From b851bb9abfc24eb2565d7f3142ff821dd49c01df Mon Sep 17 00:00:00 2001 From: harshilgajera-crest <69803385+harshilgajera-crest@users.noreply.github.com> Date: Thu, 16 May 2024 15:06:40 +0530 Subject: [PATCH 01/29] feat: updating network resolution data model (#840) Added all the values for record_type field as per [IANA website](https://www.iana.org/assignments/dns-parameters/dns-parameters.xhtml) for network resolution data model. --- .../data_models/Network_Resolution.json | 96 ++++++++++++++++++- 1 file changed, 92 insertions(+), 4 deletions(-) diff --git a/pytest_splunk_addon/standard_lib/data_models/Network_Resolution.json b/pytest_splunk_addon/standard_lib/data_models/Network_Resolution.json index 02107994..bd476e74 100644 --- a/pytest_splunk_addon/standard_lib/data_models/Network_Resolution.json +++ b/pytest_splunk_addon/standard_lib/data_models/Network_Resolution.json @@ -83,12 +83,100 @@ "type": "required", "expected_values": [ "A", - "DNAME", - "MX", "NS", - "PTR" + "MD", + "MF", + "CNAME", + "SOA", + "MB", + "MG", + "MR", + "NULL", + "WKS", + "PTR", + "HINFO", + "MINFO", + "MX", + "TXT", + "RP", + "AFSDB", + "X25", + "ISDN", + "RT", + "NSAP", + "NSAP-PTR", + "SIG", + "KEY", + "PX", + "GPOS", + "AAAA", + "LOC", + "NXT", + "EID", + "NIMLOC", + "SRV", + "ATMA", + "NAPTR", + "KX", + "CERT", + "A6", + "DNAME", + "SINK", + "OPT", + "APL", + "DS", + "SSHFP", + "IPSECKEY", + "RRSIG", + "NSEC", + "DNSKEY", + "DHCID", + "NSEC3", + "NSEC3PARAM", + "TLSA", + "SMIMEA", + "Unassigned", + "HIP", + "NINFO", + "RKEY", + "TALINK", + "CDS", + "CDNSKEY", + "OPENPGPKEY", + "CSYNC", + "ZONEMD", + "SVCB", + "HTTPS", + "SPF", + "UINFO", + "UID", + "GID", + "UNSPEC", + "NID", + "L32", + "L64", + "LP", + "EUI48", + "EUI64", + "TKEY", + "TSIG", + "IXFR", + "AXFR", + "MAILB", + "MAILA", + "*", + "URI", + "CAA", + "AVC", + "DOA", + "AMTRELAY", + "RESINFO", + "TA", + "DLV", + "Private use", + "Reserved" ], - "comment": "The DNS resource record type. For details, see the List of DNS record types on Wikipedia." + "comment": "The DNS resource record type. For details, see the List of DNS record types on Internet Assigned Numbers Authority (IANA) web site." }, { "name": "reply_code", From 74f7de5f0511dd221a7b5d0b0e4e20513175e562 Mon Sep 17 00:00:00 2001 From: srv-rr-github-token <94607705+srv-rr-github-token@users.noreply.github.com> Date: Thu, 16 May 2024 10:02:56 +0000 Subject: [PATCH 02/29] chore(release): 5.3.0-beta.1 # [5.3.0-beta.1](https://github.com/splunk/pytest-splunk-addon/compare/v5.2.6...v5.3.0-beta.1) (2024-05-16) ### Features * updating network resolution data model ([#840](https://github.com/splunk/pytest-splunk-addon/issues/840)) ([b851bb9](https://github.com/splunk/pytest-splunk-addon/commit/b851bb9abfc24eb2565d7f3142ff821dd49c01df)) --- NOTICE | 6 +++--- pyproject.toml | 2 +- pytest_splunk_addon/__init__.py | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/NOTICE b/NOTICE index e8d5732b..4b57c8dd 100644 --- a/NOTICE +++ b/NOTICE @@ -7,9 +7,9 @@ The following 3rd-party software packages may be used by or distributed with pytest-splunk-addon. Any information relevant to third-party vendors listed below are collected using common, reasonable means. -Date generated: 2024-5-15 +Date generated: 2024-5-16 -Revision ID: 4fdc90dbc9bc917bc71a4a466681b24c31cd7de1 +Revision ID: b851bb9abfc24eb2565d7f3142ff821dd49c01df ================================================================================ ================================================================================ @@ -5661,4 +5661,4 @@ No license text available -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -Report Generated by FOSSA on 2024-5-15 +Report Generated by FOSSA on 2024-5-16 diff --git a/pyproject.toml b/pyproject.toml index b13ac570..162bbef9 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -16,7 +16,7 @@ [tool.poetry] name = "pytest-splunk-addon" -version = "5.2.6" +version = "5.3.0-beta.1" description = "A Dynamic test tool for Splunk Apps and Add-ons" authors = ["Splunk "] license = "APACHE-2.0" diff --git a/pytest_splunk_addon/__init__.py b/pytest_splunk_addon/__init__.py index 48d5b861..5be4c553 100644 --- a/pytest_splunk_addon/__init__.py +++ b/pytest_splunk_addon/__init__.py @@ -18,4 +18,4 @@ __author__ = """Splunk Inc.""" __email__ = "addonfactory@splunk.com" -__version__ = "5.2.6" +__version__ = "5.3.0-beta.1" From 38597255fc669a35e79265e4f6dc6bc738199844 Mon Sep 17 00:00:00 2001 From: harshilgajera-crest <69803385+harshilgajera-crest@users.noreply.github.com> Date: Mon, 27 May 2024 13:15:16 +0530 Subject: [PATCH 03/29] feat: updating network resolution model (#844) Updated 2 fields in Network Resolution model. - Added expected values for reply_code_id which has corresponding reply_code. - Added expected values for reply_code. --- .../data_models/Network_Resolution.json | 44 ++++++++++--------- 1 file changed, 23 insertions(+), 21 deletions(-) diff --git a/pytest_splunk_addon/standard_lib/data_models/Network_Resolution.json b/pytest_splunk_addon/standard_lib/data_models/Network_Resolution.json index bd476e74..bc3d3419 100644 --- a/pytest_splunk_addon/standard_lib/data_models/Network_Resolution.json +++ b/pytest_splunk_addon/standard_lib/data_models/Network_Resolution.json @@ -190,15 +190,19 @@ "Refused", "YXDomain", "YXRRSet", + "NXRRSet", "NotAuth", "NotZone", + "DSOTYPENI", "BADVERS", "BADSIG", "BADKEY", "BADTIME", "BADMODE", "BADNAME", - "BADALG" + "BADALG", + "BADTRUNC", + "BADCOOKIE" ], "comment": "The return code for the response. For details, see the Domain Name System Parameters on the Internet Assigned Numbers Authority (IANA) web site." }, @@ -206,29 +210,27 @@ "name": "reply_code_id", "type": "required", "expected_values": [ - "No Error", - "Format Error", - "Server Failure", - "Non-Existent Domain", - "NotImp", - "Refused", - "YXDomain", - "YXRRSet", - "NotAuth", - "NotZone", - "BADVERS", - "BADSIG", - "BADKEY", - "BADTIME", - "BADMODE", - "BADNAME", - "BADALG", - "0", "1", "2", - "3" + "3", + "4", + "5", + "6", + "7", + "8", + "9", + "10", + "11", + "16", + "17", + "18", + "19", + "20", + "21", + "22", + "23" ], - "comment": "The numerical id or name of a return code. For details, see the Domain Name System Parameters on the Internet Assigned Numbers Authority (IANA) web site." + "comment": "The numerical id of a return code. For details, see the Domain Name System Parameters on the Internet Assigned Numbers Authority (IANA) web site." }, { "name": "response_time", From dd9c6b841ca72a014e963cc1377fae886cfa1743 Mon Sep 17 00:00:00 2001 From: srv-rr-github-token <94607705+srv-rr-github-token@users.noreply.github.com> Date: Mon, 27 May 2024 08:11:05 +0000 Subject: [PATCH 04/29] chore(release): 5.3.0-beta.2 # [5.3.0-beta.2](https://github.com/splunk/pytest-splunk-addon/compare/v5.3.0-beta.1...v5.3.0-beta.2) (2024-05-27) ### Features * updating network resolution model ([#844](https://github.com/splunk/pytest-splunk-addon/issues/844)) ([3859725](https://github.com/splunk/pytest-splunk-addon/commit/38597255fc669a35e79265e4f6dc6bc738199844)) --- NOTICE | 6 +++--- pyproject.toml | 2 +- pytest_splunk_addon/__init__.py | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/NOTICE b/NOTICE index 4b57c8dd..519f3e04 100644 --- a/NOTICE +++ b/NOTICE @@ -7,9 +7,9 @@ The following 3rd-party software packages may be used by or distributed with pytest-splunk-addon. Any information relevant to third-party vendors listed below are collected using common, reasonable means. -Date generated: 2024-5-16 +Date generated: 2024-5-27 -Revision ID: b851bb9abfc24eb2565d7f3142ff821dd49c01df +Revision ID: 38597255fc669a35e79265e4f6dc6bc738199844 ================================================================================ ================================================================================ @@ -5661,4 +5661,4 @@ No license text available -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -Report Generated by FOSSA on 2024-5-16 +Report Generated by FOSSA on 2024-5-27 diff --git a/pyproject.toml b/pyproject.toml index 162bbef9..c78c42db 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -16,7 +16,7 @@ [tool.poetry] name = "pytest-splunk-addon" -version = "5.3.0-beta.1" +version = "5.3.0-beta.2" description = "A Dynamic test tool for Splunk Apps and Add-ons" authors = ["Splunk "] license = "APACHE-2.0" diff --git a/pytest_splunk_addon/__init__.py b/pytest_splunk_addon/__init__.py index 5be4c553..ede67f73 100644 --- a/pytest_splunk_addon/__init__.py +++ b/pytest_splunk_addon/__init__.py @@ -18,4 +18,4 @@ __author__ = """Splunk Inc.""" __email__ = "addonfactory@splunk.com" -__version__ = "5.3.0-beta.1" +__version__ = "5.3.0-beta.2" From a143c4935d41521bc4016c90310620777f3b5f09 Mon Sep 17 00:00:00 2001 From: harshilgajera-crest <69803385+harshilgajera-crest@users.noreply.github.com> Date: Wed, 29 May 2024 14:05:58 +0530 Subject: [PATCH 05/29] fix: updating src and dest fields (#846) --- .../standard_lib/data_models/Intrusion_Detection.json | 2 -- .../standard_lib/data_models/Network_Resolution.json | 2 -- .../standard_lib/data_models/Network_Traffic.json | 2 -- 3 files changed, 6 deletions(-) diff --git a/pytest_splunk_addon/standard_lib/data_models/Intrusion_Detection.json b/pytest_splunk_addon/standard_lib/data_models/Intrusion_Detection.json index a0d12101..9bf6d339 100644 --- a/pytest_splunk_addon/standard_lib/data_models/Intrusion_Detection.json +++ b/pytest_splunk_addon/standard_lib/data_models/Intrusion_Detection.json @@ -23,7 +23,6 @@ "name": "dest", "type": "conditional", "condition": "ids_type=\"network\"", - "validity": "case(in(upper(transport), \"HOPOPT\", \"ICMP\", \"IGMP\", \"GGP\", \"IP-IN-IP\", \"ST\", \"TCP\", \"CBT\", \"EGP\", \"IGP\", \"BBN-RCC-MON\", \"NVP-II\", \"PUP\", \"ARGUS\", \"EMCON\", \"XNET\", \"CHAOS\", \"UDP\", \"MUX\", \"DCN-MEAS\", \"HMP\", \"PRM\", \"XNS-ID\", \"TRUNK-1\", \"TRUNK-2\", \"LEAF-1\", \"LEAF-2\", \"RDP\", \"IRTP\", \"ISO-TP4\", \"NETBLT\", \"MFE-NSP\", \"MERIT-INP\", \"DCCP\", \"3CP\", \"IDPR\", \"XTP\", \"DDP\", \"IDPR-CMTP\", \"TP++\", \"IL\", \"IPV6\", \"SDRP\", \"IPV6-ROUTE\", \"IPV6-FRAG\", \"IDRP\", \"RSVP\", \"GRES\", \"DSR\", \"BNA\", \"ESP\", \"AH\", \"I-NLSP\", \"SWIPE\", \"NARP\", \"MOBILE\", \"TLSP\", \"SKIP\", \"IPV6-ICMP\", \"IPC6-NONXT\", \"IPV6-OPTS\", \"CFTP\", \"SAT-EXPAK\", \"KRYPTOLAN\", \"RVD\", \"IPPC\", \"SAT-MON\", \"VISA\", \"IPCU\", \"CPNX\", \"CPHB\", \"WSN\", \"PVP\", \"BR-SAT-MON\", \"SUN-ND\", \"WB-MON\", \"WB-EXPAK\", \"ISO-IP\", \"VMTP\", \"SECURE-VMTP\", \"VINES\", \"TTP\", \"IPTM\", \"NSFNET-IGP\", \"DGP\", \"TCF\", \"EIGRP\", \"OSPF\", \"SPRITE-RPC\", \"LARP\", \"MTP\", \"AX.25\", \"OS\", \"MICP\", \"SCC-SP\", \"ETHERIP\", \"ENCAP\", \"GMTP\", \"IFMP\", \"PNNI\", \"PIM\", \"ARIS\", \"SCPS\", \"QNX\", \"A/N\", \"IPCOMP\", \"SNP\", \"COMPAQ-PEER\", \"IPX-IN-IP\", \"VRRP\", \"PGM\", \"L2TP\", \"DDX\", \"IATP\", \"STP\", \"SRP\", \"UTI\", \"SMP\", \"SM\", \"PTP\", \"IS-IS OVER IPV4\", \"FIRE\", \"CRTP\", \"CRUDP\", \"SSCOPMCE\", \"IPLT\", \"SPS\", \"PIPE\", \"SCTP\", \"FC\", \"RSVP-E2E-IGNORE\", \"MOBILITY HEADER\", \"UDPLITE\", \"MPLS-IN-IP\", \"MANET\", \"HIP\", \"SHIM6\", \"WESP\", \"ROHC\", \"ETHERNET\"), if(match(dest,\"(?:(?:::ffff:)|(?:[0-9a-fA-F]{1,4}:){6}ffff:)\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}|(?>([a-f0-9]{1,4})(?>:(?1)){7}|(?!(?:.[a-f0-9](?>:|$)){8,})^((?1)(?>:(?1)){0,6})?::(?2)?(?!(?:.*[a-f0-9](?>:|$))))|(?>(?>(?1)(?>:(?1)){5}:|(?!(?:.*[a-f0-9]:){6,})(?3)?::(?>((?1)(?>:(?1)){0,4}):)?)?(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])(?>\\.(?4)){3})\"), dest, null()), match(dest,\"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\"), dest, true(), null())", "comment": "The destination of the attack detected by the intrusion detection system (IDS). You can alias this from more specific fields not included in this data model, such as dest_host, dest_ip, or dest_name." }, { @@ -76,7 +75,6 @@ "name": "src", "type": "conditional", "condition": "ids_type=\"network\"", - "validity": "case(in(upper(transport), \"HOPOPT\", \"ICMP\", \"IGMP\", \"GGP\", \"IP-IN-IP\", \"ST\", \"TCP\", \"CBT\", \"EGP\", \"IGP\", \"BBN-RCC-MON\", \"NVP-II\", \"PUP\", \"ARGUS\", \"EMCON\", \"XNET\", \"CHAOS\", \"UDP\", \"MUX\", \"DCN-MEAS\", \"HMP\", \"PRM\", \"XNS-ID\", \"TRUNK-1\", \"TRUNK-2\", \"LEAF-1\", \"LEAF-2\", \"RDP\", \"IRTP\", \"ISO-TP4\", \"NETBLT\", \"MFE-NSP\", \"MERIT-INP\", \"DCCP\", \"3CP\", \"IDPR\", \"XTP\", \"DDP\", \"IDPR-CMTP\", \"TP++\", \"IL\", \"IPV6\", \"SDRP\", \"IPV6-ROUTE\", \"IPV6-FRAG\", \"IDRP\", \"RSVP\", \"GRES\", \"DSR\", \"BNA\", \"ESP\", \"AH\", \"I-NLSP\", \"SWIPE\", \"NARP\", \"MOBILE\", \"TLSP\", \"SKIP\", \"IPV6-ICMP\", \"IPC6-NONXT\", \"IPV6-OPTS\", \"CFTP\", \"SAT-EXPAK\", \"KRYPTOLAN\", \"RVD\", \"IPPC\", \"SAT-MON\", \"VISA\", \"IPCU\", \"CPNX\", \"CPHB\", \"WSN\", \"PVP\", \"BR-SAT-MON\", \"SUN-ND\", \"WB-MON\", \"WB-EXPAK\", \"ISO-IP\", \"VMTP\", \"SECURE-VMTP\", \"VINES\", \"TTP\", \"IPTM\", \"NSFNET-IGP\", \"DGP\", \"TCF\", \"EIGRP\", \"OSPF\", \"SPRITE-RPC\", \"LARP\", \"MTP\", \"AX.25\", \"OS\", \"MICP\", \"SCC-SP\", \"ETHERIP\", \"ENCAP\", \"GMTP\", \"IFMP\", \"PNNI\", \"PIM\", \"ARIS\", \"SCPS\", \"QNX\", \"A/N\", \"IPCOMP\", \"SNP\", \"COMPAQ-PEER\", \"IPX-IN-IP\", \"VRRP\", \"PGM\", \"L2TP\", \"DDX\", \"IATP\", \"STP\", \"SRP\", \"UTI\", \"SMP\", \"SM\", \"PTP\", \"IS-IS OVER IPV4\", \"FIRE\", \"CRTP\", \"CRUDP\", \"SSCOPMCE\", \"IPLT\", \"SPS\", \"PIPE\", \"SCTP\", \"FC\", \"RSVP-E2E-IGNORE\", \"MOBILITY HEADER\", \"UDPLITE\", \"MPLS-IN-IP\", \"MANET\", \"HIP\", \"SHIM6\", \"WESP\", \"ROHC\", \"ETHERNET\"), if(match(src,\"(?:(?:::ffff:)|(?:[0-9a-fA-F]{1,4}:){6}ffff:)\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}|(?>([a-f0-9]{1,4})(?>:(?1)){7}|(?!(?:.[a-f0-9](?>:|$)){8,})^((?1)(?>:(?1)){0,6})?::(?2)?(?!(?:.*[a-f0-9](?>:|$))))|(?>(?>(?1)(?>:(?1)){5}:|(?!(?:.*[a-f0-9]:){6,})(?3)?::(?>((?1)(?>:(?1)){0,4}):)?)?(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])(?>\\.(?4)){3})\"), src, null()), match(src,\"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\"), src, true(), null())", "comment": "The source involved in the attack detected by the IDS. You can alias this from more specific fields not included in this data model, such as src_host, src_ip, or src_name." }, { diff --git a/pytest_splunk_addon/standard_lib/data_models/Network_Resolution.json b/pytest_splunk_addon/standard_lib/data_models/Network_Resolution.json index bc3d3419..34851935 100644 --- a/pytest_splunk_addon/standard_lib/data_models/Network_Resolution.json +++ b/pytest_splunk_addon/standard_lib/data_models/Network_Resolution.json @@ -38,7 +38,6 @@ { "name": "dest", "type": "required", - "validity": "case(in(upper(transport), \"TCP\", \"UDP\"), if(match(dest,\"(?:(?:::ffff:)|(?:[0-9a-fA-F]{1,4}:){6}ffff:)\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}|(?>([a-f0-9]{1,4})(?>:(?1)){7}|(?!(?:.[a-f0-9](?>:|$)){8,})^((?1)(?>:(?1)){0,6})?::(?2)?(?!(?:.*[a-f0-9](?>:|$))))|(?>(?>(?1)(?>:(?1)){5}:|(?!(?:.*[a-f0-9]:){6,})(?3)?::(?>((?1)(?>:(?1)){0,4}):)?)?(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])(?>\\.(?4)){3})\"), dest, null()), match(dest,\"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\"), dest, true(), null())", "comment": "The destination of the network resolution event. You can alias this from more specific fields, such as dest_host, dest_ip, or dest_name." }, { @@ -241,7 +240,6 @@ { "name": "src", "type": "required", - "validity": "case(in(upper(transport), \"TCP\", \"UDP\"), if(match(src,\"(?:(?:::ffff:)|(?:[0-9a-fA-F]{1,4}:){6}ffff:)\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}|(?>([a-f0-9]{1,4})(?>:(?1)){7}|(?!(?:.[a-f0-9](?>:|$)){8,})^((?1)(?>:(?1)){0,6})?::(?2)?(?!(?:.*[a-f0-9](?>:|$))))|(?>(?>(?1)(?>:(?1)){5}:|(?!(?:.*[a-f0-9]:){6,})(?3)?::(?>((?1)(?>:(?1)){0,4}):)?)?(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])(?>\\.(?4)){3})\"), src, null()), match(src,\"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\"), src, true(), null())", "comment": "The source of the network resolution event. You can alias this from more specific fields, such as src_host, src_ip, or src_name." }, { diff --git a/pytest_splunk_addon/standard_lib/data_models/Network_Traffic.json b/pytest_splunk_addon/standard_lib/data_models/Network_Traffic.json index 16b62ce3..be23dd3b 100644 --- a/pytest_splunk_addon/standard_lib/data_models/Network_Traffic.json +++ b/pytest_splunk_addon/standard_lib/data_models/Network_Traffic.json @@ -53,7 +53,6 @@ { "name": "dest", "type": "required", - "validity": "case(in(upper(transport), \"HOPOPT\", \"ICMP\", \"IGMP\", \"GGP\", \"IP-IN-IP\", \"ST\", \"TCP\", \"CBT\", \"EGP\", \"IGP\", \"BBN-RCC-MON\", \"NVP-II\", \"PUP\", \"ARGUS\", \"EMCON\", \"XNET\", \"CHAOS\", \"UDP\", \"MUX\", \"DCN-MEAS\", \"HMP\", \"PRM\", \"XNS-ID\", \"TRUNK-1\", \"TRUNK-2\", \"LEAF-1\", \"LEAF-2\", \"RDP\", \"IRTP\", \"ISO-TP4\", \"NETBLT\", \"MFE-NSP\", \"MERIT-INP\", \"DCCP\", \"3CP\", \"IDPR\", \"XTP\", \"DDP\", \"IDPR-CMTP\", \"TP++\", \"IL\", \"IPV6\", \"SDRP\", \"IPV6-ROUTE\", \"IPV6-FRAG\", \"IDRP\", \"RSVP\", \"GRES\", \"DSR\", \"BNA\", \"ESP\", \"AH\", \"I-NLSP\", \"SWIPE\", \"NARP\", \"MOBILE\", \"TLSP\", \"SKIP\", \"IPV6-ICMP\", \"IPC6-NONXT\", \"IPV6-OPTS\", \"CFTP\", \"SAT-EXPAK\", \"KRYPTOLAN\", \"RVD\", \"IPPC\", \"SAT-MON\", \"VISA\", \"IPCU\", \"CPNX\", \"CPHB\", \"WSN\", \"PVP\", \"BR-SAT-MON\", \"SUN-ND\", \"WB-MON\", \"WB-EXPAK\", \"ISO-IP\", \"VMTP\", \"SECURE-VMTP\", \"VINES\", \"TTP\", \"IPTM\", \"NSFNET-IGP\", \"DGP\", \"TCF\", \"EIGRP\", \"OSPF\", \"SPRITE-RPC\", \"LARP\", \"MTP\", \"AX.25\", \"OS\", \"MICP\", \"SCC-SP\", \"ETHERIP\", \"ENCAP\", \"GMTP\", \"IFMP\", \"PNNI\", \"PIM\", \"ARIS\", \"SCPS\", \"QNX\", \"A/N\", \"IPCOMP\", \"SNP\", \"COMPAQ-PEER\", \"IPX-IN-IP\", \"VRRP\", \"PGM\", \"L2TP\", \"DDX\", \"IATP\", \"STP\", \"SRP\", \"UTI\", \"SMP\", \"SM\", \"PTP\", \"IS-IS OVER IPV4\", \"FIRE\", \"CRTP\", \"CRUDP\", \"SSCOPMCE\", \"IPLT\", \"SPS\", \"PIPE\", \"SCTP\", \"FC\", \"RSVP-E2E-IGNORE\", \"MOBILITY HEADER\", \"UDPLITE\", \"MPLS-IN-IP\", \"MANET\", \"HIP\", \"SHIM6\", \"WESP\", \"ROHC\", \"ETHERNET\"), if(match(dest,\"(?:(?:::ffff:)|(?:[0-9a-fA-F]{1,4}:){6}ffff:)\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}|(?>([a-f0-9]{1,4})(?>:(?1)){7}|(?!(?:.[a-f0-9](?>:|$)){8,})^((?1)(?>:(?1)){0,6})?::(?2)?(?!(?:.*[a-f0-9](?>:|$))))|(?>(?>(?1)(?>:(?1)){5}:|(?!(?:.*[a-f0-9]:){6,})(?3)?::(?>((?1)(?>:(?1)){0,4}):)?)?(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])(?>\\.(?4)){3})\"), dest, null()), match(dest,\"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\"), dest, true(), null())", "comment": "The destination of the network traffic (the remote host). You can alias this from more specific fields, such as dest_host, dest_ip, or dest_name." }, { @@ -198,7 +197,6 @@ { "name": "src", "type": "required", - "validity": "case(in(upper(transport), \"HOPOPT\", \"ICMP\", \"IGMP\", \"GGP\", \"IP-IN-IP\", \"ST\", \"TCP\", \"CBT\", \"EGP\", \"IGP\", \"BBN-RCC-MON\", \"NVP-II\", \"PUP\", \"ARGUS\", \"EMCON\", \"XNET\", \"CHAOS\", \"UDP\", \"MUX\", \"DCN-MEAS\", \"HMP\", \"PRM\", \"XNS-ID\", \"TRUNK-1\", \"TRUNK-2\", \"LEAF-1\", \"LEAF-2\", \"RDP\", \"IRTP\", \"ISO-TP4\", \"NETBLT\", \"MFE-NSP\", \"MERIT-INP\", \"DCCP\", \"3CP\", \"IDPR\", \"XTP\", \"DDP\", \"IDPR-CMTP\", \"TP++\", \"IL\", \"IPV6\", \"SDRP\", \"IPV6-ROUTE\", \"IPV6-FRAG\", \"IDRP\", \"RSVP\", \"GRES\", \"DSR\", \"BNA\", \"ESP\", \"AH\", \"I-NLSP\", \"SWIPE\", \"NARP\", \"MOBILE\", \"TLSP\", \"SKIP\", \"IPV6-ICMP\", \"IPC6-NONXT\", \"IPV6-OPTS\", \"CFTP\", \"SAT-EXPAK\", \"KRYPTOLAN\", \"RVD\", \"IPPC\", \"SAT-MON\", \"VISA\", \"IPCU\", \"CPNX\", \"CPHB\", \"WSN\", \"PVP\", \"BR-SAT-MON\", \"SUN-ND\", \"WB-MON\", \"WB-EXPAK\", \"ISO-IP\", \"VMTP\", \"SECURE-VMTP\", \"VINES\", \"TTP\", \"IPTM\", \"NSFNET-IGP\", \"DGP\", \"TCF\", \"EIGRP\", \"OSPF\", \"SPRITE-RPC\", \"LARP\", \"MTP\", \"AX.25\", \"OS\", \"MICP\", \"SCC-SP\", \"ETHERIP\", \"ENCAP\", \"GMTP\", \"IFMP\", \"PNNI\", \"PIM\", \"ARIS\", \"SCPS\", \"QNX\", \"A/N\", \"IPCOMP\", \"SNP\", \"COMPAQ-PEER\", \"IPX-IN-IP\", \"VRRP\", \"PGM\", \"L2TP\", \"DDX\", \"IATP\", \"STP\", \"SRP\", \"UTI\", \"SMP\", \"SM\", \"PTP\", \"IS-IS OVER IPV4\", \"FIRE\", \"CRTP\", \"CRUDP\", \"SSCOPMCE\", \"IPLT\", \"SPS\", \"PIPE\", \"SCTP\", \"FC\", \"RSVP-E2E-IGNORE\", \"MOBILITY HEADER\", \"UDPLITE\", \"MPLS-IN-IP\", \"MANET\", \"HIP\", \"SHIM6\", \"WESP\", \"ROHC\", \"ETHERNET\"), if(match(src,\"(?:(?:::ffff:)|(?:[0-9a-fA-F]{1,4}:){6}ffff:)\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}|(?