doc: Add test_registry_basic_usage of test_fim/test_registry document…

…ation in QA Docs style

The following tests have been documentated:
  * test_basic_usage_registry_changes.py
  * test_basic_usage_registry_new_key.py
  * test_long_registry_path.py
The current scheme of the issue #1694 has been used.
Updated config.yaml
PEP-8 fixes.

Closes: #2062

docs/DocGenerator/config.yaml

@@ -75,6 +75,7 @@ Ignore paths:
   - "../../tests/integration/test_fim/test_files/test_wildcards_complex/data"
   - "../../tests/integration/test_fim/test_files/test_windows_audit_interval/data"
   - "../../tests/integration/test_fim/test_registry/test_registry_ambiguous_confs/data"
+  - "../../tests/integration/test_fim/test_registry/test_registry_basic_usage/data"
 
 Output fields:
   Module:

tests/integration/test_fim/test_registry/test_registry_basic_usage/test_basic_usage_registry_changes.py

@@ -1,7 +1,57 @@
-# Copyright (C) 2015-2021, Wazuh Inc.
-# Created by Wazuh, Inc. <info@wazuh.com>.
-# This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+'''
+copyright: Copyright (C) 2015-2021, Wazuh Inc.
 
+           Created by Wazuh, Inc. <info@wazuh.com>.
+
+           This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+
+type: integration
+
+brief: File Integrity Monitoring (FIM) system watches selected files and triggering alerts when
+       these files are modified. Specifically, these tests will check if FIM detects correctly
+       common operations ('add', 'modify', and 'delete') on monitored registry entries.
+       The FIM capability is managed by the 'wazuh-syscheckd' daemon, which checks configured
+       files for changes to the checksums, permissions, and ownership.
+
+tier: 0
+
+modules:
+    - fim
+
+components:
+    - agent
+
+daemons:
+    - wazuh-syscheckd
+
+os_platform:
+    - windows
+
+os_version:
+    - Windows 10
+    - Windows 8
+    - Windows 7
+    - Windows Server 2016
+    - Windows Server 2012
+    - Windows Server 2003
+    - Windows XP
+
+references:
+    - https://documentation.wazuh.com/current/user-manual/capabilities/file-integrity/index.html
+    - https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/syscheck.html#windows-registry
+
+pytest_args:
+    - fim_mode:
+        realtime: Enable real-time monitoring on Linux (using the 'inotify' system calls) and Windows systems.
+        whodata: Implies real-time monitoring but adding the 'who-data' information.
+    - tier:
+        0: Only level 0 tests are performed, they check basic functionalities and are quick to perform.
+        1: Only level 1 tests are performed, they check functionalities of medium complexity.
+        2: Only level 2 tests are performed, they check advanced functionalities and are slow to perform.
+
+tags:
+    - fim_registry_basic_usage
+'''
 import os
 
 import pytest
@@ -63,9 +113,54 @@ def get_configuration(request):
 ])
 def test_registry_changes(key, subkey, arch, value_type, get_configuration, configure_environment, restart_syscheckd,
                           wait_for_fim_start):
-    """
-    Check if events appear for subkeys/values of a monitored key
-    """
+    '''
+    description: Check if the 'wazuh-syscheckd' daemon detects registry events generated from subkeys/values.
+                 For this purpose, the test will monitor a registry key and make key/value operations inside it.
+                 Finally, it will check that FIM events are generated for the modifications made on the key/values.
+
+    wazuh_min_version: 4.2.0
+
+    parameters:
+        - key:
+            type: str
+            brief: Path of the registry root key (HKEY_* constants).
+        - subkey:
+            type: str
+            brief: Path of the key that will be created under the root key.
+        - arch:
+            type: str
+            brief: Architecture of the registry.
+        - value_type:
+            type: srt
+            brief: Type of the registry value to be created.
+        - get_configuration:
+            type: fixture
+            brief: Get configurations from the module.
+        - configure_environment:
+            type: fixture
+            brief: Configure a custom environment for testing.
+        - restart_syscheckd:
+            type: fixture
+            brief: Clear the 'ossec.log' file and start a new monitor.
+        - wait_for_fim_start:
+            type: fixture
+            brief: Wait for realtime start, whodata start, or end of initial FIM scan.
+
+    assertions:
+        - Verify that FIM events are generated for the changes detected on the monitored registry entries.
+
+    input_description: A test case (ossec_conf_2) is contained in an external YAML file
+                       (wazuh_conf_registry_both.yaml) which includes configuration settings for
+                       the 'wazuh-syscheckd' daemon. That is combined with the testing registry
+                       keys to be monitored defined in the module.
+
+    expected_output:
+        - r'.*Sending FIM event: (.+)$' ('added', 'modified', and 'deleted' events)
+
+    tags:
+        - scheduled
+        - time_travel
+    '''
     registry_key_cud(key, subkey, wazuh_log_monitor, arch=arch,
                      time_travel=get_configuration['metadata']['fim_mode'] == 'scheduled',
                      min_timeout=global_parameters.default_timeout,

