report.html

configuration = {'metadata': {'description': 'Red Hat Enterprise Linux provider', 'download_timeout': 150, 'name': 'RHEL5', 'provider_...led': {'value': 'yes'}}], 'section': 'wodle'}, {'elements': [{'disabled': {'value': 'yes'}}], 'section': 'auth'}, ...]}
metadata = {'description': 'Red Hat Enterprise Linux provider', 'download_timeout': 150, 'name': 'RHEL5', 'provider_json_name': 'JSON Red Hat Enterprise Linux', ...}
set_wazuh_configuration_vdt = None, truncate_monitored_files = None
clean_cve_tables_func = None, restart_modulesd_function = None

@pytest.mark.tier(level=2)
@pytest.mark.parametrize('configuration, metadata', zip(configurations, configuration_metadata), ids=case_ids)
def test_download_feeds(configuration, metadata, set_wazuh_configuration_vdt, truncate_monitored_files,
clean_cve_tables_func, restart_modulesd_function):
'''
description: Check if modulesd downloads successfully the feeds from different providers and os, and check that
the feed update date does not exceed a set limit.

test_phases:
- Set a custom Wazuh configuration.
- Restart wazuh-modulesd.
- Check in log that the database provider has been updated successfully.
- Check that the timestamp of the feed metadata does not exceed the established threshold limit.

wazuh_min_version: 4.4.0

tier: 2

parameters:
- configuration:
type: dict
brief: Wazuh configuration data. Needed for set_wazuh_configuration fixture.
- metadata:
type: dict
brief: Wazuh configuration metadata
- set_wazuh_configuration_vdt:
type: fixture
brief: Set the wazuh configuration according to the configuration data.
- truncate_monitored_files:
type: fixture
brief: Truncate all the log files and json alerts files before and after the test execution.
- clean_cve_tables_func:
type: fixture
brief: Clean all the CVE tables before and after running the test.
- restart_modulesd_function:
type: fixture
brief: Restart the wazuh-modulesd daemon.

assertions:
- Check that it starts the feed download.
- Check that the feed is downloaded successfully.
- Check that the feed update date does not exceed a set limit.

input_description:
- The `configuration_download_feeds.yaml` file provides the module configuration for this test.
- The `cases_download_feeds` file provides the test cases.

expected_output:
- r'Starting .* database update'
- r'The update of the .* feed finished successfully'
'''
if metadata['provider_os'] == 'BIONIC':
pytest.xfail(reason='Ubuntu Bionic feed parsing error - Wazuh/Wazuh Issue #13556')

# Check that the feed update has started
evm.check_provider_database_update_start_log(metadata['provider_name'])
# Check that the feed has been updated successfully
evm.check_provider_database_update_finish_log(provider_name=metadata['provider_name'],
timeout=metadata['download_timeout'])

if 'provider_json_name' in metadata:
evm.check_provider_database_update_start_log(metadata['provider_json_name'])
evm.check_provider_database_update_finish_log(provider_name=metadata['provider_json_name'],
timeout=metadata['download_timeout'])

# Check that the timestamp of the feed metadata does not exceed the established threshold limit.
if metadata['update_treshold_weeks'] != 'None':
try:
> assert vd.feed_is_recently_updated(provider_name=metadata['provider_name'],
provider_os=metadata['provider_os'],
threshold_weeks=metadata['update_treshold_weeks']), '' \
f"The {metadata['provider_os']} feed has not been recently updated"
E AssertionError: The RHEL5 feed has not been recently updated
E assert False
E + where False = <function feed_is_recently_updated at 0x7f63d1db3400>(provider_name='Red Hat Enterprise Linux 5', provider_os='RHEL5', threshold_weeks=2)
E + where <function feed_is_recently_updated at 0x7f63d1db3400> = vd.feed_is_recently_updated

test_vulnerability_detector/test_feeds/test_download_feeds.py:150: AssertionError