>([a-f0-9]{1,4})(?>:(?1)){7}|(?!(?:.[a-f0-9](?>:|$)){8,})^((?1)(?>:(?1)){0,6})?::(?2)?(?!(?:.*[a-f0-9](?>:|$))))|(?>(?>(?1)(?>:(?1)){5}:|(?!(?:.*[a-f0-9]:){6,})(?3)?::(?>((?1)(?>:(?1)){0,4}):)?)?(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])(?>\\.(?4)){3})\"), src, null()), match(src,\"^([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})$\"), src, true(), null())", "comment": "The source of the network traffic (the client requesting the connection). You can alias this from more specific fields, such as src_host, src_ip, or src_name.'" }, { From 8d4fb445c7159fd9d9e9ec2783dc246e6bc260dd Mon Sep 17 00:00:00 2001 From: harshilgajera-crest <69803385+harshilgajera-crest@users.noreply.github.com> Date: Wed, 29 May 2024 15:54:45 +0530 Subject: [PATCH 06/29] fix: do not log .conf parser warnings from all workers (#845) When tests are ran with multiple workers, duplicate logging is observed because every workers logs the warning. This PR fixes that. --------- Co-authored-by: Artem Rys --- pytest_splunk_addon/splunk.py | 17 ++++-------- .../standard_lib/addon_parser/props_parser.py | 4 ++- .../sample_xdist_generator.py | 8 +++--- pytest_splunk_addon/standard_lib/utils.py | 26 +++++++++++++++++++ 4 files changed, 37 insertions(+), 18 deletions(-) create mode 100644 pytest_splunk_addon/standard_lib/utils.py diff --git a/pytest_splunk_addon/splunk.py b/pytest_splunk_addon/splunk.py index c92eaa08..271c998f 100644 --- a/pytest_splunk_addon/splunk.py +++ b/pytest_splunk_addon/splunk.py @@ -32,6 +32,8 @@ import configparser from filelock import FileLock +from pytest_splunk_addon.standard_lib import utils + RESPONSIVE_SPLUNK_TIMEOUT = 300 # seconds LOGGER = logging.getLogger("pytest-splunk-addon") @@ -732,10 +734,7 @@ def splunk_ingest_data(request, splunk_hec_uri, sc4s, uf, splunk_events_cleanup) if request.config.getoption("ingest_events").lower() in ["n", "no", "false", "f"]: return global PYTEST_XDIST_TESTRUNUID - if ( - "PYTEST_XDIST_WORKER" not in os.environ - or os.environ.get("PYTEST_XDIST_WORKER") == "gw0" - ): + if utils.check_first_worker(): addon_path = request.config.getoption("splunk_app") config_path = request.config.getoption("splunk_data_generator") ingest_meta_data = { @@ -783,10 +782,7 @@ def splunk_events_cleanup(request, splunk_search_util): """ if request.config.getoption("splunk_cleanup"): - if ( - "PYTEST_XDIST_WORKER" not in os.environ - or os.environ.get("PYTEST_XDIST_WORKER") == "gw0" - ): + if utils.check_first_worker(): LOGGER.info("Running the old events cleanup") splunk_search_util.deleteEventsFromIndex() else: @@ -801,10 +797,7 @@ def file_system_prerequisite(): """ UF_FILE_MONTOR_DIR = "uf_files" monitor_dir = os.path.join(os.getcwd(), UF_FILE_MONTOR_DIR) - if ( - "PYTEST_XDIST_WORKER" not in os.environ - or os.environ.get("PYTEST_XDIST_WORKER") == "gw0" - ): + if utils.check_first_worker(): if os.path.exists(monitor_dir): shutil.rmtree(monitor_dir, ignore_errors=True) os.mkdir(monitor_dir) diff --git a/pytest_splunk_addon/standard_lib/addon_parser/props_parser.py b/pytest_splunk_addon/standard_lib/addon_parser/props_parser.py index e2757eb5..c85302d3 100644 --- a/pytest_splunk_addon/standard_lib/addon_parser/props_parser.py +++ b/pytest_splunk_addon/standard_lib/addon_parser/props_parser.py @@ -28,6 +28,7 @@ from .fields import convert_to_fields from .transforms_parser import TransformsParser +from pytest_splunk_addon.standard_lib import utils LOGGER = logging.getLogger("pytest-splunk-addon") @@ -110,7 +111,8 @@ def _get_props_method(self, class_name: str): LOGGER.info(f"Matched method of type={each_type}") return method_mapping[each_type] else: - LOGGER.warning(f"No parser available for {class_name}. Skipping...") + if utils.check_first_worker(): + LOGGER.warning(f"No parser available for {class_name}. Skipping...") def _get_props_stanzas(self) -> Optional[Generator]: """ diff --git a/pytest_splunk_addon/standard_lib/sample_generation/sample_xdist_generator.py b/pytest_splunk_addon/standard_lib/sample_generation/sample_xdist_generator.py index 6a69642a..b17427b6 100644 --- a/pytest_splunk_addon/standard_lib/sample_generation/sample_xdist_generator.py +++ b/pytest_splunk_addon/standard_lib/sample_generation/sample_xdist_generator.py @@ -20,6 +20,8 @@ import json import pytest +from pytest_splunk_addon.standard_lib import utils + class SampleXdistGenerator: def __init__(self, addon_path, config_path=None, process_count=4): @@ -28,14 +30,10 @@ def __init__(self, addon_path, config_path=None, process_count=4): self.config_path = config_path def get_samples(self, store_events): - if self.tokenized_event_source == "pregenerated": with open(self.event_path, "rb") as file_obj: store_sample = pickle.load(file_obj) - if store_events and ( - "PYTEST_XDIST_WORKER" not in os.environ - or os.environ.get("PYTEST_XDIST_WORKER") == "gw0" - ): + if store_events and utils.check_first_worker(): try: tokenized_events = store_sample.get("tokenized_events") self.store_events(tokenized_events) diff --git a/pytest_splunk_addon/standard_lib/utils.py b/pytest_splunk_addon/standard_lib/utils.py new file mode 100644 index 00000000..360335eb --- /dev/null +++ b/pytest_splunk_addon/standard_lib/utils.py @@ -0,0 +1,26 @@ +# +# Copyright 2024 Splunk Inc. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +import os + + +def check_first_worker() -> bool: + """ + returns True if the current execution is under gw0 (first worker) + """ + return ( + "PYTEST_XDIST_WORKER" not in os.environ + or os.environ.get("PYTEST_XDIST_WORKER") == "gw0" + ) From c02e369bc0d1a99b5d86e7c132451983e46c45df Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 3 Jun 2024 15:32:41 +0200 Subject: [PATCH 07/29] chore(deps): lock file maintenance (#787) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Update | Change | |---|---| | lockFileMaintenance | All locks refreshed | 🔧 This Pull Request updates lock files to use the latest dependency versions. --- ### Configuration 📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/splunk/pytest-splunk-addon). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- poetry.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/poetry.lock b/poetry.lock index 8700bd52..3d019a55 100644 --- a/poetry.lock +++ b/poetry.lock @@ -35,13 +35,13 @@ tests-no-zope = ["attrs[tests-mypy]", "cloudpickle", "hypothesis", "pympler", "p [[package]] name = "certifi" -version = "2024.2.2" +version = "2024.6.2" description = "Python package for providing Mozilla's CA Bundle." optional = false python-versions = ">=3.6" files = [ - {file = "certifi-2024.2.2-py3-none-any.whl", hash = "sha256:dc383c07b76109f368f6106eee2b593b04a011ea4d55f652c6ca24a754d1cdd1"}, - {file = "certifi-2024.2.2.tar.gz", hash = "sha256:0569859f95fc761b18b45ef421b1290a0f65f147e92a1e5eb3e635f9a5e4e66f"}, + {file = "certifi-2024.6.2-py3-none-any.whl", hash = "sha256:ddc6c8ce995e6987e7faf5e3f1b02b302836a0e5d98ece18392cb1a36c72ad56"}, + {file = "certifi-2024.6.2.tar.gz", hash = "sha256:3cd43f1c6fa7dedc5899d69d3ad0398fd018ad1a17fba83ddaf78aa46c747516"}, ] [[package]] From bea216ef414fe16e02e239358f18752cce25cab5 Mon Sep 17 00:00:00 2001 From: srv-rr-github-token <94607705+srv-rr-github-token@users.noreply.github.com> Date: Mon, 3 Jun 2024 13:58:42 +0000 Subject: [PATCH 08/29] chore(release): 5.3.0-beta.3 # [5.3.0-beta.3](https://github.com/splunk/pytest-splunk-addon/compare/v5.3.0-beta.2...v5.3.0-beta.3) (2024-06-03) ### Bug Fixes * do not log .conf parser warnings from all workers ([#845](https://github.com/splunk/pytest-splunk-addon/issues/845)) ([8d4fb44](https://github.com/splunk/pytest-splunk-addon/commit/8d4fb445c7159fd9d9e9ec2783dc246e6bc260dd)) * updating src and dest fields ([#846](https://github.com/splunk/pytest-splunk-addon/issues/846)) ([a143c49](https://github.com/splunk/pytest-splunk-addon/commit/a143c4935d41521bc4016c90310620777f3b5f09)) --- NOTICE | 12 ++++++------ pyproject.toml | 2 +- pytest_splunk_addon/__init__.py | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/NOTICE b/NOTICE index 519f3e04..25b7e2fd 100644 --- a/NOTICE +++ b/NOTICE @@ -7,9 +7,9 @@ The following 3rd-party software packages may be used by or distributed with pytest-splunk-addon. Any information relevant to third-party vendors listed below are collected using common, reasonable means. -Date generated: 2024-5-27 +Date generated: 2024-6-3 -Revision ID: 38597255fc669a35e79265e4f6dc6bc738199844 +Revision ID: c02e369bc0d1a99b5d86e7c132451983e46c45df ================================================================================ ================================================================================ @@ -293,7 +293,7 @@ SOFTWARE. -------------------------------------------------------------------------------- -Package Title: certifi (2024.2.2) +Package Title: certifi (2024.6.2) -------------------------------------------------------------------------------- * Declared Licenses * @@ -960,7 +960,7 @@ THE SOFTWARE. * Other Licenses * -Python-2.0, GPL-2.0-only, public-domain, HPND, PIL +Python-2.0, GPL-2.0-only, HPND, public-domain, PIL * Python-2.0 * @@ -999,12 +999,12 @@ This program is free software; you can redistribute it and/or modify it under th This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. -* public-domain * * HPND * Permission to use, copy, modify and distribute this software and its documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appear in all copies that both copyright notice and this permission notice appear in supporting documentation not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission<> . +* public-domain * * PIL * By obtaining, using, and/or copying this software and/or its associated documentation, you agree that you have read, understood, and will comply with the following terms and conditions: @@ -5661,4 +5661,4 @@ No license text available -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -Report Generated by FOSSA on 2024-5-27 +Report Generated by FOSSA on 2024-6-3 diff --git a/pyproject.toml b/pyproject.toml index c78c42db..14328833 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -16,7 +16,7 @@ [tool.poetry] name = "pytest-splunk-addon" -version = "5.3.0-beta.2" +version = "5.3.0-beta.3" description = "A Dynamic test tool for Splunk Apps and Add-ons" authors = ["Splunk "] license = "APACHE-2.0" diff --git a/pytest_splunk_addon/__init__.py b/pytest_splunk_addon/__init__.py index ede67f73..e490abf5 100644 --- a/pytest_splunk_addon/__init__.py +++ b/pytest_splunk_addon/__init__.py @@ -18,4 +18,4 @@ __author__ = """Splunk Inc.""" __email__ = "addonfactory@splunk.com" -__version__ = "5.3.0-beta.2" +__version__ = "5.3.0-beta.3" From 93d280edb8bacab9ab55c00893d53a70f84dc627 Mon Sep 17 00:00:00 2001 From: harshilgajera-crest <69803385+harshilgajera-crest@users.noreply.github.com> Date: Tue, 11 Jun 2024 18:54:34 +0530 Subject: [PATCH 09/29] chore: merge respective docker-compose* and pytest* files into one (#849) - Removed docker-compose-ci.yaml and pytest-ci.yaml - Updated docker-compose.yaml and pytest.ini with required changes - Now docker-compose.yaml and pytest.ini can be used in ci and local as well --- .github/workflows/build-test-release.yml | 4 +- Dockerfile.tests | 2 +- docker-compose-ci.yml | 93 ------------------------ docker-compose.yml | 11 ++- entrypoint.sh | 2 +- pytest-ci.ini | 20 ----- pytest.ini | 2 +- 7 files changed, 15 insertions(+), 119 deletions(-) delete mode 100644 docker-compose-ci.yml delete mode 100644 pytest-ci.ini diff --git a/.github/workflows/build-test-release.yml b/.github/workflows/build-test-release.yml index 29e970dc..7dcd4280 100644 --- a/.github/workflows/build-test-release.yml +++ b/.github/workflows/build-test-release.yml @@ -112,8 +112,8 @@ jobs: export SPLUNK_VERSION=${{ matrix.splunk.version }} export SPLUNK_HEC_TOKEN="9b741d03-43e9-4164-908b-e09102327d22" echo $SPLUNK_VERSION - docker compose -f "docker-compose-ci.yml" build - SPLUNK_PASSWORD=Chang3d! docker compose -f docker-compose-ci.yml up --abort-on-container-exit + docker compose -f "docker-compose.yml" build + SPLUNK_PASSWORD=Chang3d! docker compose -f docker-compose.yml up --abort-on-container-exit docker volume ls - name: Collect Results run: | diff --git a/Dockerfile.tests b/Dockerfile.tests index f0f11fb2..d00b15b8 100644 --- a/Dockerfile.tests +++ b/Dockerfile.tests @@ -31,7 +31,7 @@ RUN export DEBIAN_FRONTEND=noninteractive ;\ ENV LANG en_US.utf8 -COPY pytest-ci.ini /work/pytest.ini +COPY pytest.ini /work/pytest.ini COPY tests /work/tests/ WORKDIR /work diff --git a/docker-compose-ci.yml b/docker-compose-ci.yml deleted file mode 100644 index 8c352854..00000000 --- a/docker-compose-ci.yml +++ /dev/null @@ -1,93 +0,0 @@ -# -# Copyright 2024 Splunk Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -#Splunk Connect for Syslog (SC4S) by Splunk, Inc. -# -#To the extent possible under law, the person who associated CC0 with -#Splunk Connect for Syslog (SC4S) has waived all copyright and related or neighboring rights -#to Splunk Connect for Syslog (SC4S). -# -#You should have received a copy of the CC0 legalcode along with this -#work. If not, see . -version: "3.7" -services: - test: - build: - context: . - dockerfile: Dockerfile.tests - links: - - splunk - - sc4s - volumes: - - results:/work/test-results - - sc4s: - image: ghcr.io/splunk/splunk-connect-for-syslog/container2:latest - hostname: sc4s - #When this is enabled test_common will fail - # command: -det - ports: - - "514" - - "601" - - "514/udp" - - "5000-5050" - - "5000-5050/udp" - - "6514" - stdin_open: true - tty: true - links: - - splunk - environment: - - SPLUNK_HEC_URL=https://splunk:8088 - - SPLUNK_HEC_TOKEN=70b6ae71-76b3-4c38-9597-0c5b37ad9630 - - SC4S_SOURCE_TLS_ENABLE=no - - SC4S_DEST_SPLUNK_HEC_TLS_VERIFY=no - - SC4S_LISTEN_JUNIPER_NETSCREEN_TCP_PORT=5000 - - SC4S_LISTEN_CISCO_ASA_TCP_PORT=5001 - - SC4S_LISTEN_CISCO_IOS_TCP_PORT=5002 - - SC4S_LISTEN_CISCO_MERAKI_TCP_PORT=5003 - - SC4S_LISTEN_JUNIPER_IDP_TCP_PORT=5004 - - SC4S_LISTEN_PALOALTO_PANOS_TCP_PORT=5005 - - SC4S_LISTEN_PFSENSE_TCP_PORT=5006 - - SC4S_LISTEN_CISCO_ASA_UDP_PORT=5001 - - SC4S_LISTEN_CISCO_IOS_UDP_PORT=5002 - - SC4S_LISTEN_CISCO_MERAKI_UDP_PORT=5003 - - SC4S_LISTEN_JUNIPER_IDP_UDP_PORT=5004 - - SC4S_LISTEN_PALOALTO_PANOS_UDP_PORT=5005 - - SC4S_LISTEN_PFSENSE_UDP_PORT=5006 - - SC4S_ARCHIVE_GLOBAL=no - - SC4S_LISTEN_CHECKPOINT_SPLUNK_NOISE_CONTROL=yes - - splunk: - build: - context: . - dockerfile: Dockerfile.splunk - args: - SPLUNK_APP_ID: ${SPLUNK_APP_ID} - SPLUNK_APP_PACKAGE: ${SPLUNK_APP_PACKAGE} - SPLUNK_VERSION: ${SPLUNK_VERSION} - ports: - - "8000" - - "8088" - - "8089" - - "9997" - environment: - - SPLUNK_PASSWORD=${SPLUNK_PASSWORD} - - SPLUNK_HEC_TOKEN=${SPLUNK_HEC_TOKEN} - - SPLUNK_START_ARGS=--accept-license - - TEST_SC4S_ACTIVATE_EXAMPLES=yes -volumes: - results: - external: false diff --git a/docker-compose.yml b/docker-compose.yml index b502a0ec..347bd574 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -23,6 +23,15 @@ #work. If not, see . version: "3.7" services: + test: + build: + context: . + dockerfile: Dockerfile.tests + links: + - splunk + - sc4s + volumes: + - results:/work/test-results sc4s: image: ghcr.io/splunk/splunk-connect-for-syslog/container2:latest @@ -101,5 +110,5 @@ services: - ${CURRENT_DIR}/uf_files:${CURRENT_DIR}/uf_files volumes: - splunk-sc4s-var: + results: external: false \ No newline at end of file diff --git a/entrypoint.sh b/entrypoint.sh index 3664f2a4..d350ca6d 100755 --- a/entrypoint.sh +++ b/entrypoint.sh @@ -11,4 +11,4 @@ export PATH="/root/.local/bin:$PATH" source ~/.poetry/env sleep 15 poetry install -exec poetry run pytest -vv $@ +exec poetry run pytest -vv --junitxml=/work/test-results/test.xml $@ diff --git a/pytest-ci.ini b/pytest-ci.ini deleted file mode 100644 index e1785e69..00000000 --- a/pytest-ci.ini +++ /dev/null @@ -1,20 +0,0 @@ -# -# Copyright 2024 Splunk Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -[pytest] -testpaths = tests -addopts = -v --tb=long --junitxml=/work/test-results/test.xml -m external tests/e2e -filterwarnings = - ignore::DeprecationWarning diff --git a/pytest.ini b/pytest.ini index 576b89d1..c276c43e 100644 --- a/pytest.ini +++ b/pytest.ini @@ -15,6 +15,6 @@ # [pytest] testpaths = tests -addopts = -v --tb=long -m docker --log-level=INFO +addopts = -v --tb=long -m external tests/e2e filterwarnings = ignore::DeprecationWarning From 1157ab9c62c584ba31bd92b1951fee73551b503b Mon Sep 17 00:00:00 2001 From: harshilgajera-crest <69803385+harshilgajera-crest@users.noreply.github.com> Date: Wed, 26 Jun 2024 21:12:29 +0530 Subject: [PATCH 10/29] feat: updating cim model definitions (#856) Added cim models for v5.3.1 and v5.3.2 Created a runbook:https://docs.google.com/document/d/1sOG0FWM9StzgNJx4tYzsX4Tur33D91V59v3SObrXvks/edit --- .../CIM_Models/datamodel_definition.py | 388 ++++++++++++++++-- 1 file changed, 363 insertions(+), 25 deletions(-) diff --git a/pytest_splunk_addon/standard_lib/CIM_Models/datamodel_definition.py b/pytest_splunk_addon/standard_lib/CIM_Models/datamodel_definition.py index f1590ab6..32667498 100644 --- a/pytest_splunk_addon/standard_lib/CIM_Models/datamodel_definition.py +++ b/pytest_splunk_addon/standard_lib/CIM_Models/datamodel_definition.py @@ -14,7 +14,7 @@ # limitations under the License. # datamodels = { - "latest": { + "4.18.1": { "Alerts": { "BaseEvent": [ "app", @@ -24,7 +24,6 @@ "src", "type", "user", - "user_name", ] }, "Application_State": { @@ -50,12 +49,7 @@ ] }, "Change": { - "Account_Management": [ - "dest_nt_domain", - "src_nt_domain", - "src_user", - "src_user_name", - ], + "Account_Management": ["dest_nt_domain", "src_nt_domain", "src_user"], "BaseEvent": [ "change_type", "command", @@ -71,7 +65,6 @@ "result_id", "src", "user", - "user_name", "vendor_product", "action", ], @@ -137,17 +130,322 @@ "vendor_product", ] }, - "Data_Access": { + "Email": { + "BaseEvent": [ + "action", + "dest", + "src", + "recipient", + "recipient_domain", + "src_user", + "src_user_domain", + "vendor_product", + ], + "Filtering": ["signature"], + }, + "Endpoint": { + "Filesystem": [ + "file_access_time", + "file_create_time", + "file_modify_time", + "action", + "dest", + "file_hash", + "file_name", + "file_path", + "file_acl", + "file_size", + "user", + "vendor_product", + ], + "Ports": [ + "dest_port", + "transport", + "src", + "src_port", + "dest", + "user", + "vendor_product", + ], + "Processes": [ + "dest", + "parent_process", + "parent_process_name", + "process", + "process_name", + "user", + "vendor_product", + ], + "Registry": [ + "action", + "dest", + "registry_path", + "registry_key_name", + "registry_value_data", + "registry_value_name", + "registry_value_type", + "user", + "vendor_product", + ], + "Services": [ + "dest", + "service", + "service_name", + "service_id", + "start_mode", + "status", + "user", + "vendor_product", + ], + }, + "Event_Signatures": {"BaseEvent": ["vendor_product"]}, + "Intrusion_Detection": { + "BaseEvent": [ + "dvc", + "ids_type", + "category", + "signature", + "severity", + "src", + "dest", + "user", + "vendor_product", + ] + }, + "Malware": { "BaseEvent": [ "action", + "category", + "date", + "dest", + "dest_nt_domain", + "severity", + "signature", + "user", + "vendor_product", + ], + "Malware_Operations": [ + "product_version", + "signature_version", + "dest", + "dest_nt_domain", + "vendor_product", + ], + }, + "Network_Resolution": { + "BaseEvent": [ + "answer", + "dest", + "message_type", + "query", + "reply_code_id", + "reply_code", + "vendor_product", + ] + }, + "Network_Sessions": { + "BaseEvent": [ + "dest_ip", + "dest_mac", + "dest_nt_host", + "dest_dns", + "user", + "vendor_product", + ] + }, + "Network_Traffic": { + "BaseEvent": [ + "action", + "bytes", + "bytes_in", + "bytes_out", + "dest", + "dest_port", + "dvc", + "rule", + "src", + "src_port", + "transport", + "user", + "vendor_product", + ] + }, + "Performance": { + "BaseEvent": ["dest"], + "CPU": ["cpu_load_percent"], + "Facilities": ["temperature"], + "Memory": ["mem", "mem_free", "mem_used"], + "Network": ["thruput"], + "OS": ["signature"], + "Storage": [ + "storage_free", + "storage_free_percent", + "storage_used", + "storage_used_percent", + ], + "Timesync": ["action"], + "Uptime": ["uptime"], + }, + "Updates": { + "BaseEvent": [ + "dest", + "signature", + "signature_id", + "status", + "vendor_product", + ] + }, + "Vulnerabilities": { + "BaseEvent": [ + "category", + "cve", + "dest", + "dvc", + "severity", + "signature", + "vendor_product", + ] + }, + "Web": { + "BaseEvent": [ + "action", + "bytes", + "bytes_in", + "bytes_out", + "dest", + "http_content_type", + "http_method", + "http_referrer", + "http_referrer_domain", + "http_user_agent", + "src", + "status", + "url", + "url_domain", + "user", + "vendor_product", + ] + }, + }, + "4.19": { + "Alerts": { + "BaseEvent": [ "app", "dest", + "severity", + "signature_id", + "src", + "type", + "user", + "user_name", + ] + }, + "Application_State": { + "BaseEvent": ["dest", "process"], + "Ports": ["dest_port", "transport"], + "Services": ["service", "service_id", "start_mode", "status"], + }, + "Authentication": { + "BaseEvent": ["action", "app", "src", "src_user", "dest", "user"] + }, + "Certificates": { + "SSL": [ + "ssl_end_time", + "ssl_serial", + "ssl_start_time", + "ssl_hash", + "ssl_issuer", + "ssl_issuer_common_name", + "ssl_issuer_email_domain", + "ssl_subject", + "ssl_subject_common_name", + "ssl_subject_email_domain", + ] + }, + "Change": { + "Account_Management": [ + "dest_nt_domain", + "src_nt_domain", + "src_user", + "src_user_name", + ], + "BaseEvent": [ + "change_type", + "command", + "dest", + "dvc", "object", + "object_attrs", "object_category", "object_id", - "object_size", + "object_path", + "status", + "result", + "result_id", "src", - "vendor_account", + "user", + "user_name", + "vendor_product", + "action", + ], + "Instance_Changes": ["image_id", "instance_type"], + }, + "Change_Analysis": { + "Account_Management": ["dest_nt_domain", "src_nt_domain", "src_user"], + "BaseEvent": [ + "change_type", + "command", + "dest", + "dvc", + "object", + "object_attrs", + "object_category", + "object_id", + "object_path", + "status", + "result", + "result_id", + "src", + "user", + "vendor_product", + "action", + ], + "Filesystem_Changes": [ + "file_access_time", + "file_create_time", + "file_hash", + "file_modify_time", + "file_name", + "file_path", + "file_acl", + "file_size", + ], + }, + "Compute_Inventory": { + "BaseEvent": ["dest", "vendor_product"], + "CPU": ["cpu_cores", "cpu_count", "cpu_mhz"], + "Memory": ["mem"], + "Network": ["dns", "interface", "ip", "mac", "name"], + "OS": ["os"], + "Snapshot": ["size", "snapshot"], + "Storage": ["mount", "storage"], + "User": ["interactive", "password", "user"], + "Virtual_OS": ["hypervisor"], + }, + "DLP": { + "BaseEvent": [ + "action", + "category", + "dvc", + "dlp_type", + "object", + "object_path", + "object_category", + "signature", + "severity", + "src", + "src_user", + "dest", "user", "vendor_product", ] @@ -191,7 +489,6 @@ ], "Processes": [ "dest", - "original_file_name", "parent_process", "parent_process_name", "process", @@ -350,7 +647,7 @@ ] }, }, - "4.18.1": { + "4.20.2": { "Alerts": { "BaseEvent": [ "app", @@ -360,6 +657,7 @@ "src", "type", "user", + "user_name", ] }, "Application_State": { @@ -385,7 +683,12 @@ ] }, "Change": { - "Account_Management": ["dest_nt_domain", "src_nt_domain", "src_user"], + "Account_Management": [ + "dest_nt_domain", + "src_nt_domain", + "src_user", + "src_user_name", + ], "BaseEvent": [ "change_type", "command", @@ -401,6 +704,7 @@ "result_id", "src", "user", + "user_name", "vendor_product", "action", ], @@ -466,6 +770,21 @@ "vendor_product", ] }, + "Data_Access": { + "BaseEvent": [ + "action", + "app", + "dest", + "object", + "object_category", + "object_id", + "object_size", + "src", + "tenant_id", + "user", + "vendor_product", + ] + }, "Email": { "BaseEvent": [ "action", @@ -505,6 +824,7 @@ ], "Processes": [ "dest", + "original_file_name", "parent_process", "parent_process_name", "process", @@ -663,7 +983,7 @@ ] }, }, - "4.19": { + "5.0.0": { "Alerts": { "BaseEvent": [ "app", @@ -786,6 +1106,21 @@ "vendor_product", ] }, + "Data_Access": { + "BaseEvent": [ + "action", + "app", + "dest", + "object", + "object_category", + "object_id", + "object_size", + "src", + "vendor_account", + "user", + "vendor_product", + ] + }, "Email": { "BaseEvent": [ "action", @@ -825,6 +1160,7 @@ ], "Processes": [ "dest", + "original_file_name", "parent_process", "parent_process_name", "process", @@ -983,7 +1319,7 @@ ] }, }, - "4.20.2": { + "5.3.1": { "Alerts": { "BaseEvent": [ "app", @@ -993,7 +1329,6 @@ "src", "type", "user", - "user_name", ] }, "Application_State": { @@ -1023,7 +1358,6 @@ "dest_nt_domain", "src_nt_domain", "src_user", - "src_user_name", ], "BaseEvent": [ "change_type", @@ -1040,7 +1374,6 @@ "result_id", "src", "user", - "user_name", "vendor_product", "action", ], @@ -1112,11 +1445,13 @@ "app", "dest", "object", + "object_attrs", "object_category", "object_id", "object_size", "src", - "tenant_id", + "user_name", + "vendor_account", "user", "vendor_product", ] @@ -1160,6 +1495,7 @@ ], "Processes": [ "dest", + "loaded_file", "original_file_name", "parent_process", "parent_process_name", @@ -1319,7 +1655,7 @@ ] }, }, - "5.0.0": { + "5.3.2": { "Alerts": { "BaseEvent": [ "app", @@ -1329,7 +1665,6 @@ "src", "type", "user", - "user_name", ] }, "Application_State": { @@ -1359,7 +1694,6 @@ "dest_nt_domain", "src_nt_domain", "src_user", - "src_user_name", ], "BaseEvent": [ "change_type", @@ -1376,7 +1710,6 @@ "result_id", "src", "user", - "user_name", "vendor_product", "action", ], @@ -1448,10 +1781,12 @@ "app", "dest", "object", + "object_attrs", "object_category", "object_id", "object_size", "src", + "user_name", "vendor_account", "user", "vendor_product", @@ -1496,6 +1831,7 @@ ], "Processes": [ "dest", + "loaded_file", "original_file_name", "parent_process", "parent_process_name", @@ -1656,3 +1992,5 @@ }, }, } + +datamodels["latest"] = datamodels["5.3.2"] From 0f969966ded89c6801a422f2bffc1181e4e8b950 Mon Sep 17 00:00:00 2001 From: srv-rr-github-token <94607705+srv-rr-github-token@users.noreply.github.com> Date: Wed, 26 Jun 2024 16:07:19 +0000 Subject: [PATCH 11/29] chore(release): 5.3.0-beta.4 # [5.3.0-beta.4](https://github.com/splunk/pytest-splunk-addon/compare/v5.3.0-beta.3...v5.3.0-beta.4) (2024-06-26) ### Features * updating cim model definitions ([#856](https://github.com/splunk/pytest-splunk-addon/issues/856)) ([1157ab9](https://github.com/splunk/pytest-splunk-addon/commit/1157ab9c62c584ba31bd92b1951fee73551b503b)) --- NOTICE | 54 ++++++++++++++++----------------- pyproject.toml | 2 +- pytest_splunk_addon/__init__.py | 2 +- 3 files changed, 29 insertions(+), 29 deletions(-) diff --git a/NOTICE b/NOTICE index 25b7e2fd..83a2e3c5 100644 --- a/NOTICE +++ b/NOTICE @@ -7,9 +7,9 @@ The following 3rd-party software packages may be used by or distributed with pytest-splunk-addon. Any information relevant to third-party vendors listed below are collected using common, reasonable means. -Date generated: 2024-6-3 +Date generated: 2024-6-26 -Revision ID: c02e369bc0d1a99b5d86e7c132451983e46c45df +Revision ID: 1157ab9c62c584ba31bd92b1951fee73551b503b ================================================================================ ================================================================================ @@ -1679,7 +1679,7 @@ Package Title: packaging (24.0) -------------------------------------------------------------------------------- * Declared Licenses * -BSD-3-Clause, BSD-2-Clause, Apache-2.0 +BSD-3-Clause, Apache-2.0, BSD-2-Clause * BSD-3-Clause * @@ -1710,6 +1710,13 @@ CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +* Apache-2.0 * + +This software is made available under the terms of *either* of the licenses +found in LICENSE.APACHE or LICENSE.BSD. Contributions to this software is made +under the terms of *both* these licenses. + + * BSD-2-Clause * Copyright (c) Donald Stufft and individual contributors. @@ -1737,13 +1744,6 @@ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -* Apache-2.0 * - -This software is made available under the terms of *either* of the licenses -found in LICENSE.APACHE or LICENSE.BSD. Contributions to this software is made -under the terms of *both* these licenses. - - -------------------------------------------------------------------------------- Package Title: pkgutil_resolve_name (1.3.10) @@ -1907,22 +1907,7 @@ SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. * Other Licenses * -MIT-CMU, GPL-1.0-only, BSD-3-Clause - -* MIT-CMU * - -Copyright 1989, 1991, 1992 by Carnegie Mellon University -Derivative Work - 1996, 1998-2000 Copyright 1996, 1998-2000 The Regents of the University of California -All Rights Reserved -Permission to use, copy, modify and distribute this software and its documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appears in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of CMU and The Regents of the University of California not be used in advertising or publicity pertaining to distribution of the software without specific written permission. -CMU AND THE REGENTS OF THE UNIVERSITY OF CALIFORNIA DISCLAIM ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL CMU OR THE REGENTS OF THE UNIVERSITY OF CALIFORNIA BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM THE LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - -* GPL-1.0-only * - -Copyright (C) 2004-2011 Paul T. McGuire. All rights reserved. -This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; version 1. -This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. -You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +BSD-3-Clause, MIT-CMU, GPL-1.0-only * BSD-3-Clause * @@ -1953,6 +1938,21 @@ CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +* MIT-CMU * + +Copyright 1989, 1991, 1992 by Carnegie Mellon University +Derivative Work - 1996, 1998-2000 Copyright 1996, 1998-2000 The Regents of the University of California +All Rights Reserved +Permission to use, copy, modify and distribute this software and its documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appears in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of CMU and The Regents of the University of California not be used in advertising or publicity pertaining to distribution of the software without specific written permission. +CMU AND THE REGENTS OF THE UNIVERSITY OF CALIFORNIA DISCLAIM ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL CMU OR THE REGENTS OF THE UNIVERSITY OF CALIFORNIA BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM THE LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +* GPL-1.0-only * + +Copyright (C) 2004-2011 Paul T. McGuire. All rights reserved. +This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; version 1. +This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. +You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + -------------------------------------------------------------------------------- Package Title: pyrsistent (0.19.3) @@ -5661,4 +5661,4 @@ No license text available -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -Report Generated by FOSSA on 2024-6-3 +Report Generated by FOSSA on 2024-6-26 diff --git a/pyproject.toml b/pyproject.toml index 14328833..e51f82a0 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -16,7 +16,7 @@ [tool.poetry] name = "pytest-splunk-addon" -version = "5.3.0-beta.3" +version = "5.3.0-beta.4" description = "A Dynamic test tool for Splunk Apps and Add-ons" authors = ["Splunk "] license = "APACHE-2.0" diff --git a/pytest_splunk_addon/__init__.py b/pytest_splunk_addon/__init__.py index e490abf5..0f2e506d 100644 --- a/pytest_splunk_addon/__init__.py +++ b/pytest_splunk_addon/__init__.py @@ -18,4 +18,4 @@ __author__ = """Splunk Inc.""" __email__ = "addonfactory@splunk.com" -__version__ = "5.3.0-beta.3" +__version__ = "5.3.0-beta.4" From fc43cea1d2e8a59d9b94be17697eb6fc2b0a2050 Mon Sep 17 00:00:00 2001 From: harshilgajera-crest <69803385+harshilgajera-crest@users.noreply.github.com> Date: Thu, 27 Jun 2024 19:29:11 +0530 Subject: [PATCH 12/29] refactor: remove standard_lib nested folder (#850) Moved modules from standard_lib folder to its parent folder Kept addon_basic.py in standard_lib folder for backward compatibility. --- .licenserc.yaml | 4 +- docs/api_reference/addon_parser.md | 14 +++---- docs/api_reference/api_reference.md | 2 +- docs/api_reference/app_test_generator.md | 2 +- docs/api_reference/cim_tests.md | 20 ++++----- docs/api_reference/event_ingestion.md | 8 ++-- docs/api_reference/fields_tests.md | 8 ++-- docs/api_reference/index_time_tests.md | 6 +-- docs/api_reference/sample_generation.md | 8 ++-- pyproject.toml | 4 +- .../{standard_lib => }/CIM_Models/__init__.py | 0 .../CIM_Models/datamodel_definition.py | 0 .../addon_parser/__init__.py | 0 .../addon_parser/eventtype_parser.py | 0 .../{standard_lib => }/addon_parser/fields.py | 0 .../addon_parser/props_parser.py | 2 +- .../addon_parser/savedsearches_parser.py | 0 .../addon_parser/tags_parser.py | 0 .../addon_parser/transforms_parser.py | 0 .../{standard_lib => }/app_test_generator.py | 0 .../cim_compliance/__init__.py | 0 .../cim_compliance/base_report.py | 0 .../cim_compliance/base_table.py | 0 .../cim_compliance/cim_report_generator.py | 0 .../cim_compliance/markdown_report.py | 0 .../cim_compliance/markdown_table.py | 0 .../cim_compliance/plugin.py | 0 .../cim_tests/CommonFields.json | 0 .../cim_tests/DatamodelSchema.json | 0 .../{standard_lib => }/cim_tests/__init__.py | 0 .../cim_tests/base_schema.py | 0 .../cim_tests/data_model.py | 0 .../cim_tests/data_model_handler.py | 0 .../{standard_lib => }/cim_tests/data_set.py | 0 .../cim_tests/field_test_adapter.py | 0 .../cim_tests/field_test_helper.py | 0 .../cim_tests/json_schema.py | 0 .../cim_tests/test_generator.py | 0 .../cim_tests/test_templates.py | 0 .../data_models/Alerts.json | 0 .../data_models/Authentication.json | 0 .../data_models/Certificates.json | 0 .../data_models/Change.json | 0 .../{standard_lib => }/data_models/DLP.json | 0 .../{standard_lib => }/data_models/Email.json | 0 .../data_models/Endpoint.json | 0 .../data_models/Intrusion_Detection.json | 0 .../data_models/Malware.json | 0 .../data_models/Network_Resolution.json | 0 .../data_models/Network_Sessions.json | 0 .../data_models/Network_Traffic.json | 0 .../data_models/Updates.json | 0 .../data_models/Vulnerabilities.json | 0 .../{standard_lib => }/data_models/Web.json | 0 .../event_ingestors/__init__.py | 0 .../event_ingestors/base_event_ingestor.py | 0 .../event_ingestors/file_monitor_ingestor.py | 0 .../event_ingestors/hec_event_ingestor.py | 0 .../event_ingestors/hec_metric_ingestor.py | 0 .../event_ingestors/hec_raw_ingestor.py | 0 .../event_ingestors/ingestor_helper.py | 0 .../event_ingestors/sc4s_event_ingestor.py | 0 .../fields_tests/__init__.py | 0 .../fields_tests/field_bank.py | 0 ...equirement_test_datamodel_tag_constants.py | 0 .../fields_tests/sample_parser.py | 0 .../fields_tests/test_generator.py | 0 .../fields_tests/test_templates.py | 0 .../index_tests/__init__.py | 0 .../index_tests/key_fields.py | 0 .../index_tests/test_generator.py | 0 .../index_tests/test_templates.py | 0 pytest_splunk_addon/plugin.py | 7 ++-- .../sample_generation/__init__.py | 0 .../pytest_splunk_addon_data_parser.py | 0 .../sample_generation/rule.py | 0 .../sample_generation/sample_event.py | 0 .../sample_generation/sample_generator.py | 0 .../sample_generation/sample_stanza.py | 0 .../sample_xdist_generator.py | 2 +- .../sample_generation/schema.xsd | 0 .../sample_generation/time_parser.py | 0 pytest_splunk_addon/splunk.py | 6 +-- pytest_splunk_addon/standard_lib/__init__.py | 37 ----------------- .../standard_lib/addon_basic.py | 8 ++-- pytest_splunk_addon/tools/cim_field_report.py | 2 +- .../{standard_lib => }/utilities/__init__.py | 0 .../utilities/junit_parser.py | 0 .../utilities/log_helper.py | 0 .../utilities/sample_splitter.py | 0 .../utilities/xml_event_parser.py | 0 .../{standard_lib => }/utils.py | 0 tests/e2e/test_cim_report.py | 2 +- tests/e2e/test_splunk_addon.py | 2 +- .../test_eventtype_parser.py | 2 +- .../test_addon_parser/test_fields.py | 6 +-- .../test_addon_parser/test_props_parser.py | 4 +- .../test_pytest_addon_init.py | 8 ++-- .../test_savedsearches_parser.py | 2 +- .../test_addon_parser/test_tags_parser.py | 2 +- .../test_transforms_parser.py | 4 +- .../test_app_test_generator.py | 4 +- .../test_cim_report_generator.py | 4 +- .../test_markdown_report.py | 2 +- .../test_markdown_table.py | 2 +- .../test_cim_compliance/test_plugin.py | 4 +- .../test_cim_tests/test_data_model.py | 4 +- .../test_cim_tests/test_data_model_handler.py | 6 +-- .../test_cim_tests/test_data_set.py | 4 +- .../test_cim_tests/test_field_test_adapter.py | 6 +-- .../test_cim_tests/test_field_test_helper.py | 8 ++-- .../test_cim_tests/test_json_schema.py | 10 ++--- .../test_cim_tests/test_test_generator.py | 12 +++--- .../test_file_monitor_ingestor.py | 4 +- .../test_hec_event_metric_raw_ingestor.py | 6 +-- .../test_ingestor_helper.py | 8 ++-- .../test_sc4s_event_ingestor.py | 4 +- .../test_fields_tests/test_field_bank.py | 8 ++-- .../test_fields_tests/test_test_generator.py | 8 ++-- .../test_index_tests/test_test_generator.py | 4 +- .../test_utilities/test_junit_parser.py | 2 +- .../test_utilities/test_log_helper.py | 4 +- .../test_utilities/test_xml_event_parser.py | 2 +- .../test_pytest_splunk_addon_data_parser.py | 2 +- .../tests_sample_generation/test_rule.py | 41 +++++++------------ .../test_sample_event.py | 26 ++++-------- .../test_sample_generator.py | 4 +- .../test_sample_stanza.py | 12 +++--- .../test_sample_xdist_generator.py | 10 ++--- .../test_time_parser.py | 2 +- .../tests_tools/test_cim_report.py | 2 +- 131 files changed, 158 insertions(+), 229 deletions(-) rename pytest_splunk_addon/{standard_lib => }/CIM_Models/__init__.py (100%) rename pytest_splunk_addon/{standard_lib => }/CIM_Models/datamodel_definition.py (100%) rename pytest_splunk_addon/{standard_lib => }/addon_parser/__init__.py (100%) rename pytest_splunk_addon/{standard_lib => }/addon_parser/eventtype_parser.py (100%) rename pytest_splunk_addon/{standard_lib => }/addon_parser/fields.py (100%) rename pytest_splunk_addon/{standard_lib => }/addon_parser/props_parser.py (99%) rename pytest_splunk_addon/{standard_lib => }/addon_parser/savedsearches_parser.py (100%) rename pytest_splunk_addon/{standard_lib => }/addon_parser/tags_parser.py (100%) rename pytest_splunk_addon/{standard_lib => }/addon_parser/transforms_parser.py (100%) rename pytest_splunk_addon/{standard_lib => }/app_test_generator.py (100%) rename pytest_splunk_addon/{standard_lib => }/cim_compliance/__init__.py (100%) rename pytest_splunk_addon/{standard_lib => }/cim_compliance/base_report.py (100%) rename pytest_splunk_addon/{standard_lib => }/cim_compliance/base_table.py (100%) rename pytest_splunk_addon/{standard_lib => }/cim_compliance/cim_report_generator.py (100%) rename pytest_splunk_addon/{standard_lib => }/cim_compliance/markdown_report.py (100%) rename pytest_splunk_addon/{standard_lib => }/cim_compliance/markdown_table.py (100%) rename pytest_splunk_addon/{standard_lib => }/cim_compliance/plugin.py (100%) rename pytest_splunk_addon/{standard_lib => }/cim_tests/CommonFields.json (100%) rename pytest_splunk_addon/{standard_lib => }/cim_tests/DatamodelSchema.json (100%) rename pytest_splunk_addon/{standard_lib => }/cim_tests/__init__.py (100%) rename pytest_splunk_addon/{standard_lib => }/cim_tests/base_schema.py (100%) rename pytest_splunk_addon/{standard_lib => }/cim_tests/data_model.py (100%) rename pytest_splunk_addon/{standard_lib => }/cim_tests/data_model_handler.py (100%) rename pytest_splunk_addon/{standard_lib => }/cim_tests/data_set.py (100%) rename pytest_splunk_addon/{standard_lib => }/cim_tests/field_test_adapter.py (100%) rename pytest_splunk_addon/{standard_lib => }/cim_tests/field_test_helper.py (100%) rename pytest_splunk_addon/{standard_lib => }/cim_tests/json_schema.py (100%) rename pytest_splunk_addon/{standard_lib => }/cim_tests/test_generator.py (100%) rename pytest_splunk_addon/{standard_lib => }/cim_tests/test_templates.py (100%) rename pytest_splunk_addon/{standard_lib => }/data_models/Alerts.json (100%) rename pytest_splunk_addon/{standard_lib => }/data_models/Authentication.json (100%) rename pytest_splunk_addon/{standard_lib => }/data_models/Certificates.json (100%) rename pytest_splunk_addon/{standard_lib => }/data_models/Change.json (100%) rename pytest_splunk_addon/{standard_lib => }/data_models/DLP.json (100%) rename pytest_splunk_addon/{standard_lib => }/data_models/Email.json (100%) rename pytest_splunk_addon/{standard_lib => }/data_models/Endpoint.json (100%) rename pytest_splunk_addon/{standard_lib => }/data_models/Intrusion_Detection.json (100%) rename pytest_splunk_addon/{standard_lib => }/data_models/Malware.json (100%) rename pytest_splunk_addon/{standard_lib => }/data_models/Network_Resolution.json (100%) rename pytest_splunk_addon/{standard_lib => }/data_models/Network_Sessions.json (100%) rename pytest_splunk_addon/{standard_lib => }/data_models/Network_Traffic.json (100%) rename pytest_splunk_addon/{standard_lib => }/data_models/Updates.json (100%) rename pytest_splunk_addon/{standard_lib => }/data_models/Vulnerabilities.json (100%) rename pytest_splunk_addon/{standard_lib => }/data_models/Web.json (100%) rename pytest_splunk_addon/{standard_lib => }/event_ingestors/__init__.py (100%) rename pytest_splunk_addon/{standard_lib => }/event_ingestors/base_event_ingestor.py (100%) rename pytest_splunk_addon/{standard_lib => }/event_ingestors/file_monitor_ingestor.py (100%) rename pytest_splunk_addon/{standard_lib => }/event_ingestors/hec_event_ingestor.py (100%) rename pytest_splunk_addon/{standard_lib => }/event_ingestors/hec_metric_ingestor.py (100%) rename pytest_splunk_addon/{standard_lib => }/event_ingestors/hec_raw_ingestor.py (100%) rename pytest_splunk_addon/{standard_lib => }/event_ingestors/ingestor_helper.py (100%) rename pytest_splunk_addon/{standard_lib => }/event_ingestors/sc4s_event_ingestor.py (100%) rename pytest_splunk_addon/{standard_lib => }/fields_tests/__init__.py (100%) rename pytest_splunk_addon/{standard_lib => }/fields_tests/field_bank.py (100%) rename pytest_splunk_addon/{standard_lib => }/fields_tests/requirement_test_datamodel_tag_constants.py (100%) rename pytest_splunk_addon/{standard_lib => }/fields_tests/sample_parser.py (100%) rename pytest_splunk_addon/{standard_lib => }/fields_tests/test_generator.py (100%) rename pytest_splunk_addon/{standard_lib => }/fields_tests/test_templates.py (100%) rename pytest_splunk_addon/{standard_lib => }/index_tests/__init__.py (100%) rename pytest_splunk_addon/{standard_lib => }/index_tests/key_fields.py (100%) rename pytest_splunk_addon/{standard_lib => }/index_tests/test_generator.py (100%) rename pytest_splunk_addon/{standard_lib => }/index_tests/test_templates.py (100%) rename pytest_splunk_addon/{standard_lib => }/sample_generation/__init__.py (100%) rename pytest_splunk_addon/{standard_lib => }/sample_generation/pytest_splunk_addon_data_parser.py (100%) rename pytest_splunk_addon/{standard_lib => }/sample_generation/rule.py (100%) rename pytest_splunk_addon/{standard_lib => }/sample_generation/sample_event.py (100%) rename pytest_splunk_addon/{standard_lib => }/sample_generation/sample_generator.py (100%) rename pytest_splunk_addon/{standard_lib => }/sample_generation/sample_stanza.py (100%) rename pytest_splunk_addon/{standard_lib => }/sample_generation/sample_xdist_generator.py (99%) rename pytest_splunk_addon/{standard_lib => }/sample_generation/schema.xsd (100%) rename pytest_splunk_addon/{standard_lib => }/sample_generation/time_parser.py (100%) delete mode 100644 pytest_splunk_addon/standard_lib/__init__.py rename pytest_splunk_addon/{standard_lib => }/utilities/__init__.py (100%) rename pytest_splunk_addon/{standard_lib => }/utilities/junit_parser.py (100%) rename pytest_splunk_addon/{standard_lib => }/utilities/log_helper.py (100%) rename pytest_splunk_addon/{standard_lib => }/utilities/sample_splitter.py (100%) rename pytest_splunk_addon/{standard_lib => }/utilities/xml_event_parser.py (100%) rename pytest_splunk_addon/{standard_lib => }/utils.py (100%) diff --git a/.licenserc.yaml b/.licenserc.yaml index 0b48976b..1cdaefb5 100644 --- a/.licenserc.yaml +++ b/.licenserc.yaml @@ -30,8 +30,8 @@ header: - "docs/**" - "tests/**" - ".*" - - "pytest_splunk_addon/standard_lib/**/*.json" - - "pytest_splunk_addon/standard_lib/**/*.xsd" + - "pytest_splunk_addon/**/*.json" + - "pytest_splunk_addon/**/*.xsd" - "MANIFEST.in" - "entrypoint.sh" - "renovate.json" diff --git a/docs/api_reference/addon_parser.md b/docs/api_reference/addon_parser.md index e6651b8c..efd8b1f2 100644 --- a/docs/api_reference/addon_parser.md +++ b/docs/api_reference/addon_parser.md @@ -1,41 +1,41 @@ # AddonParser -::: pytest_splunk_addon.standard_lib.addon_parser +::: pytest_splunk_addon.addon_parser handler: python ## PropsParser -::: pytest_splunk_addon.standard_lib.addon_parser.props_parser +::: pytest_splunk_addon.addon_parser.props_parser handler: python ## EventtypeParser -::: pytest_splunk_addon.standard_lib.addon_parser.eventtype_parser +::: pytest_splunk_addon.addon_parser.eventtype_parser handler: python ## Field -::: pytest_splunk_addon.standard_lib.addon_parser.fields +::: pytest_splunk_addon.addon_parser.fields handler: python ## TagsParser -::: pytest_splunk_addon.standard_lib.addon_parser.tags_parser +::: pytest_splunk_addon.addon_parser.tags_parser handler: python ## TransformsParser -::: pytest_splunk_addon.standard_lib.addon_parser.transforms_parser +::: pytest_splunk_addon.addon_parser.transforms_parser handler: python ## SavedsearchesParser -::: pytest_splunk_addon.standard_lib.addon_parser.savedsearches_parser +::: pytest_splunk_addon.addon_parser.savedsearches_parser handler: python diff --git a/docs/api_reference/api_reference.md b/docs/api_reference/api_reference.md index e592364b..3ba0593f 100644 --- a/docs/api_reference/api_reference.md +++ b/docs/api_reference/api_reference.md @@ -1,6 +1,6 @@ # API Documentation -::: pytest_splunk_addon.standard_lib +::: pytest_splunk_addon handler: python diff --git a/docs/api_reference/app_test_generator.md b/docs/api_reference/app_test_generator.md index f8bb7017..f338c194 100644 --- a/docs/api_reference/app_test_generator.md +++ b/docs/api_reference/app_test_generator.md @@ -1,4 +1,4 @@ # AppTestGenerator -::: pytest_splunk_addon.standard_lib.app_test_generator +::: pytest_splunk_addon.app_test_generator handler: python diff --git a/docs/api_reference/cim_tests.md b/docs/api_reference/cim_tests.md index 95353265..b4d86cb2 100644 --- a/docs/api_reference/cim_tests.md +++ b/docs/api_reference/cim_tests.md @@ -1,57 +1,57 @@ # CimTests -::: pytest_splunk_addon.standard_lib.cim_tests +::: pytest_splunk_addon.cim_tests handler: python ## TestTemplates -::: pytest_splunk_addon.standard_lib.cim_tests.test_templates +::: pytest_splunk_addon.cim_tests.test_templates handler: python ## TestGenerator -::: pytest_splunk_addon.standard_lib.cim_tests.test_generator +::: pytest_splunk_addon.cim_tests.test_generator handler: python ## DataModelHandler -::: pytest_splunk_addon.standard_lib.cim_tests.data_model_handler +::: pytest_splunk_addon.cim_tests.data_model_handler handler: python ## DataModel -::: pytest_splunk_addon.standard_lib.cim_tests.data_model +::: pytest_splunk_addon.cim_tests.data_model handler: python ## DataSet -::: pytest_splunk_addon.standard_lib.cim_tests.data_set +::: pytest_splunk_addon.cim_tests.data_set handler: python ## FieldTestAdapter -::: pytest_splunk_addon.standard_lib.cim_tests.field_test_adapter +::: pytest_splunk_addon.cim_tests.field_test_adapter handler: python ## FieldTestHelper -::: pytest_splunk_addon.standard_lib.cim_tests.field_test_helper +::: pytest_splunk_addon.cim_tests.field_test_helper handler: python ## JsonSchema -::: pytest_splunk_addon.standard_lib.cim_tests.json_schema +::: pytest_splunk_addon.cim_tests.json_schema handler: python ## BaseSchema -::: pytest_splunk_addon.standard_lib.cim_tests.base_schema +::: pytest_splunk_addon.cim_tests.base_schema handler: python diff --git a/docs/api_reference/event_ingestion.md b/docs/api_reference/event_ingestion.md index 2d7d2a69..4fd8281f 100644 --- a/docs/api_reference/event_ingestion.md +++ b/docs/api_reference/event_ingestion.md @@ -2,25 +2,25 @@ ## HEC Event Ingestor -::: pytest_splunk_addon.standard_lib.event_ingestors.hec_event_ingestor +::: pytest_splunk_addon.event_ingestors.hec_event_ingestor handler: python ## HEC Raw Ingestor -::: pytest_splunk_addon.standard_lib.event_ingestors.hec_raw_ingestor +::: pytest_splunk_addon.event_ingestors.hec_raw_ingestor handler: python ## SC4S Event Ingestor -::: pytest_splunk_addon.standard_lib.event_ingestors.sc4s_event_ingestor +::: pytest_splunk_addon.event_ingestors.sc4s_event_ingestor handler: python ## File Monitor Ingestor -::: pytest_splunk_addon.standard_lib.event_ingestors.file_monitor_ingestor +::: pytest_splunk_addon.event_ingestors.file_monitor_ingestor handler: python diff --git a/docs/api_reference/fields_tests.md b/docs/api_reference/fields_tests.md index 63d2816b..8c46b640 100644 --- a/docs/api_reference/fields_tests.md +++ b/docs/api_reference/fields_tests.md @@ -1,23 +1,23 @@ # FieldsTests -::: pytest_splunk_addon.standard_lib.fields_tests +::: pytest_splunk_addon.fields_tests handler: python ## TestTemplates -::: pytest_splunk_addon.standard_lib.fields_tests.test_templates +::: pytest_splunk_addon.fields_tests.test_templates handler: python ## TestGenerator -::: pytest_splunk_addon.standard_lib.fields_tests.test_generator +::: pytest_splunk_addon.fields_tests.test_generator handler: python ## FieldBank -::: pytest_splunk_addon.standard_lib.fields_tests.field_bank +::: pytest_splunk_addon.fields_tests.field_bank handler: python diff --git a/docs/api_reference/index_time_tests.md b/docs/api_reference/index_time_tests.md index 6acffdfa..79503c80 100644 --- a/docs/api_reference/index_time_tests.md +++ b/docs/api_reference/index_time_tests.md @@ -1,17 +1,17 @@ # IndexTimeTests -::: pytest_splunk_addon.standard_lib.index_tests +::: pytest_splunk_addon.index_tests handler: python ## TestTemplates -::: pytest_splunk_addon.standard_lib.index_tests.test_templates +::: pytest_splunk_addon.index_tests.test_templates handler: python ## TestGenerator -::: pytest_splunk_addon.standard_lib.index_tests.test_generator +::: pytest_splunk_addon.index_tests.test_generator handler: python diff --git a/docs/api_reference/sample_generation.md b/docs/api_reference/sample_generation.md index 67c52705..444e348b 100644 --- a/docs/api_reference/sample_generation.md +++ b/docs/api_reference/sample_generation.md @@ -2,22 +2,22 @@ ## PytestSplunkAddonDataParser -::: pytest_splunk_addon.standard_lib.sample_generation.pytest_splunk_addon_data_parser +::: pytest_splunk_addon.sample_generation.pytest_splunk_addon_data_parser handler: python ## SampleStanza -::: pytest_splunk_addon.standard_lib.sample_generation.sample_stanza +::: pytest_splunk_addon.sample_generation.sample_stanza handler: python ## SampleEvent -::: pytest_splunk_addon.standard_lib.sample_generation.sample_event +::: pytest_splunk_addon.sample_generation.sample_event handler: python ## Rule -::: pytest_splunk_addon.standard_lib.sample_generation.rule +::: pytest_splunk_addon.sample_generation.rule handler: python diff --git a/pyproject.toml b/pyproject.toml index e51f82a0..22899d7f 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -59,9 +59,9 @@ pytz = "^2024.1" pytest11 = { plugin = "pytest_splunk_addon.plugin", "splunk" = "pytest_splunk_addon.splunk" } [tool.poetry.scripts] -cim-report = 'pytest_splunk_addon.standard_lib.utilities.junit_parser:main' +cim-report = 'pytest_splunk_addon.utilities.junit_parser:main' cim-field-report = 'pytest_splunk_addon.tools.cim_field_report:main' -sample_splitter = 'pytest_splunk_addon.standard_lib.utilities.sample_splitter:main' +sample_splitter = 'pytest_splunk_addon.utilities.sample_splitter:main' [build-system] requires = ["poetry>=1.0.2"] diff --git a/pytest_splunk_addon/standard_lib/CIM_Models/__init__.py b/pytest_splunk_addon/CIM_Models/__init__.py similarity index 100% rename from pytest_splunk_addon/standard_lib/CIM_Models/__init__.py rename to pytest_splunk_addon/CIM_Models/__init__.py diff --git a/pytest_splunk_addon/standard_lib/CIM_Models/datamodel_definition.py b/pytest_splunk_addon/CIM_Models/datamodel_definition.py similarity index 100% rename from pytest_splunk_addon/standard_lib/CIM_Models/datamodel_definition.py rename to pytest_splunk_addon/CIM_Models/datamodel_definition.py diff --git a/pytest_splunk_addon/standard_lib/addon_parser/__init__.py b/pytest_splunk_addon/addon_parser/__init__.py similarity index 100% rename from pytest_splunk_addon/standard_lib/addon_parser/__init__.py rename to pytest_splunk_addon/addon_parser/__init__.py diff --git a/pytest_splunk_addon/standard_lib/addon_parser/eventtype_parser.py b/pytest_splunk_addon/addon_parser/eventtype_parser.py similarity index 100% rename from pytest_splunk_addon/standard_lib/addon_parser/eventtype_parser.py rename to pytest_splunk_addon/addon_parser/eventtype_parser.py diff --git a/pytest_splunk_addon/standard_lib/addon_parser/fields.py b/pytest_splunk_addon/addon_parser/fields.py similarity index 100% rename from pytest_splunk_addon/standard_lib/addon_parser/fields.py rename to pytest_splunk_addon/addon_parser/fields.py diff --git a/pytest_splunk_addon/standard_lib/addon_parser/props_parser.py b/pytest_splunk_addon/addon_parser/props_parser.py similarity index 99% rename from pytest_splunk_addon/standard_lib/addon_parser/props_parser.py rename to pytest_splunk_addon/addon_parser/props_parser.py index c85302d3..a44e831b 100644 --- a/pytest_splunk_addon/standard_lib/addon_parser/props_parser.py +++ b/pytest_splunk_addon/addon_parser/props_parser.py @@ -28,7 +28,7 @@ from .fields import convert_to_fields from .transforms_parser import TransformsParser -from pytest_splunk_addon.standard_lib import utils +from pytest_splunk_addon import utils LOGGER = logging.getLogger("pytest-splunk-addon") diff --git a/pytest_splunk_addon/standard_lib/addon_parser/savedsearches_parser.py b/pytest_splunk_addon/addon_parser/savedsearches_parser.py similarity index 100% rename from pytest_splunk_addon/standard_lib/addon_parser/savedsearches_parser.py rename to pytest_splunk_addon/addon_parser/savedsearches_parser.py diff --git a/pytest_splunk_addon/standard_lib/addon_parser/tags_parser.py b/pytest_splunk_addon/addon_parser/tags_parser.py similarity index 100% rename from pytest_splunk_addon/standard_lib/addon_parser/tags_parser.py rename to pytest_splunk_addon/addon_parser/tags_parser.py diff --git a/pytest_splunk_addon/standard_lib/addon_parser/transforms_parser.py b/pytest_splunk_addon/addon_parser/transforms_parser.py similarity index 100% rename from pytest_splunk_addon/standard_lib/addon_parser/transforms_parser.py rename to pytest_splunk_addon/addon_parser/transforms_parser.py diff --git a/pytest_splunk_addon/standard_lib/app_test_generator.py b/pytest_splunk_addon/app_test_generator.py similarity index 100% rename from pytest_splunk_addon/standard_lib/app_test_generator.py rename to pytest_splunk_addon/app_test_generator.py diff --git a/pytest_splunk_addon/standard_lib/cim_compliance/__init__.py b/pytest_splunk_addon/cim_compliance/__init__.py similarity index 100% rename from pytest_splunk_addon/standard_lib/cim_compliance/__init__.py rename to pytest_splunk_addon/cim_compliance/__init__.py diff --git a/pytest_splunk_addon/standard_lib/cim_compliance/base_report.py b/pytest_splunk_addon/cim_compliance/base_report.py similarity index 100% rename from pytest_splunk_addon/standard_lib/cim_compliance/base_report.py rename to pytest_splunk_addon/cim_compliance/base_report.py diff --git a/pytest_splunk_addon/standard_lib/cim_compliance/base_table.py b/pytest_splunk_addon/cim_compliance/base_table.py similarity index 100% rename from pytest_splunk_addon/standard_lib/cim_compliance/base_table.py rename to pytest_splunk_addon/cim_compliance/base_table.py diff --git a/pytest_splunk_addon/standard_lib/cim_compliance/cim_report_generator.py b/pytest_splunk_addon/cim_compliance/cim_report_generator.py similarity index 100% rename from pytest_splunk_addon/standard_lib/cim_compliance/cim_report_generator.py rename to pytest_splunk_addon/cim_compliance/cim_report_generator.py diff --git a/pytest_splunk_addon/standard_lib/cim_compliance/markdown_report.py b/pytest_splunk_addon/cim_compliance/markdown_report.py similarity index 100% rename from pytest_splunk_addon/standard_lib/cim_compliance/markdown_report.py rename to pytest_splunk_addon/cim_compliance/markdown_report.py diff --git a/pytest_splunk_addon/standard_lib/cim_compliance/markdown_table.py b/pytest_splunk_addon/cim_compliance/markdown_table.py similarity index 100% rename from pytest_splunk_addon/standard_lib/cim_compliance/markdown_table.py rename to pytest_splunk_addon/cim_compliance/markdown_table.py diff --git a/pytest_splunk_addon/standard_lib/cim_compliance/plugin.py b/pytest_splunk_addon/cim_compliance/plugin.py similarity index 100% rename from pytest_splunk_addon/standard_lib/cim_compliance/plugin.py rename to pytest_splunk_addon/cim_compliance/plugin.py diff --git a/pytest_splunk_addon/standard_lib/cim_tests/CommonFields.json b/pytest_splunk_addon/cim_tests/CommonFields.json similarity index 100% rename from pytest_splunk_addon/standard_lib/cim_tests/CommonFields.json rename to pytest_splunk_addon/cim_tests/CommonFields.json diff --git a/pytest_splunk_addon/standard_lib/cim_tests/DatamodelSchema.json b/pytest_splunk_addon/cim_tests/DatamodelSchema.json similarity index 100% rename from pytest_splunk_addon/standard_lib/cim_tests/DatamodelSchema.json rename to pytest_splunk_addon/cim_tests/DatamodelSchema.json diff --git a/pytest_splunk_addon/standard_lib/cim_tests/__init__.py b/pytest_splunk_addon/cim_tests/__init__.py similarity index 100% rename from pytest_splunk_addon/standard_lib/cim_tests/__init__.py rename to pytest_splunk_addon/cim_tests/__init__.py diff --git a/pytest_splunk_addon/standard_lib/cim_tests/base_schema.py b/pytest_splunk_addon/cim_tests/base_schema.py similarity index 100% rename from pytest_splunk_addon/standard_lib/cim_tests/base_schema.py rename to pytest_splunk_addon/cim_tests/base_schema.py diff --git a/pytest_splunk_addon/standard_lib/cim_tests/data_model.py b/pytest_splunk_addon/cim_tests/data_model.py similarity index 100% rename from pytest_splunk_addon/standard_lib/cim_tests/data_model.py rename to pytest_splunk_addon/cim_tests/data_model.py diff --git a/pytest_splunk_addon/standard_lib/cim_tests/data_model_handler.py b/pytest_splunk_addon/cim_tests/data_model_handler.py similarity index 100% rename from pytest_splunk_addon/standard_lib/cim_tests/data_model_handler.py rename to pytest_splunk_addon/cim_tests/data_model_handler.py diff --git a/pytest_splunk_addon/standard_lib/cim_tests/data_set.py b/pytest_splunk_addon/cim_tests/data_set.py similarity index 100% rename from pytest_splunk_addon/standard_lib/cim_tests/data_set.py rename to pytest_splunk_addon/cim_tests/data_set.py diff --git a/pytest_splunk_addon/standard_lib/cim_tests/field_test_adapter.py b/pytest_splunk_addon/cim_tests/field_test_adapter.py similarity index 100% rename from pytest_splunk_addon/standard_lib/cim_tests/field_test_adapter.py rename to pytest_splunk_addon/cim_tests/field_test_adapter.py diff --git a/pytest_splunk_addon/standard_lib/cim_tests/field_test_helper.py b/pytest_splunk_addon/cim_tests/field_test_helper.py similarity index 100% rename from pytest_splunk_addon/standard_lib/cim_tests/field_test_helper.py rename to pytest_splunk_addon/cim_tests/field_test_helper.py diff --git a/pytest_splunk_addon/standard_lib/cim_tests/json_schema.py b/pytest_splunk_addon/cim_tests/json_schema.py similarity index 100% rename from pytest_splunk_addon/standard_lib/cim_tests/json_schema.py rename to pytest_splunk_addon/cim_tests/json_schema.py diff --git a/pytest_splunk_addon/standard_lib/cim_tests/test_generator.py b/pytest_splunk_addon/cim_tests/test_generator.py similarity index 100% rename from pytest_splunk_addon/standard_lib/cim_tests/test_generator.py rename to pytest_splunk_addon/cim_tests/test_generator.py diff --git a/pytest_splunk_addon/standard_lib/cim_tests/test_templates.py b/pytest_splunk_addon/cim_tests/test_templates.py similarity index 100% rename from pytest_splunk_addon/standard_lib/cim_tests/test_templates.py rename to pytest_splunk_addon/cim_tests/test_templates.py diff --git a/pytest_splunk_addon/standard_lib/data_models/Alerts.json b/pytest_splunk_addon/data_models/Alerts.json similarity index 100% rename from pytest_splunk_addon/standard_lib/data_models/Alerts.json rename to pytest_splunk_addon/data_models/Alerts.json diff --git a/pytest_splunk_addon/standard_lib/data_models/Authentication.json b/pytest_splunk_addon/data_models/Authentication.json similarity index 100% rename from pytest_splunk_addon/standard_lib/data_models/Authentication.json rename to pytest_splunk_addon/data_models/Authentication.json diff --git