Add AWSServices discard_regex integration tests

CHANGELOG.md

@@ -9,6 +9,7 @@ Release report: TBD
 
 ### Added
 
+- Add new test cases for the `discard_regex` functionality of `CloudWatchLogs` and `Inspector` services. ([#4278](https://github.com/wazuh/wazuh-qa/pull/4278)) \- (Tests)
 - Add Windows location wildcards tests ([#4263](https://github.com/wazuh/wazuh-qa/pull/4263)) \- (Tests + Framework)
 - New 'SCA' test suite and framework. ([#3566](https://github.com/wazuh/wazuh-qa/pull/3566)) \- (Framework + Tests)
 - Add integration tests for AWS module. ([#3911](https://github.com/wazuh/wazuh-qa/pull/3911)) \- (Framework + Tests + Documentation)

tests/integration/test_aws/data/configuration_template/discard_regex_test_module/configuration_cloudwatch_discard_regex_json.yaml

@@ -0,0 +1,23 @@
+- sections:
+    - section: wodle
+      attributes:
+        - name: aws-s3
+      elements:
+        - disabled:
+            value: 'no'
+        - service:
+            attributes:
+              - type: SERVICE_TYPE
+            elements:
+              - aws_profile:
+                  value: qa
+              - aws_log_groups:
+                  value: LOG_GROUP_NAME
+              - only_logs_after:
+                  value: ONLY_LOGS_AFTER
+              - regions:
+                  value: REGIONS
+              - discard_regex:
+                  attributes:
+                    - field: DISCARD_FIELD
+                  value: DISCARD_REGEX

tests/integration/test_aws/data/configuration_template/discard_regex_test_module/configuration_cloudwatch_discard_regex_simple_text.yaml

@@ -0,0 +1,21 @@
+- sections:
+    - section: wodle
+      attributes:
+        - name: aws-s3
+      elements:
+        - disabled:
+            value: 'no'
+        - service:
+            attributes:
+              - type: SERVICE_TYPE
+            elements:
+              - aws_profile:
+                  value: qa
+              - aws_log_groups:
+                  value: LOG_GROUP_NAME
+              - only_logs_after:
+                  value: ONLY_LOGS_AFTER
+              - regions:
+                  value: REGIONS
+              - discard_regex:
+                  value: DISCARD_REGEX

tests/integration/test_aws/data/configuration_template/discard_regex_test_module/configuration_inspector_discard_regex.yaml

@@ -0,0 +1,21 @@
+- sections:
+    - section: wodle
+      attributes:
+        - name: aws-s3
+      elements:
+        - disabled:
+            value: 'no'
+        - service:
+            attributes:
+              - type: SERVICE_TYPE
+            elements:
+              - aws_profile:
+                  value: qa
+              - only_logs_after:
+                  value: ONLY_LOGS_AFTER
+              - regions:
+                  value: REGIONS
+              - discard_regex:
+                  attributes:
+                    - field: DISCARD_FIELD
+                  value: DISCARD_REGEX

tests/integration/test_aws/data/test_cases/discard_regex_test_module/cases_cloudwatch_discard_regex_json.yaml

@@ -0,0 +1,19 @@
+- name: cloudwatch_discard_regex_json
+  description: >
+    CloudWatch configuration for an event being discarded when the regex matches
+    the content in the specified field inside the incoming JSON log
+  configuration_parameters:
+    SERVICE_TYPE: cloudwatchlogs
+    LOG_GROUP_NAME: wazuh-cloudwatchlogs-integration-tests
+    REGIONS: us-east-1
+    DISCARD_FIELD: networkInterfaces.networkInterfaceId
+    DISCARD_REGEX: .*eni-networkInterfaceId*
+    ONLY_LOGS_AFTER: 2023-JUL-03
+  metadata:
+    service_type: cloudwatchlogs
+    log_group_name: wazuh-cloudwatchlogs-integration-tests
+    only_logs_after: 2023-JUL-03
+    discard_field: networkInterfaces.networkInterfaceId
+    discard_regex: .*eni-networkInterfaceId.*
+    regions: us-east-1
+    found_logs: 1

tests/integration/test_aws/data/test_cases/discard_regex_test_module/cases_cloudwatch_discard_regex_simple_text.yaml

@@ -0,0 +1,17 @@
+- name: cloudwatch_discard_regex_simple_text
+  description: >
+    CloudWatch configuration for an event being discarded when the regex matches
+    the content inside the incoming simple text log
+  configuration_parameters:
+    SERVICE_TYPE: cloudwatchlogs
+    LOG_GROUP_NAME: wazuh-cloudwatchlogs-integration-tests
+    REGIONS: us-east-1
+    DISCARD_REGEX: .*Test.*
+    ONLY_LOGS_AFTER: 2023-JAN-12
+  metadata:
+    service_type: cloudwatchlogs
+    log_group_name: wazuh-cloudwatchlogs-integration-tests
+    only_logs_after: 2023-JAN-12
+    discard_regex: .*Test.*
+    regions: us-east-1
+    found_logs: 3

tests/integration/test_aws/data/test_cases/discard_regex_test_module/cases_inspector_discard_regex.yaml

@@ -0,0 +1,17 @@
+- name: inspector_discard_regex
+  description: >
+    Inspector configuration for an event being discarded when the regex matches
+    the content in the specified field inside the incoming JSON log
+  configuration_parameters:
+    SERVICE_TYPE: inspector
+    REGIONS: us-east-1
+    DISCARD_FIELD: assetAttributes.tags.value
+    DISCARD_REGEX: .*inspector-integration-test.*
+    ONLY_LOGS_AFTER: 2023-JAN-12
+  metadata:
+    service_type: inspector
+    only_logs_after: 2023-JAN-12
+    discard_field: assetAttributes.tags.value
+    discard_regex: .*inspector-integration-test.*
+    regions: us-east-1
+    found_logs: 4