tests/integration/test_fim/test_registry/test_registry_basic_usage/test_basic_usage_registry_new_key.py

@@ -1,7 +1,58 @@
-# Copyright (C) 2015-2021, Wazuh Inc.
-# Created by Wazuh, Inc. <info@wazuh.com>.
-# This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+'''
+copyright: Copyright (C) 2015-2021, Wazuh Inc.
 
+           Created by Wazuh, Inc. <info@wazuh.com>.
+
+           This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+
+type: integration
+
+brief: File Integrity Monitoring (FIM) system watches selected files and triggering alerts when
+       these files are modified. Specifically, these tests will check if FIM detects correctly
+       common operations ('add', 'modify', and 'delete') on monitored registry values after
+       the next scheduled scan.
+       The FIM capability is managed by the 'wazuh-syscheckd' daemon, which checks configured
+       files for changes to the checksums, permissions, and ownership.
+
+tier: 0
+
+modules:
+    - fim
+
+components:
+    - agent
+
+daemons:
+    - wazuh-syscheckd
+
+os_platform:
+    - windows
+
+os_version:
+    - Windows 10
+    - Windows 8
+    - Windows 7
+    - Windows Server 2016
+    - Windows Server 2012
+    - Windows Server 2003
+    - Windows XP
+
+references:
+    - https://documentation.wazuh.com/current/user-manual/capabilities/file-integrity/index.html
+    - https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/syscheck.html#windows-registry
+
+pytest_args:
+    - fim_mode:
+        realtime: Enable real-time monitoring on Linux (using the 'inotify' system calls) and Windows systems.
+        whodata: Implies real-time monitoring but adding the 'who-data' information.
+    - tier:
+        0: Only level 0 tests are performed, they check basic functionalities and are quick to perform.
+        1: Only level 1 tests are performed, they check functionalities of medium complexity.
+        2: Only level 2 tests are performed, they check advanced functionalities and are slow to perform.
+
+tags:
+    - fim_registry_basic_usage
+'''
 import os
 
 import pytest
@@ -46,10 +97,44 @@ def get_configuration(request):
 # tests
 
 def test_new_key(get_configuration, configure_environment, restart_syscheckd, wait_for_fim_start):
-    """
-    Check that a new monitored key generates events after the next scheduled scan.
-    """
-
+    '''
+    description: Check if the 'wazuh-syscheckd' daemon generates events from a new monitored key after
+                 the next scheduled scan. For this purpose, the test will monitor a registry key and
+                 make value operations inside it. Finally, it will check that FIM events are generated
+                 for the modifications made on the testing value.
+
+    wazuh_min_version: 4.2.0
+
+    parameters:
+        - get_configuration:
+            type: fixture
+            brief: Get configurations from the module.
+        - configure_environment:
+            type: fixture
+            brief: Configure a custom environment for testing.
+        - restart_syscheckd:
+            type: fixture
+            brief: Clear the 'ossec.log' file and start a new monitor.
+        - wait_for_fim_start:
+            type: fixture
+            brief: Wait for realtime start, whodata start, or end of initial FIM scan.
+
+    assertions:
+        - Verify that FIM events are generated for the changes detected on the monitored values
+          after the next scheduled scan.
+
+    input_description: A test case (ossec_conf_2) is contained in an external YAML file
+                       (wazuh_conf_reg_attr.yaml) which includes configuration settings for
+                       the 'wazuh-syscheckd' daemon. That is combined with the testing registry
+                       key to be monitored defined in the module.
+
+    expected_output:
+        - r'.*Sending FIM event: (.+)$' ('added', 'modified', and 'deleted' events)
+
+    tags:
+        - scheduled
+        - time_travel
+    '''
     create_registry(registry_parser[key], sub_key_1, arch)
 
     check_time_travel(True, monitor=wazuh_log_monitor)

tests/integration/test_fim/test_registry/test_registry_basic_usage/test_long_registry_path.py

