From 73f7a6febe1c666a485b99b804b3fb86ec1297d1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADctor=20Rebollo=20P=C3=A9rez?= Date: Tue, 13 Feb 2024 18:28:08 +0000 Subject: [PATCH 1/7] fix: monitoring e2e method --- .../wazuh_testing/end_to_end/monitoring.py | 29 +++++++++++++++---- 1 file changed, 23 insertions(+), 6 deletions(-) diff --git a/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py b/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py index 915ac8e112..a441998cc1 100644 --- a/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py +++ b/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py @@ -26,7 +26,8 @@ from wazuh_testing.tools.system import HostManager -def monitoring_events_multihost(host_manager: HostManager, monitoring_data: Dict, ignore_error: bool = False) -> Dict: +def monitoring_events_multihost(host_manager: HostManager, monitoring_data: Dict, ignore_error: bool = False, + scan_interval: int = 5) -> Dict: """ Monitor events on multiple hosts concurrently. @@ -61,8 +62,9 @@ def monitoring_events_multihost(host_manager: HostManager, monitoring_data: Dict } } """ - def monitoring_event(host_manager: HostManager, host: str, monitoring_elements: List[Dict], scan_interval: int = 20, - ignore_error: bool = False) -> Dict: + def monitoring_event(host_manager: HostManager, host: str, monitoring_elements: List[Dict], + ignore_error: bool = False, + scan_interval: int = 5) -> Dict: """ Monitor the specified elements on a host. @@ -98,7 +100,7 @@ def filter_events_by_timestamp(match_events: List) -> List: timestamp_datetime = datetime.strptime(timestamp_str, timestamp_format) greater_than_timestamp_formatted = datetime.strptime(greater_than_timestamp, timestamp_format_parameter) - if timestamp_datetime >= greater_than_timestamp_formatted: + if timestamp_datetime >= greater_than_timestamp_formatted: match_that_fit_timestamp.append(match) return match_that_fit_timestamp @@ -112,24 +114,39 @@ def filter_events_by_timestamp(match_events: List) -> List: element['n_iterations'], \ element.get('greater_than_timestamp', None) current_timeout = 0 - regex_match = None + regex_match = False while current_timeout < timeout: + logging.critical(f"Monitoring {regex} on {host} for {timeout} seconds") + logging.critical(f"Current timeout: {current_timeout}") + logging.critical(f"Timeout: {timeout}") + + file_content = host_manager.get_file_content(host, monitoring_file) match_regex = re.findall(regex, file_content) + + logging.critical(f"Matched events: {match_regex}") + if greater_than_timestamp: match_that_fit_timestamp = filter_events_by_timestamp(match_regex) else: match_that_fit_timestamp = list(match_regex) + logging.critical(f"Matched events that fit the timestamp: {match_that_fit_timestamp}") + if match_that_fit_timestamp and len(list(match_that_fit_timestamp)) >= n_iterations: elements_found = list(match_that_fit_timestamp) regex_match = True + logging.critical(f"Element found: {element}") break + logging.critical(f"Element not found: {element}") + + logging.critical(f"Sleeping for {scan_interval} seconds") + sleep(scan_interval) - current_timeout += scan_interval + current_timeout = current_timeout + scan_interval if not regex_match: elements_not_found.append(element) From e53a34060bdbbe9ddabb294a91d0370f19cf0e9b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADctor=20Rebollo=20P=C3=A9rez?= Date: Wed, 14 Feb 2024 18:34:13 +0000 Subject: [PATCH 2/7] fix: remove verbose logging messages --- .../wazuh_testing/end_to_end/monitoring.py | 14 -------------- 1 file changed, 14 deletions(-) diff --git a/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py b/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py index a441998cc1..a40476b280 100644 --- a/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py +++ b/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py @@ -117,33 +117,19 @@ def filter_events_by_timestamp(match_events: List) -> List: regex_match = False while current_timeout < timeout: - logging.critical(f"Monitoring {regex} on {host} for {timeout} seconds") - logging.critical(f"Current timeout: {current_timeout}") - logging.critical(f"Timeout: {timeout}") - - file_content = host_manager.get_file_content(host, monitoring_file) match_regex = re.findall(regex, file_content) - logging.critical(f"Matched events: {match_regex}") - if greater_than_timestamp: match_that_fit_timestamp = filter_events_by_timestamp(match_regex) else: match_that_fit_timestamp = list(match_regex) - logging.critical(f"Matched events that fit the timestamp: {match_that_fit_timestamp}") - if match_that_fit_timestamp and len(list(match_that_fit_timestamp)) >= n_iterations: elements_found = list(match_that_fit_timestamp) regex_match = True - logging.critical(f"Element found: {element}") break - logging.critical(f"Element not found: {element}") - - logging.critical(f"Sleeping for {scan_interval} seconds") - sleep(scan_interval) current_timeout = current_timeout + scan_interval From 185565bba1fe20771c2f626d1e4e4923325f815b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADctor=20Rebollo=20P=C3=A9rez?