youtubebeat/vendor/github.com/elastic/beats/packetbeat/publish/publish_test.go

// Licensed to Elasticsearch B.V. under one or more contributor
// license agreements. See the NOTICE file distributed with
// this work for additional information regarding copyright
// ownership. Elasticsearch B.V. licenses this file to you under
// the Apache License, Version 2.0 (the "License"); you may
// not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing,
// software distributed under the License is distributed on an
// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
// KIND, either express or implied.  See the License for the
// specific language governing permissions and limitations
// under the License.

// +build !integration

package publish

import (
	"testing"
	"time"

	"github.com/stretchr/testify/assert"

	"github.com/elastic/beats/libbeat/beat"
	"github.com/elastic/beats/libbeat/common"
)

func testEvent() beat.Event {
	return beat.Event{
		Timestamp: time.Now(),
		Fields: common.MapStr{
			"type": "test",
			"src":  &common.Endpoint{},
			"dst":  &common.Endpoint{},
		},
	}
}

// Test that FilterEvent detects events that do not contain the required fields
// and returns error.
func TestFilterEvent(t *testing.T) {
	var testCases = []struct {
		f   func() beat.Event
		err string
	}{
		{testEvent, ""},
		{
			func() beat.Event {
				e := testEvent()
				e.Fields["@timestamp"] = time.Now()
				return e
			},
			"duplicate '@timestamp'",
		},
		{
			func() beat.Event {
				e := testEvent()
				e.Timestamp = time.Time{}
				return e
			},
			"missing '@timestamp'",
		},
		{
			func() beat.Event {
				e := testEvent()
				delete(e.Fields, "type")
				return e
			},
			"missing 'type'",
		},
		{
			func() beat.Event {
				e := testEvent()
				e.Fields["type"] = 123
				return e
			},
			"invalid 'type'",
		},
	}

	for _, test := range testCases {
		event := test.f()
		assert.Regexp(t, test.err, validateEvent(&event))
	}
}

func TestDirectionOut(t *testing.T) {
	processor := transProcessor{
		localIPs:       []string{"192.145.2.4"},
		ignoreOutgoing: false,
		name:           "test",
	}

	event := beat.Event{
		Timestamp: time.Now(),
		Fields: common.MapStr{
			"type": "test",
			"src": &common.Endpoint{
				IP:      "192.145.2.4",
				Port:    3267,
				Name:    "server1",
				Cmdline: "proc1 start",
				Proc:    "proc1",
			},
			"dst": &common.Endpoint{
				IP:      "192.145.2.5",
				Port:    32232,
				Name:    "server2",
				Cmdline: "proc2 start",
				Proc:    "proc2",
			},
		},
	}

	if res, _ := processor.Run(&event); res == nil {
		t.Fatalf("event has been filtered out")
	}
	assert.True(t, event.Fields["client_ip"] == "192.145.2.4")
	assert.True(t, event.Fields["direction"] == "out")
}

func TestDirectionIn(t *testing.T) {
	processor := transProcessor{
		localIPs:       []string{"192.145.2.5"},
		ignoreOutgoing: false,
		name:           "test",
	}

	event := beat.Event{
		Timestamp: time.Now(),
		Fields: common.MapStr{
			"type": "test",
			"src": &common.Endpoint{
				IP:      "192.145.2.4",
				Port:    3267,
				Name:    "server1",
				Cmdline: "proc1 start",
				Proc:    "proc1",
			},
			"dst": &common.Endpoint{
				IP:      "192.145.2.5",
				Port:    32232,
				Name:    "server2",
				Cmdline: "proc2 start",
				Proc:    "proc2",
			},
		},
	}

	if res, _ := processor.Run(&event); res == nil {
		t.Fatalf("event has been filtered out")
	}
	assert.True(t, event.Fields["client_ip"] == "192.145.2.4")
	assert.True(t, event.Fields["direction"] == "in")
}

func TestNoDirection(t *testing.T) {
	processor := transProcessor{
		localIPs:       []string{"192.145.2.6"},
		ignoreOutgoing: false,
		name:           "test",
	}

	event := beat.Event{
		Timestamp: time.Now(),
		Fields: common.MapStr{
			"type": "test",
			"src": &common.Endpoint{
				IP:      "192.145.2.4",
				Port:    3267,
				Name:    "server1",
				Cmdline: "proc1 start",
				Proc:    "proc1",
			},
			"dst": &common.Endpoint{
				IP:      "192.145.2.5",
				Port:    32232,
				Name:    "server2",
				Cmdline: "proc2 start",
				Proc:    "proc2",
			},
		},
	}

	if res, _ := processor.Run(&event); res == nil {
		t.Fatalf("event has been filtered out")
	}
	assert.True(t, event.Fields["client_ip"] == "192.145.2.4")
	_, ok := event.Fields["direction"]
	assert.False(t, ok)
}
Add generated youtubebeat files 2018-11-18 11:08:38 +01:00			`// Licensed to Elasticsearch B.V. under one or more contributor`
			`// license agreements. See the NOTICE file distributed with`
			`// this work for additional information regarding copyright`
			`// ownership. Elasticsearch B.V. licenses this file to you under`
			`// the Apache License, Version 2.0 (the "License"); you may`
			`// not use this file except in compliance with the License.`
			`// You may obtain a copy of the License at`
			`//`
			`// http://www.apache.org/licenses/LICENSE-2.0`
			`//`
			`// Unless required by applicable law or agreed to in writing,`
			`// software distributed under the License is distributed on an`
			`// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY`
			`// KIND, either express or implied. See the License for the`
			`// specific language governing permissions and limitations`
			`// under the License.`

