.start(timeout=macos_log_message_timeout, callback=logcollector.callback_macos_log(expected_macos_message),
+                            error_message=logcollector.GENERIC_CALLBACK_ERROR_TARGET_SOCKET)

tests/integration/test_logcollector/test_macos/test_macos_format_only_future_events.py

@@ -3,12 +3,15 @@
 # This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
 import fnmatch
 import os
+import time
 
 import pytest
 from wazuh_testing import logcollector
+from wazuh_testing.tools import LOG_FILE_PATH
 from wazuh_testing.tools.configuration import load_wazuh_configurations
-from wazuh_testing.remote import check_agent_received_message
 from wazuh_testing.tools.services import control_service
+from wazuh_testing.tools.file import truncate_file
+from wazuh_testing.tools.monitoring import FileMonitor
 
 # Marks
 
@@ -25,6 +28,14 @@
 configuration_ids = [f"{x['ONLY_FUTURE_EVENTS']}" for x in parameters]
 
 
+daemons_handler_configuration = {'daemons': ['wazuh-logcollector']}
+
+local_internal_options = {'logcollector.debug': 2,
+                          'logcollector.sample_log_length': 100}
+
+macos_log_message_timeout = 40
+macos_monitoring_macos_log_timeout = 30
+macos_monitoring_timout_after_logcollector_started = 3
 # Fixtures
 @pytest.fixture(scope="module", params=configurations, ids=configuration_ids)
 def get_configuration(request):
@@ -38,45 +49,65 @@ def get_connection_configuration():
     return logcollector.DEFAULT_AUTHD_REMOTED_SIMULATOR_CONFIGURATION
 
 
-def test_macos_format_only_future_events(get_configuration, configure_environment, get_connection_configuration,
-                                         init_authd_remote_simulator, restart_logcollector):
+@pytest.fixture(scope="module")
+def up_wazuh_after_module():
+
+    yield
+    control_service('restart')
+
+
+@pytest.fixture(scope="module")
+def get_connection_configuration():
+    """Get configurations from the module."""
+    return logcollector.DEFAULT_AUTHD_REMOTED_SIMULATOR_CONFIGURATIO
+
+def test_macos_format_only_future_events(get_configuration, configure_environment,
+                                         configure_local_internal_options_module,
+                                         daemons_handler, file_monitoring, up_wazuh_after_module):
     """Check if logcollector use correctly only-future-events option using macos log format.
 
     Raises:
         TimeoutError: If the expected callback is not generated.
     """
+    log_monitor = FileMonitor(LOG_FILE_PATH)
 
     macos_logcollector_monitored = logcollector.callback_monitoring_macos_logs
-    wazuh_log_monitor.start(timeout=30, callback=macos_logcollector_monitored,
+    log_monitor.start(timeout=30, callback=macos_logcollector_monitored,
                             error_message=logcollector.GENERIC_CALLBACK_ERROR_TARGET_SOCKET)
 
+    time.sleep(macos_monitoring_timout_after_logcollector_started)
+
     only_future_events = get_configuration['metadata']['only-future-events']
 
     old_message = 'Old logger message'
     new_message = 'New logger message'
 
     logcollector.generate_macos_logger_log(old_message)
     expected_old_macos_message = logcollector.format_macos_message_pattern('logger', old_message)
-    check_agent_received_message(remoted_simulator.rcv_msg_queue, expected_old_macos_message, timeout=40)
+
+
+    log_monitor.start(timeout=macos_log_message_timeout, 
+                              callback=logcollector.callback_macos_log(expected_old_macos_message))
 
     ## Stop wazuh agent and ensure it gets old macos messages if only-future-events option is disabled
 
-    control_service('restart')
+    control_service('stop')
 
-    macos_logcollector_monitored = logcollector.callback_monitoring_macos_logs
+    truncate_file(LOG_FILE_PATH)
+    log_monitor = FileMonitor(LOG_FILE_PATH)
+    logcollector.generate_macos_logger_log(old_message)
 
-    wazuh_log_monitor.start(timeout=30, callback=macos_logcollector_monitored,
-                            error_message=logcollector.GENERIC_CALLBACK_ERROR_TARGET_SOCKET)
+    control_service('start')
 
-    if only_future_events:
+    if only_future_events == 'yes':
         with pytest.raises(TimeoutError):
-            check_agent_received_message(remoted_simulator.rcv_msg_queue, expected_old_macos_message, timeout=40)
+            log_monitor.start(timeout=macos_log_message_timeout, callback=logcollector.callback_macos_log(expected_old_macos_message))
 
     else:
-        check_agent_received_message(remoted_simulator.rcv_msg_queue, expected_old_macos_message, timeout=40)
+        log_monitor.start(timeout=macos_log_message_timeout, callback=logcollector.callback_macos_log(expected_old_macos_message))
 
     logcollector.generate_macos_logger_log(new_message)
 
     expected_new_macos_message = logcollector.format_macos_message_pattern('logger', new_message)
-
-    check_agent_received_message(remoted_simulator.rcv_msg_queue, expected_new_macos_message, timeout=40)
+    log_monitor.start(timeout=macos_log_message_timeout, callback=logcollector.callback_macos_log(expected_new_macos_message),
+                error_message=logcollector.GENERIC_CALLBACK_ERROR_TARGET_SOCKET)