= Date: Wed, 21 Feb 2024 11:17:55 +0000 Subject: [PATCH 3/7] fix: improve error handling monitoring --- .../wazuh_testing/end_to_end/monitoring.py | 24 ++++++++++--------- 1 file changed, 13 insertions(+), 11 deletions(-) diff --git a/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py b/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py index a40476b280..36749bef65 100644 --- a/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py +++ b/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py @@ -26,7 +26,7 @@ from wazuh_testing.tools.system import HostManager -def monitoring_events_multihost(host_manager: HostManager, monitoring_data: Dict, ignore_error: bool = False, +def monitoring_events_multihost(host_manager: HostManager, monitoring_data: Dict, ignore_error: bool = True, scan_interval: int = 5) -> Dict: """ Monitor events on multiple hosts concurrently. @@ -63,7 +63,7 @@ def monitoring_events_multihost(host_manager: HostManager, monitoring_data: Dict } """ def monitoring_event(host_manager: HostManager, host: str, monitoring_elements: List[Dict], - ignore_error: bool = False, + ignore_error: bool = True, scan_interval: int = 5) -> Dict: """ Monitor the specified elements on a host. @@ -72,7 +72,7 @@ def monitoring_event(host_manager: HostManager, host: str, monitoring_elements: host_manager (HostManager): Host Manager to handle the environment host (str): The target host. monitoring_elements(List): A list of dictionaries containing regex, timeout, and file. - ignore_error: If True, ignore errors and continue monitoring. + ignore_error: If True, ignore TimeoutError and return the result. Raises: TimeoutError: If no match is found within the specified timeout. @@ -97,8 +97,13 @@ def filter_events_by_timestamp(match_events: List) -> List: timestamp_format = "%Y/%m/%d %H:%M:%S" timestamp_format_parameter = "%Y-%m-%dT%H:%M:%S.%f" - timestamp_datetime = datetime.strptime(timestamp_str, timestamp_format) - greater_than_timestamp_formatted = datetime.strptime(greater_than_timestamp, timestamp_format_parameter) + try: + timestamp_datetime = datetime.strptime(timestamp_str, timestamp_format) + greater_than_timestamp_formatted = datetime.strptime(greater_than_timestamp, + timestamp_format_parameter) + except ValueError: + raise ValueError(f"Timestamp format not supported: {timestamp_str}." + 'Do the regex includes the timestamp?') if timestamp_datetime >= greater_than_timestamp_formatted: match_that_fit_timestamp.append(match) @@ -153,15 +158,12 @@ def filter_events_by_timestamp(match_events: List) -> List: with ThreadPoolExecutor() as executor: futures = [] for host, data in monitoring_data.items(): - futures.append(executor.submit(monitoring_event, host_manager, host, data, ignore_error)) + futures.append(executor.submit(monitoring_event, host_manager, host, data, ignore_error, scan_interval)) results = {} for future in as_completed(futures): - try: - result = future.result() - results.update(result) - except Exception as e: - logging.error(f"An error occurred: {e}") + result = future.result() + results.update(result) logging.info(f"Monitoring results: {results}") From e5f982f6f88ef1bec7a5da26bb3e2c00998a5dc6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADctor=20Rebollo=20P=C3=A9rez?= Date: Wed, 21 Feb 2024 17:50:08 +0000 Subject: [PATCH 4/7] fix: refactor monitoring --- deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py b/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py index 36749bef65..fdfa570a23 100644 --- a/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py +++ b/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py @@ -137,7 +137,7 @@ def filter_events_by_timestamp(match_events: List) -> List: sleep(scan_interval) - current_timeout = current_timeout + scan_interval + current_timeout += scan_interval if not regex_match: elements_not_found.append(element) From d0068357a52f1d59580f3777ab4e35db30321570 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADctor=20Rebollo=20P=C3=A9rez?