			`// +build !integration`

			`package publish`

			`import (`
			`"testing"`
			`"time"`

			`"github.com/stretchr/testify/assert"`

			`"github.com/elastic/beats/libbeat/beat"`
			`"github.com/elastic/beats/libbeat/common"`
			`)`

			`func testEvent() beat.Event {`
			`return beat.Event{`
			`Timestamp: time.Now(),`
			`Fields: common.MapStr{`
			`"type": "test",`
			`"src": &common.Endpoint{},`
			`"dst": &common.Endpoint{},`
			`},`
			`}`
			`}`

			`// Test that FilterEvent detects events that do not contain the required fields`
			`// and returns error.`
			`func TestFilterEvent(t *testing.T) {`
			`var testCases = []struct {`
			`f func() beat.Event`
			`err string`
			`}{`
			`{testEvent, ""},`
			`{`
			`func() beat.Event {`
			`e := testEvent()`
			`e.Fields["@timestamp"] = time.Now()`
			`return e`
			`},`
			`"duplicate '@timestamp'",`
			`},`
			`{`
			`func() beat.Event {`
			`e := testEvent()`
			`e.Timestamp = time.Time{}`
			`return e`
			`},`
			`"missing '@timestamp'",`
			`},`
			`{`
			`func() beat.Event {`
			`e := testEvent()`
			`delete(e.Fields, "type")`
			`return e`
			`},`
			`"missing 'type'",`
			`},`
			`{`
			`func() beat.Event {`
			`e := testEvent()`
			`e.Fields["type"] = 123`
			`return e`
			`},`
			`"invalid 'type'",`
			`},`
			`}`

			`for _, test := range testCases {`
			`event := test.f()`
			`assert.Regexp(t, test.err, validateEvent(&event))`
			`}`
			`}`

			`func TestDirectionOut(t *testing.T) {`
			`processor := transProcessor{`
			`localIPs: []string{"192.145.2.4"},`
			`ignoreOutgoing: false,`
			`name: "test",`
			`}`

			`event := beat.Event{`
			`Timestamp: time.Now(),`
			`Fields: common.MapStr{`
			`"type": "test",`
			`"src": &common.Endpoint{`
			`IP: "192.145.2.4",`
			`Port: 3267,`
			`Name: "server1",`
			`Cmdline: "proc1 start",`
			`Proc: "proc1",`
			`},`
			`"dst": &common.Endpoint{`
			`IP: "192.145.2.5",`
			`Port: 32232,`
			`Name: "server2",`
			`Cmdline: "proc2 start",`
			`Proc: "proc2",`
			`},`
			`},`
			`}`

			`if res, _ := processor.Run(&event); res == nil {`
			`t.Fatalf("event has been filtered out")`
			`}`
			`assert.True(t, event.Fields["client_ip"] == "192.145.2.4")`
			`assert.True(t, event.Fields["direction"] == "out")`
			`}`

			`func TestDirectionIn(t *testing.T) {`
			`processor := transProcessor{`
			`localIPs: []string{"192.145.2.5"},`
			`ignoreOutgoing: false,`
			`name: "test",`
			`}`

			`event := beat.Event{`
			`Timestamp: time.Now(),`
			`Fields: common.MapStr{`
			`"type": "test",`
			`"src": &common.Endpoint{`
			`IP: "192.145.2.4",`
			`Port: 3267,`
			`Name: "server1",`
			`Cmdline: "proc1 start",`
			`Proc: "proc1",`
			`},`
			`"dst": &common.Endpoint{`
			`IP: "192.145.2.5",`
			`Port: 32232,`
			`Name: "server2",`
			`Cmdline: "proc2 start",`
			`Proc: "proc2",`
			`},`
			`},`
			`}`

			`if res, _ := processor.Run(&event); res == nil {`
			`t.Fatalf("event has been filtered out")`
			`}`
			`assert.True(t, event.Fields["client_ip"] == "192.145.2.4")`
			`assert.True(t, event.Fields["direction"] == "in")`
			`}`

			`func TestNoDirection(t *testing.T) {`
			`processor := transProcessor{`
			`localIPs: []string{"192.145.2.6"},`
			`ignoreOutgoing: false,`
			`name: "test",`
			`}`

			`event := beat.Event{`
			`Timestamp: time.Now(),`
			`Fields: common.MapStr{`
			`"type": "test",`
			`"src": &common.Endpoint{`
			`IP: "192.145.2.4",`
			`Port: 3267,`
			`Name: "server1",`
			`Cmdline: "proc1 start",`
			`Proc: "proc1",`
			`},`
			`"dst": &common.Endpoint{`
			`IP: "192.145.2.5",`
			`Port: 32232,`
			`Name: "server2",`
			`Cmdline: "proc2 start",`
			`Proc: "proc2",`
			`},`
			`},`
			`}`

			`if res, _ := processor.Run(&event); res == nil {`
			`t.Fatalf("event has been filtered out")`
			`}`
			`assert.True(t, event.Fields["client_ip"] == "192.145.2.4")`
			`_, ok := event.Fields["direction"]`
			`assert.False(t, ok)`
			`}`