a/pytest_splunk_addon/standard_lib/data_models/Certificates.json b/pytest_splunk_addon/data_models/Certificates.json similarity index 100% rename from pytest_splunk_addon/standard_lib/data_models/Certificates.json rename to pytest_splunk_addon/data_models/Certificates.json diff --git a/pytest_splunk_addon/standard_lib/data_models/Change.json b/pytest_splunk_addon/data_models/Change.json similarity index 100% rename from pytest_splunk_addon/standard_lib/data_models/Change.json rename to pytest_splunk_addon/data_models/Change.json diff --git a/pytest_splunk_addon/standard_lib/data_models/DLP.json b/pytest_splunk_addon/data_models/DLP.json similarity index 100% rename from pytest_splunk_addon/standard_lib/data_models/DLP.json rename to pytest_splunk_addon/data_models/DLP.json diff --git a/pytest_splunk_addon/standard_lib/data_models/Email.json b/pytest_splunk_addon/data_models/Email.json similarity index 100% rename from pytest_splunk_addon/standard_lib/data_models/Email.json rename to pytest_splunk_addon/data_models/Email.json diff --git a/pytest_splunk_addon/standard_lib/data_models/Endpoint.json b/pytest_splunk_addon/data_models/Endpoint.json similarity index 100% rename from pytest_splunk_addon/standard_lib/data_models/Endpoint.json rename to pytest_splunk_addon/data_models/Endpoint.json diff --git a/pytest_splunk_addon/standard_lib/data_models/Intrusion_Detection.json b/pytest_splunk_addon/data_models/Intrusion_Detection.json similarity index 100% rename from pytest_splunk_addon/standard_lib/data_models/Intrusion_Detection.json rename to pytest_splunk_addon/data_models/Intrusion_Detection.json diff --git a/pytest_splunk_addon/standard_lib/data_models/Malware.json b/pytest_splunk_addon/data_models/Malware.json similarity index 100% rename from pytest_splunk_addon/standard_lib/data_models/Malware.json rename to pytest_splunk_addon/data_models/Malware.json diff --git a/pytest_splunk_addon/standard_lib/data_models/Network_Resolution.json b/pytest_splunk_addon/data_models/Network_Resolution.json similarity index 100% rename from pytest_splunk_addon/standard_lib/data_models/Network_Resolution.json rename to pytest_splunk_addon/data_models/Network_Resolution.json diff --git a/pytest_splunk_addon/standard_lib/data_models/Network_Sessions.json b/pytest_splunk_addon/data_models/Network_Sessions.json similarity index 100% rename from pytest_splunk_addon/standard_lib/data_models/Network_Sessions.json rename to pytest_splunk_addon/data_models/Network_Sessions.json diff --git a/pytest_splunk_addon/standard_lib/data_models/Network_Traffic.json b/pytest_splunk_addon/data_models/Network_Traffic.json similarity index 100% rename from pytest_splunk_addon/standard_lib/data_models/Network_Traffic.json rename to pytest_splunk_addon/data_models/Network_Traffic.json diff --git a/pytest_splunk_addon/standard_lib/data_models/Updates.json b/pytest_splunk_addon/data_models/Updates.json similarity index 100% rename from pytest_splunk_addon/standard_lib/data_models/Updates.json rename to pytest_splunk_addon/data_models/Updates.json diff --git a/pytest_splunk_addon/standard_lib/data_models/Vulnerabilities.json b/pytest_splunk_addon/data_models/Vulnerabilities.json similarity index 100% rename from pytest_splunk_addon/standard_lib/data_models/Vulnerabilities.json rename to pytest_splunk_addon/data_models/Vulnerabilities.json diff --git a/pytest_splunk_addon/standard_lib/data_models/Web.json b/pytest_splunk_addon/data_models/Web.json similarity index 100% rename from pytest_splunk_addon/standard_lib/data_models/Web.json rename to pytest_splunk_addon/data_models/Web.json diff --git a/pytest_splunk_addon/standard_lib/event_ingestors/__init__.py b/pytest_splunk_addon/event_ingestors/__init__.py similarity index 100% rename from pytest_splunk_addon/standard_lib/event_ingestors/__init__.py rename to pytest_splunk_addon/event_ingestors/__init__.py diff --git a/pytest_splunk_addon/standard_lib/event_ingestors/base_event_ingestor.py b/pytest_splunk_addon/event_ingestors/base_event_ingestor.py similarity index 100% rename from pytest_splunk_addon/standard_lib/event_ingestors/base_event_ingestor.py rename to pytest_splunk_addon/event_ingestors/base_event_ingestor.py diff --git a/pytest_splunk_addon/standard_lib/event_ingestors/file_monitor_ingestor.py b/pytest_splunk_addon/event_ingestors/file_monitor_ingestor.py similarity index 100% rename from pytest_splunk_addon/standard_lib/event_ingestors/file_monitor_ingestor.py rename to pytest_splunk_addon/event_ingestors/file_monitor_ingestor.py diff --git a/pytest_splunk_addon/standard_lib/event_ingestors/hec_event_ingestor.py b/pytest_splunk_addon/event_ingestors/hec_event_ingestor.py similarity index 100% rename from pytest_splunk_addon/standard_lib/event_ingestors/hec_event_ingestor.py rename to pytest_splunk_addon/event_ingestors/hec_event_ingestor.py diff --git a/pytest_splunk_addon/standard_lib/event_ingestors/hec_metric_ingestor.py b/pytest_splunk_addon/event_ingestors/hec_metric_ingestor.py similarity index 100% rename from pytest_splunk_addon/standard_lib/event_ingestors/hec_metric_ingestor.py rename to pytest_splunk_addon/event_ingestors/hec_metric_ingestor.py diff --git a/pytest_splunk_addon/standard_lib/event_ingestors/hec_raw_ingestor.py b/pytest_splunk_addon/event_ingestors/hec_raw_ingestor.py similarity index 100% rename from pytest_splunk_addon/standard_lib/event_ingestors/hec_raw_ingestor.py rename to pytest_splunk_addon/event_ingestors/hec_raw_ingestor.py diff --git a/pytest_splunk_addon/standard_lib/event_ingestors/ingestor_helper.py b/pytest_splunk_addon/event_ingestors/ingestor_helper.py similarity index 100% rename from pytest_splunk_addon/standard_lib/event_ingestors/ingestor_helper.py rename to pytest_splunk_addon/event_ingestors/ingestor_helper.py diff --git a/pytest_splunk_addon/standard_lib/event_ingestors/sc4s_event_ingestor.py b/pytest_splunk_addon/event_ingestors/sc4s_event_ingestor.py similarity index 100% rename from pytest_splunk_addon/standard_lib/event_ingestors/sc4s_event_ingestor.py rename to pytest_splunk_addon/event_ingestors/sc4s_event_ingestor.py diff --git a/pytest_splunk_addon/standard_lib/fields_tests/__init__.py b/pytest_splunk_addon/fields_tests/__init__.py similarity index 100% rename from pytest_splunk_addon/standard_lib/fields_tests/__init__.py rename to pytest_splunk_addon/fields_tests/__init__.py diff --git a/pytest_splunk_addon/standard_lib/fields_tests/field_bank.py b/pytest_splunk_addon/fields_tests/field_bank.py similarity index 100% rename from pytest_splunk_addon/standard_lib/fields_tests/field_bank.py rename to pytest_splunk_addon/fields_tests/field_bank.py diff --git a/pytest_splunk_addon/standard_lib/fields_tests/requirement_test_datamodel_tag_constants.py b/pytest_splunk_addon/fields_tests/requirement_test_datamodel_tag_constants.py similarity index 100% rename from pytest_splunk_addon/standard_lib/fields_tests/requirement_test_datamodel_tag_constants.py rename to pytest_splunk_addon/fields_tests/requirement_test_datamodel_tag_constants.py diff --git a/pytest_splunk_addon/standard_lib/fields_tests/sample_parser.py b/pytest_splunk_addon/fields_tests/sample_parser.py similarity index 100% rename from pytest_splunk_addon/standard_lib/fields_tests/sample_parser.py rename to pytest_splunk_addon/fields_tests/sample_parser.py diff --git a/pytest_splunk_addon/standard_lib/fields_tests/test_generator.py b/pytest_splunk_addon/fields_tests/test_generator.py similarity index 100% rename from pytest_splunk_addon/standard_lib/fields_tests/test_generator.py rename to pytest_splunk_addon/fields_tests/test_generator.py diff --git a/pytest_splunk_addon/standard_lib/fields_tests/test_templates.py b/pytest_splunk_addon/fields_tests/test_templates.py similarity index 100% rename from pytest_splunk_addon/standard_lib/fields_tests/test_templates.py rename to pytest_splunk_addon/fields_tests/test_templates.py diff --git a/pytest_splunk_addon/standard_lib/index_tests/__init__.py b/pytest_splunk_addon/index_tests/__init__.py similarity index 100% rename from pytest_splunk_addon/standard_lib/index_tests/__init__.py rename to pytest_splunk_addon/index_tests/__init__.py diff --git a/pytest_splunk_addon/standard_lib/index_tests/key_fields.py b/pytest_splunk_addon/index_tests/key_fields.py similarity index 100% rename from pytest_splunk_addon/standard_lib/index_tests/key_fields.py rename to pytest_splunk_addon/index_tests/key_fields.py diff --git a/pytest_splunk_addon/standard_lib/index_tests/test_generator.py b/pytest_splunk_addon/index_tests/test_generator.py similarity index 100% rename from pytest_splunk_addon/standard_lib/index_tests/test_generator.py rename to pytest_splunk_addon/index_tests/test_generator.py diff --git a/pytest_splunk_addon/standard_lib/index_tests/test_templates.py b/pytest_splunk_addon/index_tests/test_templates.py similarity index 100% rename from pytest_splunk_addon/standard_lib/index_tests/test_templates.py rename to pytest_splunk_addon/index_tests/test_templates.py diff --git a/pytest_splunk_addon/plugin.py b/pytest_splunk_addon/plugin.py index 3acec80e..5b136c27 100644 --- a/pytest_splunk_addon/plugin.py +++ b/pytest_splunk_addon/plugin.py @@ -15,10 +15,11 @@ # import logging import pytest -from .standard_lib.sample_generation.sample_xdist_generator import SampleXdistGenerator + +from .app_test_generator import AppTestGenerator +from .sample_generation.sample_xdist_generator import SampleXdistGenerator import traceback -from .standard_lib import AppTestGenerator -from .standard_lib.cim_compliance import CIMReportPlugin +from .cim_compliance import CIMReportPlugin from filelock import FileLock LOG_FILE = "pytest_splunk_addon.log" diff --git a/pytest_splunk_addon/standard_lib/sample_generation/__init__.py b/pytest_splunk_addon/sample_generation/__init__.py similarity index 100% rename from pytest_splunk_addon/standard_lib/sample_generation/__init__.py rename to pytest_splunk_addon/sample_generation/__init__.py diff --git a/pytest_splunk_addon/standard_lib/sample_generation/pytest_splunk_addon_data_parser.py b/pytest_splunk_addon/sample_generation/pytest_splunk_addon_data_parser.py similarity index 100% rename from pytest_splunk_addon/standard_lib/sample_generation/pytest_splunk_addon_data_parser.py rename to pytest_splunk_addon/sample_generation/pytest_splunk_addon_data_parser.py diff --git a/pytest_splunk_addon/standard_lib/sample_generation/rule.py b/pytest_splunk_addon/sample_generation/rule.py similarity index 100% rename from pytest_splunk_addon/standard_lib/sample_generation/rule.py rename to pytest_splunk_addon/sample_generation/rule.py diff --git a/pytest_splunk_addon/standard_lib/sample_generation/sample_event.py b/pytest_splunk_addon/sample_generation/sample_event.py similarity index 100% rename from pytest_splunk_addon/standard_lib/sample_generation/sample_event.py rename to pytest_splunk_addon/sample_generation/sample_event.py diff --git a/pytest_splunk_addon/standard_lib/sample_generation/sample_generator.py b/pytest_splunk_addon/sample_generation/sample_generator.py similarity index 100% rename from pytest_splunk_addon/standard_lib/sample_generation/sample_generator.py rename to pytest_splunk_addon/sample_generation/sample_generator.py diff --git a/pytest_splunk_addon/standard_lib/sample_generation/sample_stanza.py b/pytest_splunk_addon/sample_generation/sample_stanza.py similarity index 100% rename from pytest_splunk_addon/standard_lib/sample_generation/sample_stanza.py rename to pytest_splunk_addon/sample_generation/sample_stanza.py diff --git a/pytest_splunk_addon/standard_lib/sample_generation/sample_xdist_generator.py b/pytest_splunk_addon/sample_generation/sample_xdist_generator.py similarity index 99% rename from pytest_splunk_addon/standard_lib/sample_generation/sample_xdist_generator.py rename to pytest_splunk_addon/sample_generation/sample_xdist_generator.py index b17427b6..7f797146 100644 --- a/pytest_splunk_addon/standard_lib/sample_generation/sample_xdist_generator.py +++ b/pytest_splunk_addon/sample_generation/sample_xdist_generator.py @@ -20,7 +20,7 @@ import json import pytest -from pytest_splunk_addon.standard_lib import utils +from pytest_splunk_addon import utils class SampleXdistGenerator: diff --git a/pytest_splunk_addon/standard_lib/sample_generation/schema.xsd b/pytest_splunk_addon/sample_generation/schema.xsd similarity index 100% rename from pytest_splunk_addon/standard_lib/sample_generation/schema.xsd rename to pytest_splunk_addon/sample_generation/schema.xsd diff --git a/pytest_splunk_addon/standard_lib/sample_generation/time_parser.py b/pytest_splunk_addon/sample_generation/time_parser.py similarity index 100% rename from pytest_splunk_addon/standard_lib/sample_generation/time_parser.py rename to pytest_splunk_addon/sample_generation/time_parser.py diff --git a/pytest_splunk_addon/splunk.py b/pytest_splunk_addon/splunk.py index 271c998f..0bcd046d 100644 --- a/pytest_splunk_addon/splunk.py +++ b/pytest_splunk_addon/splunk.py @@ -26,13 +26,13 @@ from splunksplwrapper.manager.jobs import Jobs from splunksplwrapper.splunk.cloud import CloudSplunk from splunksplwrapper.SearchUtil import SearchUtil -from .standard_lib.event_ingestors import IngestorHelper +from .event_ingestors import IngestorHelper from .docker_class import Services -from .standard_lib.CIM_Models.datamodel_definition import datamodels +from .CIM_Models.datamodel_definition import datamodels import configparser from filelock import FileLock -from pytest_splunk_addon.standard_lib import utils +from pytest_splunk_addon import utils RESPONSIVE_SPLUNK_TIMEOUT = 300 # seconds diff --git a/pytest_splunk_addon/standard_lib/__init__.py b/pytest_splunk_addon/standard_lib/__init__.py deleted file mode 100644 index 04f9b8dc..00000000 --- a/pytest_splunk_addon/standard_lib/__init__.py +++ /dev/null @@ -1,37 +0,0 @@ -# -# Copyright 2024 Splunk Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# -*- coding: utf-8 -*- -""" -There are 3 types of tests included: - -1. Knowledge objects test cases -2. CIM Compatibility test cases -3. Index Time test cases - - -The test generation mechanism is divided into 3 types of class - -1. Tests: Test templates -2. TestGenerator: Generates the test cases using pytest.params -3. SampleGenerator: Generates the data for which the test cases will be executed. -4. EventIngestor: Ingests the generated data to Splunk. -5. Other utility classes like Add-on parser & Data model handlers. - -""" - -from .app_test_generator import AppTestGenerator -from .addon_basic import Basic -from .utilities import escape_char_event diff --git a/pytest_splunk_addon/standard_lib/addon_basic.py b/pytest_splunk_addon/standard_lib/addon_basic.py index 756f576b..8e29872c 100644 --- a/pytest_splunk_addon/standard_lib/addon_basic.py +++ b/pytest_splunk_addon/standard_lib/addon_basic.py @@ -19,10 +19,10 @@ field extractions and CIM compatibility. """ -from .fields_tests import FieldTestTemplates -from .cim_tests import CIMTestTemplates -from .index_tests import IndexTimeTestTemplate -from .utilities.log_helper import get_table_output +from ..fields_tests import FieldTestTemplates +from ..cim_tests import CIMTestTemplates +from ..index_tests import IndexTimeTestTemplate +from ..utilities.log_helper import get_table_output import pytest diff --git a/pytest_splunk_addon/tools/cim_field_report.py b/pytest_splunk_addon/tools/cim_field_report.py index f9d24560..b5a55a35 100644 --- a/pytest_splunk_addon/tools/cim_field_report.py +++ b/pytest_splunk_addon/tools/cim_field_report.py @@ -25,7 +25,7 @@ from splunksplwrapper.manager.jobs import Jobs from splunksplwrapper.splunk.cloud import CloudSplunk -from pytest_splunk_addon.standard_lib.addon_parser import AddonParser +from pytest_splunk_addon.addon_parser import AddonParser from splunklib import binding diff --git a/pytest_splunk_addon/standard_lib/utilities/__init__.py b/pytest_splunk_addon/utilities/__init__.py similarity index 100% rename from pytest_splunk_addon/standard_lib/utilities/__init__.py rename to pytest_splunk_addon/utilities/__init__.py diff --git a/pytest_splunk_addon/standard_lib/utilities/junit_parser.py b/pytest_splunk_addon/utilities/junit_parser.py similarity index 100% rename from pytest_splunk_addon/standard_lib/utilities/junit_parser.py rename to pytest_splunk_addon/utilities/junit_parser.py diff --git a/pytest_splunk_addon/standard_lib/utilities/log_helper.py b/pytest_splunk_addon/utilities/log_helper.py similarity index 100% rename from pytest_splunk_addon/standard_lib/utilities/log_helper.py rename to pytest_splunk_addon/utilities/log_helper.py diff --git a/pytest_splunk_addon/standard_lib/utilities/sample_splitter.py b/pytest_splunk_addon/utilities/sample_splitter.py similarity index 100% rename from pytest_splunk_addon/standard_lib/utilities/sample_splitter.py rename to pytest_splunk_addon/utilities/sample_splitter.py diff --git a/pytest_splunk_addon/standard_lib/utilities/xml_event_parser.py b/pytest_splunk_addon/utilities/xml_event_parser.py similarity index 100% rename from pytest_splunk_addon/standard_lib/utilities/xml_event_parser.py rename to pytest_splunk_addon/utilities/xml_event_parser.py diff --git a/pytest_splunk_addon/standard_lib/utils.py b/pytest_splunk_addon/utils.py similarity index 100% rename from pytest_splunk_addon/standard_lib/utils.py rename to pytest_splunk_addon/utils.py diff --git a/tests/e2e/test_cim_report.py b/tests/e2e/test_cim_report.py index 8c6fdef0..7612d12b 100644 --- a/tests/e2e/test_cim_report.py +++ b/tests/e2e/test_cim_report.py @@ -1,7 +1,7 @@ import pytest import os -from pytest_splunk_addon.standard_lib.cim_compliance import CIMReportGenerator +from pytest_splunk_addon.cim_compliance import CIMReportGenerator class TestCIMReport(object): diff --git a/tests/e2e/test_splunk_addon.py b/tests/e2e/test_splunk_addon.py index be4a131c..a9582041 100644 --- a/tests/e2e/test_splunk_addon.py +++ b/tests/e2e/test_splunk_addon.py @@ -4,7 +4,7 @@ import logging import pytest from tests.e2e import constants -from pytest_splunk_addon.standard_lib.sample_generation import SampleGenerator, Rule +from pytest_splunk_addon.sample_generation import SampleGenerator, Rule logger = logging.getLogger("test_pytest_splunk_addon") diff --git a/tests/unit/tests_standard_lib/test_addon_parser/test_eventtype_parser.py b/tests/unit/tests_standard_lib/test_addon_parser/test_eventtype_parser.py index 2b826848..313deded 100644 --- a/tests/unit/tests_standard_lib/test_addon_parser/test_eventtype_parser.py +++ b/tests/unit/tests_standard_lib/test_addon_parser/test_eventtype_parser.py @@ -1,5 +1,5 @@ from unittest.mock import patch, mock_open -from pytest_splunk_addon.standard_lib.addon_parser.eventtype_parser import ( +from pytest_splunk_addon.addon_parser.eventtype_parser import ( EventTypeParser, ) diff --git a/tests/unit/tests_standard_lib/test_addon_parser/test_fields.py b/tests/unit/tests_standard_lib/test_addon_parser/test_fields.py index 4da3850b..0209aa0c 100644 --- a/tests/unit/tests_standard_lib/test_addon_parser/test_fields.py +++ b/tests/unit/tests_standard_lib/test_addon_parser/test_fields.py @@ -1,7 +1,7 @@ import pytest from unittest.mock import MagicMock, call -from pytest_splunk_addon.standard_lib.addon_parser.fields import ( +from pytest_splunk_addon.addon_parser.fields import ( Field, convert_to_fields, ) @@ -53,9 +53,7 @@ def default_field(field_json): def field_mock(monkeypatch): field_mock = MagicMock() field_mock.return_value = TEST_VALUE - monkeypatch.setattr( - "pytest_splunk_addon.standard_lib.addon_parser.fields.Field", field_mock - ) + monkeypatch.setattr("pytest_splunk_addon.addon_parser.fields.Field", field_mock) return field_mock diff --git a/tests/unit/tests_standard_lib/test_addon_parser/test_props_parser.py b/tests/unit/tests_standard_lib/test_addon_parser/test_props_parser.py index b7204478..1b27d35a 100644 --- a/tests/unit/tests_standard_lib/test_addon_parser/test_props_parser.py +++ b/tests/unit/tests_standard_lib/test_addon_parser/test_props_parser.py @@ -2,10 +2,10 @@ import pytest -from pytest_splunk_addon.standard_lib.addon_parser.props_parser import ( +from pytest_splunk_addon.addon_parser.props_parser import ( PropsParser, ) -from pytest_splunk_addon.standard_lib.addon_parser.fields import Field +from pytest_splunk_addon.addon_parser.fields import Field @pytest.fixture() diff --git a/tests/unit/tests_standard_lib/test_addon_parser/test_pytest_addon_init.py b/tests/unit/tests_standard_lib/test_addon_parser/test_pytest_addon_init.py index 