During handling of the above exception, another exception occurred:

configuration = {'metadata': {'description': 'Red Hat Enterprise Linux provider', 'download_timeout': 150, 'name': 'RHEL5', 'provider_...led': {'value': 'yes'}}], 'section': 'wodle'}, {'elements': [{'disabled': {'value': 'yes'}}], 'section': 'auth'}, ...]}
metadata = {'description': 'Red Hat Enterprise Linux provider', 'download_timeout': 150, 'name': 'RHEL5', 'provider_json_name': 'JSON Red Hat Enterprise Linux', ...}
set_wazuh_configuration_vdt = None, truncate_monitored_files = None
clean_cve_tables_func = None, restart_modulesd_function = None

@pytest.mark.tier(level=2)
@pytest.mark.parametrize('configuration, metadata', zip(configurations, configuration_metadata), ids=case_ids)
def test_download_feeds(configuration, metadata, set_wazuh_configuration_vdt, truncate_monitored_files,
clean_cve_tables_func, restart_modulesd_function):
'''
description: Check if modulesd downloads successfully the feeds from different providers and os, and check that
the feed update date does not exceed a set limit.

test_phases:
- Set a custom Wazuh configuration.
- Restart wazuh-modulesd.
- Check in log that the database provider has been updated successfully.
- Check that the timestamp of the feed metadata does not exceed the established threshold limit.

wazuh_min_version: 4.4.0

tier: 2

parameters:
- configuration:
type: dict
brief: Wazuh configuration data. Needed for set_wazuh_configuration fixture.
- metadata:
type: dict
brief: Wazuh configuration metadata
- set_wazuh_configuration_vdt:
type: fixture
brief: Set the wazuh configuration according to the configuration data.
- truncate_monitored_files:
type: fixture
brief: Truncate all the log files and json alerts files before and after the test execution.
- clean_cve_tables_func:
type: fixture
brief: Clean all the CVE tables before and after running the test.
- restart_modulesd_function:
type: fixture
brief: Restart the wazuh-modulesd daemon.

assertions:
- Check that it starts the feed download.
- Check that the feed is downloaded successfully.
- Check that the feed update date does not exceed a set limit.

input_description:
- The `configuration_download_feeds.yaml` file provides the module configuration for this test.
- The `cases_download_feeds` file provides the test cases.

expected_output:
- r'Starting .* database update'
- r'The update of the .* feed finished successfully'
'''
if metadata['provider_os'] == 'BIONIC':
pytest.xfail(reason='Ubuntu Bionic feed parsing error - Wazuh/Wazuh Issue #13556')

# Check that the feed update has started
evm.check_provider_database_update_start_log(metadata['provider_name'])
# Check that the feed has been updated successfully
evm.check_provider_database_update_finish_log(provider_name=metadata['provider_name'],
timeout=metadata['download_timeout'])

if 'provider_json_name' in metadata:
evm.check_provider_database_update_start_log(metadata['provider_json_name'])
evm.check_provider_database_update_finish_log(provider_name=metadata['provider_json_name'],
timeout=metadata['download_timeout'])

# Check that the timestamp of the feed metadata does not exceed the established threshold limit.
if metadata['update_treshold_weeks'] != 'None':
try:
assert vd.feed_is_recently_updated(provider_name=metadata['provider_name'],
provider_os=metadata['provider_os'],
threshold_weeks=metadata['update_treshold_weeks']), '' \
f"The {metadata['provider_os']} feed has not been recently updated"
except AssertionError:
> pytest.xfail(reason="The vendor didn't update its feed, so the test fails. But this is not a Wazuh defect.")
E _pytest.outcomes.XFailed: The vendor didn't update its feed, so the test fails. But this is not a Wazuh defect.