= Date: Thu, 22 Feb 2024 17:06:27 +0000 Subject: [PATCH 5/7] style: create default scan interval variable Co-authored-by: Julia Magan --- deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py b/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py index fdfa570a23..2347735832 100644 --- a/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py +++ b/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py @@ -26,8 +26,10 @@ from wazuh_testing.tools.system import HostManager +DEFAULT_SCAN_INTERVAL = 5 + def monitoring_events_multihost(host_manager: HostManager, monitoring_data: Dict, ignore_error: bool = True, - scan_interval: int = 5) -> Dict: + scan_interval: int = DEFAULT_SCAN_INTERVAL) -> Dict: """ Monitor events on multiple hosts concurrently. @@ -64,7 +66,7 @@ def monitoring_events_multihost(host_manager: HostManager, monitoring_data: Dict """ def monitoring_event(host_manager: HostManager, host: str, monitoring_elements: List[Dict], ignore_error: bool = True, - scan_interval: int = 5) -> Dict: + scan_interval: int = DEFAULT_SCAN_INTERVAL) -> Dict: """ Monitor the specified elements on a host. From b0949d3b41a25449044692ebbea44ad9086275a7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADctor=20Rebollo=20P=C3=A9rez?= Date: Thu, 22 Feb 2024 17:10:55 +0000 Subject: [PATCH 6/7] style: rename ignore_error parameter Co-authored-by: Julia Magan --- .../wazuh_testing/end_to_end/monitoring.py | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py b/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py index 2347735832..72ebb895ce 100644 --- a/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py +++ b/deps/wazuh_testing/wazuh_testing/end_to_end/monitoring.py @@ -28,7 +28,8 @@ DEFAULT_SCAN_INTERVAL = 5 -def monitoring_events_multihost(host_manager: HostManager, monitoring_data: Dict, ignore_error: bool = True, + +def monitoring_events_multihost(host_manager: HostManager, monitoring_data: Dict, ignore_timeout_error: bool = True, scan_interval: int = DEFAULT_SCAN_INTERVAL) -> Dict: """ Monitor events on multiple hosts concurrently. @@ -36,7 +37,7 @@ def monitoring_events_multihost(host_manager: HostManager, monitoring_data: Dict Args: host_manager: An instance of the HostManager class containing information about hosts. monitoring_data: A dictionary containing monitoring data for each host. - ignore_error: If True, ignore errors and continue monitoring. + ignore_timeout_error: If True, ignore TimeoutError and return the result. Returns: dict: A dictionary containing the monitoring results. @@ -65,7 +66,7 @@ def monitoring_events_multihost(host_manager: HostManager, monitoring_data: Dict } """ def monitoring_event(host_manager: HostManager, host: str, monitoring_elements: List[Dict], - ignore_error: bool = True, + ignore_timeout_error: bool = True, scan_interval: int = DEFAULT_SCAN_INTERVAL) -> Dict: """ Monitor the specified elements on a host. @@ -74,7 +75,7 @@ def monitoring_event(host_manager: HostManager, host: str, monitoring_elements: host_manager (HostManager): Host Manager to handle the environment host (str): The target host. monitoring_elements(List): A list of dictionaries containing regex, timeout, and file. - ignore_error: If True, ignore TimeoutError and return the result. + ignore_timeout_error: If True, ignore TimeoutError and return the result. Raises: TimeoutError: If no match is found within the specified timeout. @@ -143,7 +144,7 @@ def filter_events_by_timestamp(match_events: List) -> List: if not regex_match: elements_not_found.append(element) - if not ignore_error: + if not ignore_timeout_error: raise TimeoutError(f"Element not found: {element}") monitoring_result = {} @@ -160,7 +161,8 @@ def filter_events_by_timestamp(match_events: List) -> List: with ThreadPoolExecutor() as executor: futures = [] for host, data in monitoring_data.items(): - futures.append(executor.submit(monitoring_event, host_manager, host, data, ignore_error, scan_interval)) + futures.append(executor.submit(monitoring_event, host_manager, host, data, ignore_timeout_error, + scan_interval)) results = {} for future in as_completed(futures): From 8dde65f39f9b4b336fd6556ee11d4f969c7ac664 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?V=C3=ADctor=20Rebollo=20P=C3=A9rez?= Date: Thu, 22 Feb 2024 17:24:00 +0000 Subject: [PATCH 7/7] docs: include 4959 changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3b9052b837..b07feb796c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -37,6 +37,7 @@ All notable changes to this project will be documented in this file. ### Fixed +- Fix E2E Vulnerability Detection monitoring function ([#4959](https://github.com/wazuh/wazuh-qa/pull/4959)) \- (Framework) - Fix macOS Vulnerability Detection handler provision in E2E tests ([#4948](https://github.com/wazuh/wazuh-qa/pull/4948)) \- (Framework) - Migrate Vulnerability Detection timeouts variables to the waiters module ([#4949](https://github.com/wazuh/wazuh-qa/pull/4949)) \- (Framework) - Migrate HostMonitor to system_monitoring to avoid Windows import of ansible module ([#4917](https://github.com/wazuh/wazuh-qa/pull/4917/)) \- (Framework)