037138f1..84ff2a20 100644 --- a/tests/unit/tests_standard_lib/test_addon_parser/test_pytest_addon_init.py +++ b/tests/unit/tests_standard_lib/test_addon_parser/test_pytest_addon_init.py @@ -8,7 +8,7 @@ EVENTTYPE_RETURN_VALUE = "Eventtype_return_value" SAVEDSEARCH_RETURN_VALUE = "Savedsearch_return_value" TEST_VALUE = "Test_value" -ADDON_PARSER_PATH = "pytest_splunk_addon.standard_lib.addon_parser" +ADDON_PARSER_PATH = "pytest_splunk_addon.addon_parser" @pytest.fixture @@ -24,10 +24,10 @@ def addonparser(): tags_mock.return_value = TAGS_RETURN_VALUE eventtype_mock.return_value = EVENTTYPE_RETURN_VALUE savedsearch_mock.return_value = SAVEDSEARCH_RETURN_VALUE - import pytest_splunk_addon.standard_lib.addon_parser + import pytest_splunk_addon.addon_parser - importlib.reload(pytest_splunk_addon.standard_lib.addon_parser) - return pytest_splunk_addon.standard_lib.addon_parser.AddonParser + importlib.reload(pytest_splunk_addon.addon_parser) + return pytest_splunk_addon.addon_parser.AddonParser def test_addonparser_init(addonparser): diff --git a/tests/unit/tests_standard_lib/test_addon_parser/test_savedsearches_parser.py b/tests/unit/tests_standard_lib/test_addon_parser/test_savedsearches_parser.py index b1ea73e3..93438054 100644 --- a/tests/unit/tests_standard_lib/test_addon_parser/test_savedsearches_parser.py +++ b/tests/unit/tests_standard_lib/test_addon_parser/test_savedsearches_parser.py @@ -1,5 +1,5 @@ from unittest.mock import patch, mock_open -from pytest_splunk_addon.standard_lib.addon_parser.savedsearches_parser import ( +from pytest_splunk_addon.addon_parser.savedsearches_parser import ( SavedSearchParser, ) diff --git a/tests/unit/tests_standard_lib/test_addon_parser/test_tags_parser.py b/tests/unit/tests_standard_lib/test_addon_parser/test_tags_parser.py index 3d66b642..530dc280 100644 --- a/tests/unit/tests_standard_lib/test_addon_parser/test_tags_parser.py +++ b/tests/unit/tests_standard_lib/test_addon_parser/test_tags_parser.py @@ -3,7 +3,7 @@ import pytest -from pytest_splunk_addon.standard_lib.addon_parser.tags_parser import ( +from pytest_splunk_addon.addon_parser.tags_parser import ( TagsParser, ) diff --git a/tests/unit/tests_standard_lib/test_addon_parser/test_transforms_parser.py b/tests/unit/tests_standard_lib/test_addon_parser/test_transforms_parser.py index dba60a1c..18d6497c 100644 --- a/tests/unit/tests_standard_lib/test_addon_parser/test_transforms_parser.py +++ b/tests/unit/tests_standard_lib/test_addon_parser/test_transforms_parser.py @@ -4,10 +4,10 @@ from unittest.mock import patch, mock_open from collections import namedtuple -from pytest_splunk_addon.standard_lib.addon_parser.transforms_parser import ( +from pytest_splunk_addon.addon_parser.transforms_parser import ( TransformsParser, ) -from pytest_splunk_addon.standard_lib.addon_parser.fields import Field +from pytest_splunk_addon.addon_parser.fields import Field @pytest.mark.parametrize( diff --git a/tests/unit/tests_standard_lib/test_app_test_generator.py b/tests/unit/tests_standard_lib/test_app_test_generator.py index 03d91036..a22821e9 100644 --- a/tests/unit/tests_standard_lib/test_app_test_generator.py +++ b/tests/unit/tests_standard_lib/test_app_test_generator.py @@ -1,9 +1,9 @@ import pytest from unittest.mock import patch from collections import namedtuple -from pytest_splunk_addon.standard_lib.app_test_generator import AppTestGenerator +from pytest_splunk_addon.app_test_generator import AppTestGenerator -module = "pytest_splunk_addon.standard_lib.app_test_generator" +module = "pytest_splunk_addon.app_test_generator" config = { "splunk_app": "fake_app", "field_bank": "fake_field_bank", diff --git a/tests/unit/tests_standard_lib/test_cim_compliance/test_cim_report_generator.py b/tests/unit/tests_standard_lib/test_cim_compliance/test_cim_report_generator.py index 55b170d2..95085ba6 100644 --- a/tests/unit/tests_standard_lib/test_cim_compliance/test_cim_report_generator.py +++ b/tests/unit/tests_standard_lib/test_cim_compliance/test_cim_report_generator.py @@ -1,7 +1,7 @@ import pytest from unittest.mock import MagicMock, patch, call from collections import Counter -from pytest_splunk_addon.standard_lib.cim_compliance.cim_report_generator import ( +from pytest_splunk_addon.cim_compliance.cim_report_generator import ( CIMReportGenerator, NOT_SUPPORTED_DATAMODELS, ) @@ -20,7 +20,7 @@ def markdown_table_mock(monkeypatch): mdt.return_value = mdt mdt.return_table_str.return_value = "| table |" monkeypatch.setattr( - "pytest_splunk_addon.standard_lib.cim_compliance.cim_report_generator.MarkdownTable", + "pytest_splunk_addon.cim_compliance.cim_report_generator.MarkdownTable", mdt, ) return mdt diff --git a/tests/unit/tests_standard_lib/test_cim_compliance/test_markdown_report.py b/tests/unit/tests_standard_lib/test_cim_compliance/test_markdown_report.py index 70cf0f49..5fd34cde 100644 --- a/tests/unit/tests_standard_lib/test_cim_compliance/test_markdown_report.py +++ b/tests/unit/tests_standard_lib/test_cim_compliance/test_markdown_report.py @@ -1,6 +1,6 @@ import pytest from unittest.mock import call -from pytest_splunk_addon.standard_lib.cim_compliance.markdown_report import ( +from pytest_splunk_addon.cim_compliance.markdown_report import ( MarkDownReport, ) diff --git a/tests/unit/tests_standard_lib/test_cim_compliance/test_markdown_table.py b/tests/unit/tests_standard_lib/test_cim_compliance/test_markdown_table.py index 64814267..48c34898 100644 --- a/tests/unit/tests_standard_lib/test_cim_compliance/test_markdown_table.py +++ b/tests/unit/tests_standard_lib/test_cim_compliance/test_markdown_table.py @@ -1,6 +1,6 @@ import pytest from unittest.mock import patch -from pytest_splunk_addon.standard_lib.cim_compliance.markdown_table import MarkdownTable +from pytest_splunk_addon.cim_compliance.markdown_table import MarkdownTable @pytest.fixture() diff --git a/tests/unit/tests_standard_lib/test_cim_compliance/test_plugin.py b/tests/unit/tests_standard_lib/test_cim_compliance/test_plugin.py index a0d674e2..d1a6df3e 100644 --- a/tests/unit/tests_standard_lib/test_cim_compliance/test_plugin.py +++ b/tests/unit/tests_standard_lib/test_cim_compliance/test_plugin.py @@ -1,7 +1,7 @@ import pytest from unittest.mock import MagicMock, call from collections import namedtuple -from pytest_splunk_addon.standard_lib.cim_compliance.plugin import CIMReportPlugin +from pytest_splunk_addon.cim_compliance.plugin import CIMReportPlugin config = namedtuple("Config", ["getoption"]) cim_config = config(getoption=lambda x: f"path_{x}") @@ -55,7 +55,7 @@ def cim_report_generator_mock(monkeypatch): crg = MagicMock() crg.return_value = crg monkeypatch.setattr( - "pytest_splunk_addon.standard_lib.cim_compliance.plugin.CIMReportGenerator", + "pytest_splunk_addon.cim_compliance.plugin.CIMReportGenerator", crg, ) return crg diff --git a/tests/unit/tests_standard_lib/test_cim_tests/test_data_model.py b/tests/unit/tests_standard_lib/test_cim_tests/test_data_model.py index bd7eae02..f22f7b9a 100644 --- a/tests/unit/tests_standard_lib/test_cim_tests/test_data_model.py +++ b/tests/unit/tests_standard_lib/test_cim_tests/test_data_model.py @@ -1,7 +1,7 @@ import pytest from unittest.mock import patch, MagicMock, call from collections import namedtuple -from pytest_splunk_addon.standard_lib.cim_tests.data_model import DataModel +from pytest_splunk_addon.cim_tests.data_model import DataModel @pytest.fixture() @@ -10,7 +10,7 @@ def data_set_mock(monkeypatch): data_set_mock.return_value = data_set_mock data_set_mock.load_dataset.return_value = ["dataset1", "dataset2"] monkeypatch.setattr( - "pytest_splunk_addon.standard_lib.cim_tests.data_model.DataSet", data_set_mock + "pytest_splunk_addon.cim_tests.data_model.DataSet", data_set_mock ) return data_set_mock diff --git a/tests/unit/tests_standard_lib/test_cim_tests/test_data_model_handler.py b/tests/unit/tests_standard_lib/test_cim_tests/test_data_model_handler.py index 1c51c7ca..66a14379 100644 --- a/tests/unit/tests_standard_lib/test_cim_tests/test_data_model_handler.py +++ b/tests/unit/tests_standard_lib/test_cim_tests/test_data_model_handler.py @@ -1,7 +1,7 @@ import pytest from unittest.mock import MagicMock, call, patch, PropertyMock from collections import namedtuple -from pytest_splunk_addon.standard_lib.cim_tests.data_model_handler import ( +from pytest_splunk_addon.cim_tests.data_model_handler import ( DataModelHandler, ) @@ -19,7 +19,7 @@ def data_model_mock(monkeypatch): dm = MagicMock() dm.side_effect = ["data_model_instance_1", "data_model_instance_2"] monkeypatch.setattr( - "pytest_splunk_addon.standard_lib.cim_tests.data_model_handler.DataModel", dm + "pytest_splunk_addon.cim_tests.data_model_handler.DataModel", dm ) return dm @@ -29,7 +29,7 @@ def json_schema_mock(monkeypatch): js = MagicMock() js.parse_data_model.side_effect = ["parsed_data_model_1", "parsed_data_model_2"] monkeypatch.setattr( - "pytest_splunk_addon.standard_lib.cim_tests.data_model_handler.JSONSchema", js + "pytest_splunk_addon.cim_tests.data_model_handler.JSONSchema", js ) return js diff --git a/tests/unit/tests_standard_lib/test_cim_tests/test_data_set.py b/tests/unit/tests_standard_lib/test_cim_tests/test_data_set.py index 885ba5d1..4b556388 100644 --- a/tests/unit/tests_standard_lib/test_cim_tests/test_data_set.py +++ b/tests/unit/tests_standard_lib/test_cim_tests/test_data_set.py @@ -1,14 +1,14 @@ import pytest from unittest.mock import patch, call from collections import namedtuple -from pytest_splunk_addon.standard_lib.cim_tests.data_set import DataSet +from pytest_splunk_addon.cim_tests.data_set import DataSet field = namedtuple("Field", ["name"]) @pytest.fixture() def mocked_dataset_constructor(): - from pytest_splunk_addon.standard_lib.cim_tests.data_set import Field + from pytest_splunk_addon.cim_tests.data_set import Field with patch.object( DataSet, "load_dataset", return_value=("child_dataset1", "child_dataset2") diff --git a/tests/unit/tests_standard_lib/test_cim_tests/test_field_test_adapter.py b/tests/unit/tests_standard_lib/test_cim_tests/test_field_test_adapter.py index 089ee533..938cafca 100644 --- a/tests/unit/tests_standard_lib/test_cim_tests/test_field_test_adapter.py +++ b/tests/unit/tests_standard_lib/test_cim_tests/test_field_test_adapter.py @@ -1,6 +1,6 @@ import pytest from unittest.mock import MagicMock, patch -from pytest_splunk_addon.standard_lib.cim_tests.field_test_adapter import ( +from pytest_splunk_addon.cim_tests.field_test_adapter import ( FieldTestAdapter, ) @@ -8,9 +8,7 @@ @pytest.fixture() def field_mock(monkeypatch): field = MagicMock() - monkeypatch.setattr( - "pytest_splunk_addon.standard_lib.cim_tests.field_test_adapter.Field", field - ) + monkeypatch.setattr("pytest_splunk_addon.cim_tests.field_test_adapter.Field", field) return field diff --git a/tests/unit/tests_standard_lib/test_cim_tests/test_field_test_helper.py b/tests/unit/tests_standard_lib/test_cim_tests/test_field_test_helper.py index 73aac1ea..e3f10625 100644 --- a/tests/unit/tests_standard_lib/test_cim_tests/test_field_test_helper.py +++ b/tests/unit/tests_standard_lib/test_cim_tests/test_field_test_helper.py @@ -1,8 +1,8 @@ import pytest from unittest.mock import patch, MagicMock from collections import namedtuple -from pytest_splunk_addon.standard_lib.cim_tests.field_test_helper import FieldTestHelper -from pytest_splunk_addon.standard_lib.utilities.log_helper import get_table_output +from pytest_splunk_addon.cim_tests.field_test_helper import FieldTestHelper +from pytest_splunk_addon.utilities.log_helper import get_table_output field = namedtuple( @@ -26,7 +26,7 @@ def field_test_adapter_mock(monkeypatch): fta_mock.VALID_FIELD_COUNT = "{}_valid_count" fta_mock.INVALID_FIELD_VALUES = "{}_invalid_values" monkeypatch.setattr( - "pytest_splunk_addon.standard_lib.cim_tests.field_test_helper.FieldTestAdapter", + "pytest_splunk_addon.cim_tests.field_test_helper.FieldTestAdapter", fta_mock, ) @@ -285,7 +285,7 @@ def table_output(headers, value_list): return output with patch( - "pytest_splunk_addon.standard_lib.cim_tests.field_test_helper.get_table_output", + "pytest_splunk_addon.cim_tests.field_test_helper.get_table_output", side_effect=table_output, ): assert mocked_field_test_helper.format_exc_message() == expected_output diff --git a/tests/unit/tests_standard_lib/test_cim_tests/test_json_schema.py b/tests/unit/tests_standard_lib/test_cim_tests/test_json_schema.py index 74bc2aa3..8476515f 100644 --- a/tests/unit/tests_standard_lib/test_cim_tests/test_json_schema.py +++ b/tests/unit/tests_standard_lib/test_cim_tests/test_json_schema.py @@ -1,7 +1,7 @@ import pytest from unittest.mock import mock_open, MagicMock, patch from collections import namedtuple -from pytest_splunk_addon.standard_lib.cim_tests.json_schema import JSONSchema +from pytest_splunk_addon.cim_tests.json_schema import JSONSchema error = namedtuple("ValidationError", ["path", "instance", "message"]) @@ -9,9 +9,7 @@ @pytest.fixture() def validator_mock(monkeypatch): - with patch( - "pytest_splunk_addon.standard_lib.cim_tests.json_schema.Draft7Validator" - ): + with patch("pytest_splunk_addon.cim_tests.json_schema.Draft7Validator"): yield @@ -36,7 +34,7 @@ def validator_mock_with_error(request): d7v_mock.return_value = d7v_mock d7v_mock.iter_errors.return_value = request.param[0] with patch( - "pytest_splunk_addon.standard_lib.cim_tests.json_schema.Draft7Validator", + "pytest_splunk_addon.cim_tests.json_schema.Draft7Validator", d7v_mock, ): yield request.param[1] @@ -51,7 +49,7 @@ def validator_mock_raises_decode_error(): from json.decoder import JSONDecodeError with patch( - "pytest_splunk_addon.standard_lib.cim_tests.json_schema.Draft7Validator", + "pytest_splunk_addon.cim_tests.json_schema.Draft7Validator", MagicMock(side_effect=JSONDecodeError("error", doc, 9)), ): yield diff --git a/tests/unit/tests_standard_lib/test_cim_tests/test_test_generator.py b/tests/unit/tests_standard_lib/test_cim_tests/test_test_generator.py index ab5485e6..2f5758d6 100644 --- a/tests/unit/tests_standard_lib/test_cim_tests/test_test_generator.py +++ b/tests/unit/tests_standard_lib/test_cim_tests/test_test_generator.py @@ -1,7 +1,7 @@ import pytest from unittest.mock import patch, MagicMock from collections import namedtuple -from pytest_splunk_addon.standard_lib.cim_tests.test_generator import CIMTestGenerator +from pytest_splunk_addon.cim_tests.test_generator import CIMTestGenerator field = namedtuple("Field", ["type", "name"], defaults=["", ""]) data_set = namedtuple("DataSet", ["fields", "fields_cluster"]) @@ -28,9 +28,7 @@ def mocked_cim_test_generator(): @pytest.fixture() def field_mock(monkeypatch): field = MagicMock() - monkeypatch.setattr( - "pytest_splunk_addon.standard_lib.cim_tests.test_generator.Field", field - ) + monkeypatch.setattr("pytest_splunk_addon.cim_tests.test_generator.Field", field) return field @@ -88,10 +86,10 @@ def fake_addon_parser(): ) def test_cim_test_generator_instantiation(args): with patch( - "pytest_splunk_addon.standard_lib.cim_tests.test_generator.DataModelHandler", + "pytest_splunk_addon.cim_tests.test_generator.DataModelHandler", return_value="DATA_MODEL_HANDLER_RETURN_VALUE", ) as dtm_mock, patch( - "pytest_splunk_addon.standard_lib.cim_tests.test_generator.AddonParser", + "pytest_splunk_addon.cim_tests.test_generator.AddonParser", return_value="ADDON_PARSER_RETURN_VALUE", ) as ap_mock: cim = CIMTestGenerator(*args) @@ -102,7 +100,7 @@ def test_cim_test_generator_instantiation(args): if len(args) == 3: assert cim.test_field_type == ["required", "conditional"] assert ( - "pytest_splunk_addon/standard_lib/cim_tests/CommonFields.json" + "pytest_splunk_addon/cim_tests/CommonFields.json" in cim.common_fields_path ) else: diff --git a/tests/unit/tests_standard_lib/test_event_ingestors/test_file_monitor_ingestor.py b/tests/unit/tests_standard_lib/test_event_ingestors/test_file_monitor_ingestor.py index 293e662a..fd94f41e 100644 --- a/tests/unit/tests_standard_lib/test_event_ingestors/test_file_monitor_ingestor.py +++ b/tests/unit/tests_standard_lib/test_event_ingestors/test_file_monitor_ingestor.py @@ -4,11 +4,11 @@ from requests.exceptions import ConnectionError from collections import namedtuple from os import sep as os_sep -from pytest_splunk_addon.standard_lib.event_ingestors.file_monitor_ingestor import ( +from pytest_splunk_addon.event_ingestors.file_monitor_ingestor import ( FileMonitorEventIngestor, ) -file_name = "pytest_splunk_addon.standard_lib.event_ingestors.file_monitor_ingestor" +file_name = "pytest_splunk_addon.event_ingestors.file_monitor_ingestor" required_config = { "uf_host": "localhost", "uf_port": "8888", diff --git a/tests/unit/tests_standard_lib/test_event_ingestors/test_hec_event_metric_raw_ingestor.py b/tests/unit/tests_standard_lib/test_event_ingestors/test_hec_event_metric_raw_ingestor.py index bf2083c2..247156d7 100644 --- a/tests/unit/tests_standard_lib/test_event_ingestors/test_hec_event_metric_raw_ingestor.py +++ b/tests/unit/tests_standard_lib/test_event_ingestors/test_hec_event_metric_raw_ingestor.py @@ -1,11 +1,11 @@ import pytest -from pytest_splunk_addon.standard_lib.event_ingestors.hec_event_ingestor import ( +from pytest_splunk_addon.event_ingestors.hec_event_ingestor import ( HECEventIngestor, ) -from pytest_splunk_addon.standard_lib.event_ingestors.hec_metric_ingestor import ( +from pytest_splunk_addon.event_ingestors.hec_metric_ingestor import ( HECMetricEventIngestor, ) -from pytest_splunk_addon.standard_lib.event_ingestors.hec_raw_ingestor import ( +from pytest_splunk_addon.event_ingestors.hec_raw_ingestor import ( HECRawEventIngestor, ) from urllib.parse import unquote diff --git a/tests/unit/tests_standard_lib/test_event_ingestors/test_ingestor_helper.py b/tests/unit/tests_standard_lib/test_event_ingestors/test_ingestor_helper.py index 63fe7216..3d9a37dc 100644 --- a/tests/unit/tests_standard_lib/test_event_ingestors/test_ingestor_helper.py +++ b/tests/unit/tests_standard_lib/test_event_ingestors/test_ingestor_helper.py @@ -1,10 +1,10 @@ import importlib import pytest from unittest.mock import patch, MagicMock, call -import pytest_splunk_addon.standard_lib.event_ingestors as event_ingestors +import pytest_splunk_addon.event_ingestors as event_ingestors -EVENT_INGESTOR_PATH = "pytest_splunk_addon.standard_lib.event_ingestors" +EVENT_INGESTOR_PATH = "pytest_splunk_addon.event_ingestors" HEC_EVENT_INGESTOR_RETURN_VALUE = "hec_event_ingestor_return_value" HEC_RAW_EVENT_INGESTOR_RETURN_VALUE = "hec_raw_event_ingestor_return_value" HEC_METRIC_EVENT_INGESTOR_RETURN_VALUE = "hec_metric_event_ingestor_return_value" @@ -66,7 +66,7 @@ def sample_mock(monkeypatch, tokenized_events): "tokenized_events": tokenized_events, } monkeypatch.setattr( - "pytest_splunk_addon.standard_lib.event_ingestors.ingestor_helper.SampleXdistGenerator", + "pytest_splunk_addon.event_ingestors.ingestor_helper.SampleXdistGenerator", sample_mock, ) return sample_mock @@ -78,7 +78,7 @@ def requirement_mock(monkeypatch, requirement_events): req_mock.return_value = req_mock req_mock.get_events.return_value = requirement_events monkeypatch.setattr( - "pytest_splunk_addon.standard_lib.event_ingestors.ingestor_helper.RequirementEventIngestor", + "pytest_splunk_addon.event_ingestors.ingestor_helper.RequirementEventIngestor", req_mock, ) return req_mock diff --git a/tests/unit/tests_standard_lib/test_event_ingestors/test_sc4s_event_ingestor.py b/tests/unit/tests_standard_lib/test_event_ingestors/test_sc4s_event_ingestor.py index 5da8476f..0e4246e1 100644 --- a/tests/unit/tests_standard_lib/test_event_ingestors/test_sc4s_event_ingestor.py +++ b/tests/unit/tests_standard_lib/test_event_ingestors/test_sc4s_event_ingestor.py @@ -1,6 +1,6 @@ import pytest from unittest.mock import MagicMock, call -from pytest_splunk_addon.standard_lib.event_ingestors.sc4s_event_ingestor import ( +from pytest_splunk_addon.event_ingestors.sc4s_event_ingestor import ( SC4SEventIngestor, ) @@ -39,7 +39,7 @@ def socket_mock(monkeypatch): @pytest.fixture() def sleep_mock(monkeypatch): monkeypatch.setattr( - "pytest_splunk_addon.standard_lib.event_ingestors.sc4s_event_ingestor.sleep", + "pytest_splunk_addon.event_ingestors.sc4s_event_ingestor.sleep", MagicMock(), ) diff --git a/tests/unit/tests_standard_lib/test_fields_tests/test_field_bank.py b/tests/unit/tests_standard_lib/test_fields_tests/test_field_bank.py index 256e1ed0..55e43fbd 100644 --- a/tests/unit/tests_standard_lib/test_fields_tests/test_field_bank.py +++ b/tests/unit/tests_standard_lib/test_fields_tests/test_field_bank.py @@ -1,15 +1,13 @@ import pytest from unittest.mock import MagicMock -from pytest_splunk_addon.standard_lib.fields_tests.field_bank import FieldBank +from pytest_splunk_addon.fields_tests.field_bank import FieldBank @pytest.fixture() def field_mock(monkeypatch): field_mock = MagicMock() field_mock.parse_fields.return_value = ["field1", "field_3"] - monkeypatch.setattr( - "pytest_splunk_addon.standard_lib.fields_tests.field_bank.Field", field_mock - ) + monkeypatch.setattr("pytest_splunk_addon.fields_tests.field_bank.Field", field_mock) return field_mock @@ -18,7 +16,7 @@ def props_parser_mock(monkeypatch): props_parser_mock = MagicMock() props_parser_mock.get_list_of_sources.return_value = ["utility.log", "sys.log"] monkeypatch.setattr( - "pytest_splunk_addon.standard_lib.fields_tests.field_bank.PropsParser", + "pytest_splunk_addon.fields_tests.field_bank.PropsParser", props_parser_mock, ) return props_parser_mock diff --git a/tests/unit/tests_standard_lib/test_fields_tests/test_test_generator.py b/tests/unit/tests_standard_lib/test_fields_tests/test_test_generator.py index ad287bb8..c0508166 100644 --- a/tests/unit/tests_standard_lib/test_fields_tests/test_test_generator.py +++ b/tests/unit/tests_standard_lib/test_fields_tests/test_test_generator.py @@ -1,6 +1,6 @@ import pytest from unittest.mock import patch, MagicMock -from pytest_splunk_addon.standard_lib.fields_tests.test_generator import ( +from pytest_splunk_addon.fields_tests.test_generator import ( FieldTestGenerator, ) @@ -27,7 +27,7 @@ def addon_parser_mock(monkeypatch): ap = MagicMock() ap.return_value = ap monkeypatch.setattr( - "pytest_splunk_addon.standard_lib.fields_tests.test_generator.AddonParser", ap + "pytest_splunk_addon.fields_tests.test_generator.AddonParser", ap ) return ap @@ -35,9 +35,7 @@ def addon_parser_mock(monkeypatch): @pytest.fixture() def field_bank_mock(monkeypatch): fb = MagicMock() - monkeypatch.setattr( - "pytest_splunk_addon.standard_lib.fields_tests.test_generator.FieldBank", fb - ) + monkeypatch.setattr("pytest_splunk_addon.fields_tests.test_generator.FieldBank", fb) return fb diff --git a/tests/unit/tests_standard_lib/test_index_tests/test_test_generator.py b/tests/unit/tests_standard_lib/test_index_tests/test_test_generator.py index a60efde1..f655ad45 100644 --- a/tests/unit/tests_standard_lib/test_index_tests/test_test_generator.py +++ b/tests/unit/tests_standard_lib/test_index_tests/test_test_generator.py @@ -2,11 +2,11 @@ from unittest.mock import patch, call from collections import namedtuple from copy import deepcopy -from pytest_splunk_addon.standard_lib.index_tests.test_generator import ( +from pytest_splunk_addon.index_tests.test_generator import ( IndexTimeTestGenerator, ) -module = "pytest_splunk_addon.standard_lib.index_tests.test_generator" +module = "pytest_splunk_addon.index_tests.test_generator" sample_event = namedtuple( "SampleEvent", ["metadata", "key_fields", "sample_name", "time_values"], diff --git a/tests/unit/tests_standard_lib/test_utilities/test_junit_parser.py b/tests/unit/tests_standard_lib/test_utilities/test_junit_parser.py index 2091d3ad..c3e5ba56 100644 --- a/tests/unit/tests_standard_lib/test_utilities/test_junit_parser.py +++ b/tests/unit/tests_standard_lib/test_utilities/test_junit_parser.py @@ -2,7 +2,7 @@ import tempfile import pytest -from pytest_splunk_addon.standard_lib.utilities.junit_parser import JunitParser +from pytest_splunk_addon.utilities.junit_parser import JunitParser def test_parse_junit_raises_exception_when_not_fields_are_present_in_testcase(): diff --git a/tests/unit/tests_standard_lib/test_utilities/test_log_helper.py b/tests/unit/tests_standard_lib/test_utilities/test_log_helper.py index 627792f7..d058f2b9 100644 --- a/tests/unit/tests_standard_lib/test_utilities/test_log_helper.py +++ b/tests/unit/tests_standard_lib/test_utilities/test_log_helper.py @@ -1,7 +1,7 @@ import pytest from unittest.mock import patch, MagicMock -from pytest_splunk_addon.standard_lib.utilities.log_helper import get_table_output -from pytest_splunk_addon.standard_lib.utilities.log_helper import ( +from pytest_splunk_addon.utilities.log_helper import get_table_output +from pytest_splunk_addon.utilities.log_helper import ( format_search_query_log, ) diff --git a/tests/unit/tests_standard_lib/test_utilities/test_xml_event_parser.py b/tests/unit/tests_standard_lib/test_utilities/test_xml_event_parser.py index 5caa32c9..e8932109 100644 --- a/tests/unit/tests_standard_lib/test_utilities/test_xml_event_parser.py +++ b/tests/unit/tests_standard_lib/test_utilities/test_xml_event_parser.py @@ -1,6 +1,6 @@ import pytest -from pytest_splunk_addon.standard_lib.utilities.xml_event_parser import ( +from pytest_splunk_addon.utilities.xml_event_parser import ( strip_syslog_header, escape_char_event, ) diff --git a/tests/unit/tests_standard_lib/tests_sample_generation/test_pytest_splunk_addon_data_parser.py b/tests/unit/tests_standard_lib/tests_sample_generation/test_pytest_splunk_addon_data_parser.py index 0d7a9ef4..ce9130c7 100644 --- a/tests/unit/tests_standard_lib/tests_sample_generation/test_pytest_splunk_addon_data_parser.py +++ b/tests/unit/tests_standard_lib/tests_sample_generation/test_pytest_splunk_addon_data_parser.py @@ -3,7 +3,7 @@ import pytest -from pytest_splunk_addon.standard_lib.sample_generation import ( +from pytest_splunk_addon.sample_generation import ( PytestSplunkAddonDataParser, ) diff --git a/tests/unit/tests_standard_lib/tests_sample_generation/test_rule.py b/tests/unit/tests_standard_lib/tests_sample_generation/test_rule.py index 34a58297..a35e8f84 100644 --- a/tests/unit/tests_standard_lib/tests_sample_generation/test_rule.py +++ b/tests/unit/tests_standard_lib/tests_sample_generation/test_rule.py @@ -5,7 +5,7 @@ from freezegun import freeze_time from unittest.mock import MagicMock, call, patch, mock_open, ANY -import pytest_splunk_addon.standard_lib.sample_generation.rule +import pytest_splunk_addon.sample_generation.rule TOKEN_DATA = "token_data" FIELD = "Field" @@ -61,21 +61,19 @@ def token(replacement=REPL, replacement_type=STATIC): def get_patch(func, return_value): return patch( - f"pytest_splunk_addon.standard_lib.sample_generation.rule.{func}", + f"pytest_splunk_addon.sample_generation.rule.{func}", MagicMock(return_value=return_value), ) def test_raise_warning(caplog): warning_message = "Warning_message" - pytest_splunk_addon.standard_lib.sample_generation.rule.raise_warning( - warning_message - ) + pytest_splunk_addon.sample_generation.rule.raise_warning(warning_message) assert caplog.messages == [warning_message] def get_rule_class(name): - rule_module = pytest_splunk_addon.standard_lib.sample_generation.rule + rule_module = pytest_splunk_addon.sample_generation.rule rule_classes = { INT: rule_module.IntRule, FLOAT: rule_module.FloatRule, @@ -118,7 +116,7 @@ def func(token_count=1): class TestRule: @pytest.fixture def rule(self): - return pytest_splunk_addon.standard_lib.sample_generation.rule.Rule(token()) + return pytest_splunk_addon.sample_generation.rule.Rule(token()) @pytest.fixture def mock_class(self, monkeypatch): @@ -126,7 +124,7 @@ def func(class_to_mock): class_mock = MagicMock() class_mock.return_value = RETURN_VALUE monkeypatch.setattr( - f"pytest_splunk_addon.standard_lib.sample_generation.rule.{class_to_mock}", + f"pytest_splunk_addon.sample_generation.rule.{class_to_mock}", class_mock, ) return class_mock @@ -198,7 +196,7 @@ def test_apply_replacement_type_all(self, mock_class, event): replace_mock = MagicMock() token_values = [[TokenValue(1)], [TokenValue(2)]] replace_mock.side_effect = token_values - rule = pytest_splunk_addon.standard_lib.sample_generation.rule.Rule( + rule = pytest_splunk_addon.sample_generation.rule.Rule( token(replacement_type=ALL) ) rule.replace = replace_mock @@ -206,10 +204,7 @@ def test_apply_replacement_type_all(self, mock_class, event): event2 = event() events = [event1, event2] assert rule.apply(events) == [return_event_1, return_event_2] - assert ( - pytest_splunk_addon.standard_lib.sample_generation.rule.event_host_count - == 2 - ) + assert pytest_splunk_addon.sample_generation.rule.event_host_count == 2 for e, tv in zip( [return_event_1, return_event_2], [TokenValue(1), TokenValue(2)] ): @@ -220,7 +215,7 @@ def test_apply_replacement_type_not_all(self, event): replace_mock = MagicMock() token_values = [[TokenValue(1)], [TokenValue(2)], [TokenValue(3)]] replace_mock.side_effect = token_values - rule = pytest_splunk_addon.standard_lib.sample_generation.rule.Rule( + rule = pytest_splunk_addon.sample_generation.rule.Rule( token(replacement_type=RANDOM) ) rule.replace = replace_mock @@ -256,9 +251,7 @@ def validate(value_list, index_list, csv, email_count, result_csv): index_list, csv, ) - pytest_splunk_addon.standard_lib.sample_generation.rule.user_email_count = ( - email_count - ) + pytest_splunk_addon.sample_generation.rule.user_email_count = email_count assert eve.replacement_map == {test_key: result_csv} csv_row_1 = create_csv("1") @@ -284,16 +277,10 @@ def test_get_rule_replacement_values(self, rule, value_list, expected): assert rule.get_rule_replacement_values(sample, value_list, ANY) == expected def test_clean_rules(self, rule): - pytest_splunk_addon.standard_lib.sample_generation.rule.event_host_count = 25 - assert ( - pytest_splunk_addon.standard_lib.sample_generation.rule.event_host_count - == 25 - ) + pytest_splunk_addon.sample_generation.rule.event_host_count = 25 + assert pytest_splunk_addon.sample_generation.rule.event_host_count == 25 rule.clean_rules() - assert ( - pytest_splunk_addon.standard_lib.sample_generation.rule.event_host_count - == 0 - ) + assert pytest_splunk_addon.sample_generation.rule.event_host_count == 0 @pytest.mark.parametrize( @@ -358,7 +345,7 @@ def test_rule( ) eve = event() monkeypatch.setattr( - pytest_splunk_addon.standard_lib.sample_generation.rule, + pytest_splunk_addon.sample_generation.rule, to_mock, MagicMock(return_value=ret_value), ) diff --git a/tests/unit/tests_standard_lib/tests_sample_generation/test_sample_event.py b/tests/unit/tests_standard_lib/tests_sample_generation/test_sample_event.py index f4d157af..c2fa5156 100644 --- a/tests/unit/tests_standard_lib/tests_sample_generation/test_sample_event.py +++ b/tests/unit/tests_standard_lib/tests_sample_generation/test_sample_event.py @@ -3,7 +3,7 @@ from collections import namedtuple from unittest.mock import patch, MagicMock -import pytest_splunk_addon.standard_lib.sample_generation.sample_event +import pytest_splunk_addon.sample_generation.sample_event EVENT_STRING = "Event_string dad ad dfd ddas Value_5." UPDATED_STRING = "Updated_string" @@ -25,10 +25,8 @@ def samp_eve(): ip_mock.ipv6.return_value = FAKE_IPV6 with patch("faker.Faker") as faker_mock: faker_mock.return_value = ip_mock - importlib.reload( - pytest_splunk_addon.standard_lib.sample_generation.sample_event - ) - return pytest_splunk_addon.standard_lib.sample_generation.sample_event.SampleEvent( + importlib.reload(pytest_splunk_addon.sample_generation.sample_event) + return pytest_splunk_addon.sample_generation.sample_event.SampleEvent( event_string=EVENT_STRING, metadata=METADATA, sample_name=SAMPLE_NAME, @@ -36,17 +34,11 @@ def samp_eve(): def check_host_count(value): - assert ( - pytest_splunk_addon.standard_lib.sample_generation.sample_event.host_count - == value - ) + assert pytest_splunk_addon.sample_generation.sample_event.host_count == value def check_fqdn_count(value): - assert ( - pytest_splunk_addon.standard_lib.sample_generation.sample_event.fqdn_count - == value - ) + assert pytest_splunk_addon.sample_generation.sample_event.fqdn_count == value def test_update(samp_eve): @@ -79,7 +71,7 @@ def test_get_field_fqdn(samp_eve): def test_get_ipv4(samp_eve): # that test might be divided into many smaller tests, # but feels natural to write it this way - module = pytest_splunk_addon.standard_lib.sample_generation.sample_event + module = pytest_splunk_addon.sample_generation.sample_event rule = "src" assert samp_eve.get_ipv4(rule) == "10.1.0.1" assert module.src_ipv4 == 1 @@ -120,7 +112,7 @@ def test_get_ipv4(samp_eve): def test_get_ipv6(samp_eve): # that test might be divided into many smaller tests, # but feels natural to write it this way - module = pytest_splunk_addon.standard_lib.sample_generation.sample_event + module = pytest_splunk_addon.sample_generation.sample_event rule = "src" assert samp_eve.get_ipv6(rule) == "fdee:1fe4:2b8c:3261:0000:0000:0000:0000" assert module.src_ipv6 == 1 @@ -164,7 +156,7 @@ def test_register_field_value(samp_eve, monkeypatch): key_fields_mock = MagicMock() key_fields_mock.KEY_FIELDS = [field_1, field_2] monkeypatch.setattr( - "pytest_splunk_addon.standard_lib.sample_generation.sample_event.key_fields", + "pytest_splunk_addon.sample_generation.sample_event.key_fields", key_fields_mock, ) samp_eve.register_field_value(field_1, TokenValue(VALUE_1)) @@ -185,7 +177,7 @@ def test_copy(samp_eve): time_values = ["12", "13"] samp_eve.key_fields = key_fields_value samp_eve.time_values = time_values - new_eve = pytest_splunk_addon.standard_lib.sample_generation.sample_event.SampleEvent.copy( + new_eve = pytest_splunk_addon.sample_generation.sample_event.SampleEvent.copy( samp_eve ) assert new_eve.metadata == METADATA diff --git a/tests/unit/tests_standard_lib/tests_sample_generation/test_sample_generator.py b/tests/unit/tests_standard_lib/tests_sample_generation/test_sample_generator.py index 2d5771de..87c87b5b 100644 --- a/tests/unit/tests_standard_lib/tests_sample_generation/test_sample_generator.py +++ b/tests/unit/tests_standard_lib/tests_sample_generation/test_sample_generator.py @@ -1,10 +1,10 @@ from unittest.mock import MagicMock, patch -from pytest_splunk_addon.standard_lib.sample_generation.sample_generator import ( +from pytest_splunk_addon.sample_generation.sample_generator import ( SampleGenerator, ) -MODULE_PATH = "pytest_splunk_addon.standard_lib.sample_generation.sample_generator" +MODULE_PATH = "pytest_splunk_addon.sample_generation.sample_generator" ADDON_PATH = "/add/on/path" CONFIG_PATH = "/config/path" diff --git a/tests/unit/tests_standard_lib/tests_sample_generation/test_sample_stanza.py b/tests/unit/tests_standard_lib/tests_sample_generation/test_sample_stanza.py index 6079f872..e8429f7b 100644 --- a/tests/unit/tests_standard_lib/tests_sample_generation/test_sample_stanza.py +++ b/tests/unit/tests_standard_lib/tests_sample_generation/test_sample_stanza.py @@ -3,7 +3,7 @@ from collections import namedtuple from unittest.mock import MagicMock, patch, mock_open -from pytest_splunk_addon.standard_lib.sample_generation.sample_stanza import ( +from pytest_splunk_addon.sample_generation.sample_stanza import ( SampleStanza, ) @@ -63,7 +63,7 @@ def func( rule_mock_value="Test_rule", ): with patch.object(os, "sep", "/"), patch( - "pytest_splunk_addon.standard_lib.sample_generation.sample_stanza.Rule", + "pytest_splunk_addon.sample_generation.sample_stanza.Rule", MagicMock(return_value=rule_mock_value), ): ss = SampleStanza(SAMPLE_PATH, psa_data_params) @@ -87,7 +87,7 @@ def test_get_tokenized_events(self, sample_stanza): mock_2 = MagicMock() ss.tokenized_events = [mock_1, mock_2] with patch( - "pytest_splunk_addon.standard_lib.sample_generation.sample_stanza.SampleEvent", + "pytest_splunk_addon.sample_generation.sample_stanza.SampleEvent", MagicMock(), ) as sample_event_mock: sample_event_mock.update_metadata.return_value = ("one", "two", "three") @@ -154,7 +154,7 @@ def test_parse_rules(self, sample_stanza, rule_value, expected): ] ) with patch( - "pytest_splunk_addon.standard_lib.sample_generation.sample_stanza.Rule", + "pytest_splunk_addon.sample_generation.sample_stanza.Rule", MagicMock(), ) as rule_mock: rule_mock.parse_rule.return_value = rule_value @@ -257,7 +257,7 @@ def test_get_raw_sample(self, sample_stanza, psa_data_params, sample_event_param ss = sample_stanza(psa_data_params=psa_data_params) data = "sample_raw" with patch("builtins.open", mock_open(read_data=data)), patch( - "pytest_splunk_addon.standard_lib.sample_generation.sample_stanza.SampleEvent", + "pytest_splunk_addon.sample_generation.sample_stanza.SampleEvent", MagicMock(return_value="sample_event"), ) as sample_event_mock: assert list(ss._get_raw_sample()) == ["sample_event"] @@ -272,7 +272,7 @@ def test_get_raw_sample_empty_event(self, sample_stanza): ) data = "" with patch("builtins.open", mock_open(read_data=data)), patch( - "pytest_splunk_addon.standard_lib.sample_generation.sample_stanza.SampleEvent", + "pytest_splunk_addon.sample_generation.sample_stanza.SampleEvent", MagicMock(return_value="sample_event"), ) as sample_event_mock: assert list(ss._get_raw_sample()) == [] diff --git a/tests/unit/tests_standard_lib/tests_sample_generation/test_sample_xdist_generator.py b/tests/unit/tests_standard_lib/tests_sample_generation/test_sample_xdist_generator.py index 2f8b9012..0b7f5236 100644 --- a/tests/unit/tests_standard_lib/tests_sample_generation/test_sample_xdist_generator.py +++ b/tests/unit/tests_standard_lib/tests_sample_generation/test_sample_xdist_generator.py @@ -2,7 +2,7 @@ from collections import namedtuple from unittest.mock import MagicMock, patch, mock_open, call -from pytest_splunk_addon.standard_lib.sample_generation.sample_xdist_generator import ( +from pytest_splunk_addon.sample_generation.sample_xdist_generator import ( SampleXdistGenerator, ) @@ -77,13 +77,11 @@ def test_init(self): assert sample_xdist_generator.process_count == 5 @patch( - "pytest_splunk_addon.standard_lib.sample_generation.sample_xdist_generator.FileLock", + "pytest_splunk_addon.sample_generation.sample_xdist_generator.FileLock", MagicMock(), ) @patch("builtins.open", mock_open()) - @patch( - "pytest_splunk_addon.standard_lib.sample_generation.sample_xdist_generator.pickle" - ) + @patch("pytest_splunk_addon.sample_generation.sample_xdist_generator.pickle") @pytest.mark.parametrize( "exists_value, environ, expected", [ @@ -112,7 +110,7 @@ def test_get_samples(self, pickle_mock, exists_value, environ, expected): "os.environ", environ, ), patch( - "pytest_splunk_addon.standard_lib.sample_generation.sample_xdist_generator.SampleGenerator", + "pytest_splunk_addon.sample_generation.sample_xdist_generator.SampleGenerator", MagicMock(), ) as sample_generator_mock: sample_generator_mock.conf_name = "conf_name" diff --git a/tests/unit/tests_standard_lib/tests_sample_generation/test_time_parser.py b/tests/unit/tests_standard_lib/tests_sample_generation/test_time_parser.py index b070934d..b5cc1839 100644 --- a/tests/unit/tests_standard_lib/tests_sample_generation/test_time_parser.py +++ b/tests/unit/tests_standard_lib/tests_sample_generation/test_time_parser.py @@ -2,7 +2,7 @@ from datetime import datetime from freezegun import freeze_time -from pytest_splunk_addon.standard_lib.sample_generation.time_parser import ( +from pytest_splunk_addon.sample_generation.time_parser import ( time_parse, ) diff --git a/tests/unit/tests_standard_lib/tests_tools/test_cim_report.py b/tests/unit/tests_standard_lib/tests_tools/test_cim_report.py index 23efa963..03eb57fc 100644 --- a/tests/unit/tests_standard_lib/tests_tools/test_cim_report.py +++ b/tests/unit/tests_standard_lib/tests_tools/test_cim_report.py @@ -1,6 +1,6 @@ import os -from pytest_splunk_addon.standard_lib.cim_compliance.cim_report_generator import ( +from pytest_splunk_addon.cim_compliance.cim_report_generator import ( CIMReportGenerator, ) From 89fd96e9ad74014aa51dfb0431e75933d4ddd02e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kamil=20K=C4=99dziak?