@@ -1,7 +1,58 @@
-# Copyright (C) 2015-2021, Wazuh Inc.
-# Created by Wazuh, Inc. <info@wazuh.com>.
-# This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+'''
+copyright: Copyright (C) 2015-2021, Wazuh Inc.
 
+           Created by Wazuh, Inc. <info@wazuh.com>.
+
+           This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+
+type: integration
+
+brief: File Integrity Monitoring (FIM) system watches selected files and triggering alerts when
+       these files are modified. Specifically, these tests will check if FIM detects correctly
+       common operations ('add', 'modify', and 'delete') on registry values from monitored
+       registry keys that use long paths.
+       The FIM capability is managed by the 'wazuh-syscheckd' daemon, which checks configured
+       files for changes to the checksums, permissions, and ownership.
+
+tier: 0
+
+modules:
+    - fim
+
+components:
+    - agent
+
+daemons:
+    - wazuh-syscheckd
+
+os_platform:
+    - windows
+
+os_version:
+    - Windows 10
+    - Windows 8
+    - Windows 7
+    - Windows Server 2016
+    - Windows Server 2012
+    - Windows Server 2003
+    - Windows XP
+
+references:
+    - https://documentation.wazuh.com/current/user-manual/capabilities/file-integrity/index.html
+    - https://documentation.wazuh.com/current/user-manual/reference/ossec-conf/syscheck.html#windows-registry
+
+pytest_args:
+    - fim_mode:
+        realtime: Enable real-time monitoring on Linux (using the 'inotify' system calls) and Windows systems.
+        whodata: Implies real-time monitoring but adding the 'who-data' information.
+    - tier:
+        0: Only level 0 tests are performed, they check basic functionalities and are quick to perform.
+        1: Only level 1 tests are performed, they check functionalities of medium complexity.
+        2: Only level 2 tests are performed, they check advanced functionalities and are slow to perform.
+
+tags:
+    - fim_registry_basic_usage
+'''
 import os
 
 import pytest
@@ -53,10 +104,44 @@ def extra_configuration_before_yield():
 
 
 def test_long_registry_path(get_configuration, configure_environment, restart_syscheckd, wait_for_fim_start):
-    """
-    Check if long key names generates events
-    """
-
+    '''
+    description: Check if the 'wazuh-syscheckd' daemon generates events from monitored keys with long paths.
+                 For this purpose, the test will monitor a registry key with a long character length path
+                 and make value operations inside it. Finally, it will check that FIM events are generated
+                 for the modifications made on the testing value.
+
+    wazuh_min_version: 4.2.0
+
+    parameters:
+        - get_configuration:
+            type: fixture
+            brief: Get configurations from the module.
+        - configure_environment:
+            type: fixture
+            brief: Configure a custom environment for testing.
+        - restart_syscheckd:
+            type: fixture
+            brief: Clear the 'ossec.log' file and start a new monitor.
+        - wait_for_fim_start:
+            type: fixture
+            brief: Wait for realtime start, whodata start, or end of initial FIM scan.
+
+    assertions:
+        - Verify that FIM events are generated for the changes detected on the monitored values
+          in the registry key with a long path.
+
+    input_description: A test case (ossec_conf_2) is contained in an external YAML file
+                       (wazuh_conf_reg_attr.yaml) which includes configuration settings for
+                       the 'wazuh-syscheckd' daemon. That is combined with the testing registry
+                       key to be monitored defined in the module.
+
+    expected_output:
+        - r'.*Sending FIM event: (.+)$' ('added', 'modified', and 'deleted' events)
+
+    tags:
+        - scheduled
+        - time_travel
+    '''
     max_value_name = "value_test"
     for i in range(16372):
         max_value_name += "a"