test_vulnerability_detector/test_feeds/test_download_feeds.py:155: XFailed
-----------------------------Captured stderr setup------------------------------
2023/07/28 12:14:18 wazuh-modulesd[27009] debug_op.c:70 at _log(): DEBUG: Logging module auto-initialized 2023/07/28 12:14:18 wazuh-modulesd[27009] main.c:77 at main(): DEBUG: Wazuh home directory: /var/ossec 2023/07/28 12:14:18 wazuh-modulesd[27009] wmodules-vuln-detector.c:655 at wm_vuldet_read_provider(): DEBUG: Added redhat (5) feed. Interval: 3600s | Path: 'none' | Url: 'none' | Timeout: 300s

configuration = {'metadata': {'description': 'Canonical provider', 'download_timeout': 120, 'name': 'BIONIC', 'provider_name': 'Ubuntu...led': {'value': 'yes'}}], 'section': 'wodle'}, {'elements': [{'disabled': {'value': 'yes'}}], 'section': 'auth'}, ...]}
metadata = {'description': 'Canonical provider', 'download_timeout': 120, 'name': 'BIONIC', 'provider_name': 'Ubuntu Bionic', ...}
set_wazuh_configuration_vdt = None, truncate_monitored_files = None
clean_cve_tables_func = None, restart_modulesd_function = None

@pytest.mark.tier(level=2)
@pytest.mark.parametrize('configuration, metadata', zip(configurations, configuration_metadata), ids=case_ids)
def test_download_feeds(configuration, metadata, set_wazuh_configuration_vdt, truncate_monitored_files,
clean_cve_tables_func, restart_modulesd_function):
'''
description: Check if modulesd downloads successfully the feeds from different providers and os, and check that
the feed update date does not exceed a set limit.

test_phases:
- Set a custom Wazuh configuration.
- Restart wazuh-modulesd.
- Check in log that the database provider has been updated successfully.
- Check that the timestamp of the feed metadata does not exceed the established threshold limit.

wazuh_min_version: 4.4.0

tier: 2

parameters:
- configuration:
type: dict
brief: Wazuh configuration data. Needed for set_wazuh_configuration fixture.
- metadata:
type: dict
brief: Wazuh configuration metadata
- set_wazuh_configuration_vdt:
type: fixture
brief: Set the wazuh configuration according to the configuration data.
- truncate_monitored_files:
type: fixture
brief: Truncate all the log files and json alerts files before and after the test execution.
- clean_cve_tables_func:
type: fixture
brief: Clean all the CVE tables before and after running the test.
- restart_modulesd_function:
type: fixture
brief: Restart the wazuh-modulesd daemon.

assertions:
- Check that it starts the feed download.
- Check that the feed is downloaded successfully.
- Check that the feed update date does not exceed a set limit.

input_description:
- The `configuration_download_feeds.yaml` file provides the module configuration for this test.
- The `cases_download_feeds` file provides the test cases.

expected_output:
- r'Starting .* database update'
- r'The update of the .* feed finished successfully'
'''
if metadata['provider_os'] == 'BIONIC':
> pytest.xfail(reason='Ubuntu Bionic feed parsing error - Wazuh/Wazuh Issue #13556')
E _pytest.outcomes.XFailed: Ubuntu Bionic feed parsing error - Wazuh/Wazuh Issue #13556

test_vulnerability_detector/test_feeds/test_download_feeds.py:134: XFailed
-----------------------------Captured stderr setup------------------------------
2023/07/28 12:16:50 wazuh-modulesd[27745] debug_op.c:70 at _log(): DEBUG: Logging module auto-initialized 2023/07/28 12:16:50 wazuh-modulesd[27745] main.c:77 at main(): DEBUG: Wazuh home directory: /var/ossec 2023/07/28 12:16:50 wazuh-modulesd[27745] wmodules-vuln-detector.c:655 at wm_vuldet_read_provider(): DEBUG: Added canonical (bionic) feed. Interval: 3600s | Path: 'none' | Url: 'none' | Timeout: 300s