= Date: Fri, 28 Jun 2024 16:56:12 +0200 Subject: [PATCH 13/29] feat: schema changes for LR notes (#857) --- .../sample_generation/schema.xsd | 2 + .../test_data/xmls/lr_incorrect.xml | 44 +++++++++++++++++++ .../test_data/xmls/lr_notes.xml | 43 ++++++++++++++++++ .../test_data/xmls/lr_without_notes.xml | 43 ++++++++++++++++++ .../tests_sample_generation/test_schema.py | 31 +++++++++++++ 5 files changed, 163 insertions(+) create mode 100644 tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_incorrect.xml create mode 100644 tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_notes.xml create mode 100644 tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_without_notes.xml create mode 100644 tests/unit/tests_standard_lib/tests_sample_generation/test_schema.py diff --git a/pytest_splunk_addon/sample_generation/schema.xsd b/pytest_splunk_addon/sample_generation/schema.xsd index 85da743a..6f2e9bc1 100644 --- a/pytest_splunk_addon/sample_generation/schema.xsd +++ b/pytest_splunk_addon/sample_generation/schema.xsd @@ -83,6 +83,7 @@ + @@ -103,6 +104,7 @@ + diff --git a/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_incorrect.xml b/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_incorrect.xml new file mode 100644 index 00000000..b6de81f0 --- /dev/null +++ b/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_incorrect.xml @@ -0,0 +1,44 @@ + + + Microsoft + Sysmon + + + + HELLO + + + lab, index = * EventCode=19 + + Some event level note!!! + 19341900x8000000000000000114712Microsoft-Windows-Sysmon/Operationalserver1-WmiFilterEvent2023-08-24 08:52:46.443CreatedSERVER1\Administrator "root\\cimv2" "ServiceFilter_creation_for_EventID19" "select Look_ME_UP_eventID19 from __instanceModificationEvent within 5 where targetInstance isa 'non_existent'"]]> + + + Change:Endpoint_Changes + + + + + + + + + + + + + + + + + + command + object + object_attrs + object_id + object_path + result_id + + + + diff --git a/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_notes.xml b/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_notes.xml new file mode 100644 index 00000000..70169e35 --- /dev/null +++ b/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_notes.xml @@ -0,0 +1,43 @@ + + + Microsoft + Sysmon + + + + + + lab, index = * EventCode=19 + + Some event level note!!! + 19341900x8000000000000000114712Microsoft-Windows-Sysmon/Operationalserver1-WmiFilterEvent2023-08-24 08:52:46.443CreatedSERVER1\Administrator "root\\cimv2" "ServiceFilter_creation_for_EventID19" "select Look_ME_UP_eventID19 from __instanceModificationEvent within 5 where targetInstance isa 'non_existent'"]]> + + + Change:Endpoint_Changes + + + + + + + + + + + + + + + + + + command + object + object_attrs + object_id + object_path + result_id + + + + diff --git a/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_without_notes.xml b/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_without_notes.xml new file mode 100644 index 00000000..70169e35 --- /dev/null +++ b/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_without_notes.xml @@ -0,0 +1,43 @@ + + + Microsoft + Sysmon + + + + + + lab, index = * EventCode=19 + + Some event level note!!! + 19341900x8000000000000000114712Microsoft-Windows-Sysmon/Operationalserver1-WmiFilterEvent2023-08-24 08:52:46.443CreatedSERVER1\Administrator "root\\cimv2" "ServiceFilter_creation_for_EventID19" "select Look_ME_UP_eventID19 from __instanceModificationEvent within 5 where targetInstance isa 'non_existent'"]]> + + + Change:Endpoint_Changes + + + + + + + + + + + + + + + + + + command + object + object_attrs + object_id + object_path + result_id + + + + diff --git a/tests/unit/tests_standard_lib/tests_sample_generation/test_schema.py b/tests/unit/tests_standard_lib/tests_sample_generation/test_schema.py new file mode 100644 index 00000000..8b6b8f61 --- /dev/null +++ b/tests/unit/tests_standard_lib/tests_sample_generation/test_schema.py @@ -0,0 +1,31 @@ +import os.path + +import pytest +from xmlschema import XMLSchema, XMLSchemaChildrenValidationError + +from pytest_splunk_addon.standard_lib.sample_generation.pytest_splunk_addon_data_parser import ( + SCHEMA_PATH, +) + + +@pytest.fixture +def validator() -> XMLSchema: + return XMLSchema(SCHEMA_PATH) + + +def get_xml(name: str) -> str: + with open(os.path.join(os.path.dirname(__file__), "test_data", "xmls", name)) as fp: + return fp.read() + + +def test_validate_schema(validator): + validator.validate(get_xml("lr_without_notes.xml")) + + +def test_validate_schema_incorrect_event_element(validator): + with pytest.raises(XMLSchemaChildrenValidationError): + validator.validate(get_xml("lr_incorrect.xml")) + + +def test_validate_schema_notes(validator): + validator.validate(get_xml("lr_notes.xml")) From d68d20da8138a4b879e27a095bc452c4b81e9412 Mon Sep 17 00:00:00 2001 From: Artem Rys Date: Mon, 1 Jul 2024 13:05:43 +0200 Subject: [PATCH 14/29] Revert "feat: schema changes for LR notes" (#861) Reverts splunk/pytest-splunk-addon#857 --- .../sample_generation/schema.xsd | 2 - .../test_data/xmls/lr_incorrect.xml | 44 ------------------- .../test_data/xmls/lr_notes.xml | 43 ------------------ .../test_data/xmls/lr_without_notes.xml | 43 ------------------ .../tests_sample_generation/test_schema.py | 31 ------------- 5 files changed, 163 deletions(-) delete mode 100644 tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_incorrect.xml delete mode 100644 tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_notes.xml delete mode 100644 tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_without_notes.xml delete mode 100644 tests/unit/tests_standard_lib/tests_sample_generation/test_schema.py diff --git a/pytest_splunk_addon/sample_generation/schema.xsd b/pytest_splunk_addon/sample_generation/schema.xsd index 6f2e9bc1..85da743a 100644 --- a/pytest_splunk_addon/sample_generation/schema.xsd +++ b/pytest_splunk_addon/sample_generation/schema.xsd @@ -83,7 +83,6 @@ - @@ -104,7 +103,6 @@ - diff --git a/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_incorrect.xml b/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_incorrect.xml deleted file mode 100644 index b6de81f0..00000000 --- a/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_incorrect.xml +++ /dev/null @@ -1,44 +0,0 @@ - - - Microsoft - Sysmon - - - - HELLO - - - lab, index = * EventCode=19 - - Some event level note!!! - 19341900x8000000000000000114712Microsoft-Windows-Sysmon/Operationalserver1-WmiFilterEvent2023-08-24 08:52:46.443CreatedSERVER1\Administrator "root\\cimv2" "ServiceFilter_creation_for_EventID19" "select Look_ME_UP_eventID19 from __instanceModificationEvent within 5 where targetInstance isa 'non_existent'"]]> - - - Change:Endpoint_Changes - - - - - - - - - - - - - - - - - - command - object - object_attrs - object_id - object_path - result_id - - - - diff --git a/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_notes.xml b/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_notes.xml deleted file mode 100644 index 70169e35..00000000 --- a/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_notes.xml +++ /dev/null @@ -1,43 +0,0 @@ - - - Microsoft - Sysmon - - - - - - lab, index = * EventCode=19 - - Some event level note!!! - 19341900x8000000000000000114712Microsoft-Windows-Sysmon/Operationalserver1-WmiFilterEvent2023-08-24 08:52:46.443CreatedSERVER1\Administrator "root\\cimv2" "ServiceFilter_creation_for_EventID19" "select Look_ME_UP_eventID19 from __instanceModificationEvent within 5 where targetInstance isa 'non_existent'"]]> - - - Change:Endpoint_Changes - - - - - - - - - - - - - - - - - - command - object - object_attrs - object_id - object_path - result_id - - - - diff --git a/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_without_notes.xml b/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_without_notes.xml deleted file mode 100644 index 70169e35..00000000 --- a/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_without_notes.xml +++ /dev/null @@ -1,43 +0,0 @@ - - - Microsoft - Sysmon - - - - - - lab, index = * EventCode=19 - - Some event level note!!! - 19341900x8000000000000000114712Microsoft-Windows-Sysmon/Operationalserver1-WmiFilterEvent2023-08-24 08:52:46.443CreatedSERVER1\Administrator "root\\cimv2" "ServiceFilter_creation_for_EventID19" "select Look_ME_UP_eventID19 from __instanceModificationEvent within 5 where targetInstance isa 'non_existent'"]]> - - - Change:Endpoint_Changes - - - - - - - - - - - - - - - - - - command - object - object_attrs - object_id - object_path - result_id - - - - diff --git a/tests/unit/tests_standard_lib/tests_sample_generation/test_schema.py b/tests/unit/tests_standard_lib/tests_sample_generation/test_schema.py deleted file mode 100644 index 8b6b8f61..00000000 --- a/tests/unit/tests_standard_lib/tests_sample_generation/test_schema.py +++ /dev/null @@ -1,31 +0,0 @@ -import os.path - -import pytest -from xmlschema import XMLSchema, XMLSchemaChildrenValidationError - -from pytest_splunk_addon.standard_lib.sample_generation.pytest_splunk_addon_data_parser import ( - SCHEMA_PATH, -) - - -@pytest.fixture -def validator() -> XMLSchema: - return XMLSchema(SCHEMA_PATH) - - -def get_xml(name: str) -> str: - with open(os.path.join(os.path.dirname(__file__), "test_data", "xmls", name)) as fp: - return fp.read() - - -def test_validate_schema(validator): - validator.validate(get_xml("lr_without_notes.xml")) - - -def test_validate_schema_incorrect_event_element(validator): - with pytest.raises(XMLSchemaChildrenValidationError): - validator.validate(get_xml("lr_incorrect.xml")) - - -def test_validate_schema_notes(validator): - validator.validate(get_xml("lr_notes.xml")) From 42b6a3b9a489ab712f72f076ae7618249fad794b Mon Sep 17 00:00:00 2001 From: srv-rr-github-token <94607705+srv-rr-github-token@users.noreply.github.com> Date: Mon, 1 Jul 2024 11:30:37 +0000 Subject: [PATCH 15/29] chore(release): 5.3.0-beta.5 # [5.3.0-beta.5](https://github.com/splunk/pytest-splunk-addon/compare/v5.3.0-beta.4...v5.3.0-beta.5) (2024-07-01) ### Features * schema changes for LR notes ([#857](https://github.com/splunk/pytest-splunk-addon/issues/857)) ([89fd96e](https://github.com/splunk/pytest-splunk-addon/commit/89fd96e9ad74014aa51dfb0431e75933d4ddd02e)) --- NOTICE | 84 +++++++++++++++++++++++++++++++-- pyproject.toml | 2 +- pytest_splunk_addon/__init__.py | 2 +- 3 files changed, 83 insertions(+), 5 deletions(-) diff --git a/NOTICE b/NOTICE index 83a2e3c5..f88bf2a8 100644 --- a/NOTICE +++ b/NOTICE @@ -7,9 +7,9 @@ The following 3rd-party software packages may be used by or distributed with pytest-splunk-addon. Any information relevant to third-party vendors listed below are collected using common, reasonable means. -Date generated: 2024-6-26 +Date generated: 2024-7-1 -Revision ID: 1157ab9c62c584ba31bd92b1951fee73551b503b +Revision ID: d68d20da8138a4b879e27a095bc452c4b81e9412 ================================================================================ ================================================================================ @@ -50,6 +50,8 @@ No licenses found -------------------------------------------------------------------------------- Package Title: addonfactory-splunk-conf-parser-lib (0.4.0) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -262,6 +264,8 @@ Apache-2.0 -------------------------------------------------------------------------------- Package Title: attrs (23.2.0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -294,6 +298,8 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: certifi (2024.6.2) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -325,6 +331,8 @@ one at http://mozilla.org/MPL/2.0/. -------------------------------------------------------------------------------- Package Title: charset-normalizer (3.3.2) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -356,6 +364,8 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: colorama (0.4.6) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -394,6 +404,8 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -------------------------------------------------------------------------------- Package Title: defusedxml (0.7.1) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -454,6 +466,8 @@ Agreement. -------------------------------------------------------------------------------- Package Title: deprecation (2.1.0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -690,6 +704,8 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: elementpath (4.1.5) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -722,6 +738,8 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: exceptiongroup (1.2.1) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -837,6 +855,8 @@ Agreement. -------------------------------------------------------------------------------- Package Title: execnet (2.0.2) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -866,6 +886,8 @@ MIT -------------------------------------------------------------------------------- Package Title: Faker (18.13.0) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -896,6 +918,8 @@ THE SOFTWARE. -------------------------------------------------------------------------------- Package Title: filelock (3.12.2) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -931,6 +955,8 @@ For more information, please refer to -------------------------------------------------------------------------------- Package Title: future (1.0.0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1016,6 +1042,8 @@ SECRET LABS AB AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTW -------------------------------------------------------------------------------- Package Title: httplib2 (0.22.0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1106,6 +1134,8 @@ You should have received a copy of the GNU General Public License along with thi -------------------------------------------------------------------------------- Package Title: idna (3.7) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1148,6 +1178,8 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -------------------------------------------------------------------------------- Package Title: importlib-metadata (6.7.0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1361,6 +1393,8 @@ Apache-2.0 -------------------------------------------------------------------------------- Package Title: importlib-resources (5.12.0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1574,6 +1608,8 @@ Apache-2.0 -------------------------------------------------------------------------------- Package Title: iniconfig (2.0.0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1604,6 +1640,8 @@ MIT -------------------------------------------------------------------------------- Package Title: jsonschema (4.17.3) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -1653,6 +1691,8 @@ See the License for the specific language governing permissions and limitations -------------------------------------------------------------------------------- Package Title: junitparser (2.8.0) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -1676,6 +1716,8 @@ Copyright 2020 Joel Wang -------------------------------------------------------------------------------- Package Title: packaging (24.0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1747,6 +1789,8 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -------------------------------------------------------------------------------- Package Title: pkgutil_resolve_name (1.3.10) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1847,6 +1891,8 @@ PYTHON SOFTWARE FOUNDATION LICENSE VERSION 2 -------------------------------------------------------------------------------- Package Title: pluggy (1.2.0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1879,6 +1925,8 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: pyparsing (3.1.2) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1956,6 +2004,8 @@ You should have received a copy of the GNU General Public License along with thi -------------------------------------------------------------------------------- Package Title: pyrsistent (0.19.3) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -2020,6 +2070,8 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -------------------------------------------------------------------------------- Package Title: pytest (7.4.4) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -2052,6 +2104,8 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: pytest-ordering (0.6) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -2080,6 +2134,8 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: pytest-xdist (3.5.0) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -2109,6 +2165,8 @@ MIT -------------------------------------------------------------------------------- Package Title: python-dateutil (2.9.0.post0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -2203,6 +2261,8 @@ The above BSD License Applies to all code, even that also covered by Apache 2.0. -------------------------------------------------------------------------------- Package Title: requests (2.31.0) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -2389,6 +2449,8 @@ Apache-2.0 -------------------------------------------------------------------------------- Package Title: six (1.16.0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -2418,6 +2480,8 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -------------------------------------------------------------------------------- Package Title: splunk-sdk (2.0.1) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -2441,6 +2505,8 @@ See the License for the specific language governing permissions and limitations -------------------------------------------------------------------------------- Package Title: splunksplwrapper (1.1.4) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -2653,6 +2719,8 @@ Apache-2.0 -------------------------------------------------------------------------------- Package Title: tomli (2.0.1) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -2685,6 +2753,8 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: typing-extensions (4.7.1) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -3006,6 +3076,8 @@ PERFORMANCE OF THIS SOFTWARE. -------------------------------------------------------------------------------- Package Title: urllib3 (1.26.18) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -3057,6 +3129,8 @@ See the License for the specific language governing permissions and limitations -------------------------------------------------------------------------------- Package Title: xmlschema (2.5.1) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -3110,6 +3184,8 @@ The name and trademarks of copyright holders may NOT be used in advertising or p -------------------------------------------------------------------------------- Package Title: xmltodict (0.13.0) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -3128,6 +3204,8 @@ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLI -------------------------------------------------------------------------------- Package Title: zipp (3.15.0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -5661,4 +5739,4 @@ No license text available -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -Report Generated by FOSSA on 2024-6-26 +Report Generated by FOSSA on 2024-7-1 diff --git a/pyproject.toml b/pyproject.toml index 22899d7f..837e05e4 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -16,7 +16,7 @@ [tool.poetry] name = "pytest-splunk-addon" -version = "5.3.0-beta.4" +version = "5.3.0-beta.5" description = "A Dynamic test tool for Splunk Apps and Add-ons" authors = ["Splunk "] license = "APACHE-2.0" diff --git a/pytest_splunk_addon/__init__.py b/pytest_splunk_addon/__init__.py index 0f2e506d..5d21e56e 100644 --- a/pytest_splunk_addon/__init__.py +++ b/pytest_splunk_addon/__init__.py @@ -18,4 +18,4 @@ __author__ = """Splunk Inc.""" __email__ = "addonfactory@splunk.com" -__version__ = "5.3.0-beta.4" +__version__ = "5.3.0-beta.5" From 5e7d1e89d1a9712d992f0accc5fd423571126525 Mon Sep 17 00:00:00 2001 From: harshilgajera-crest <69803385+harshilgajera-crest@users.noreply.github.com> Date: Mon, 1 Jul 2024 18:39:12 +0530 Subject: [PATCH 16/29] feat: add support for CIM v5.3.2 (#853) Added support for cim v5.3.2. - Updated data-models with new child data set in various models. - Updated required fields with updated values as per v5.3.2. - Added optional fields as per v5.3.2 Detailed comparison and analysis between v4.15.0 and v5.3.2 can be found here: https://docs.google.com/spreadsheets/d/1ZFDC0Efn-bHvcU1Qy78s95GCfWyxt6IUhTv94j3yagk/edit#gid=1147250948 --- pytest_splunk_addon/data_models/Alerts.json | 58 ++++++++- .../data_models/Authentication.json | 57 ++++++++- .../data_models/Certificates.json | 16 ++- pytest_splunk_addon/data_models/Change.json | 107 +++++++++++++++- pytest_splunk_addon/data_models/DLP.json | 14 ++- pytest_splunk_addon/data_models/Email.json | 17 ++- pytest_splunk_addon/data_models/Endpoint.json | 114 ++++++++++++++++-- .../data_models/Intrusion_Detection.json | 12 +- pytest_splunk_addon/data_models/Malware.json | 52 +++++++- .../data_models/Network_Resolution.json | 6 +- .../data_models/Network_Sessions.json | 30 ++++- .../data_models/Network_Traffic.json | 40 ++++-- pytest_splunk_addon/data_models/Updates.json | 7 +- .../data_models/Vulnerabilities.json | 12 +- pytest_splunk_addon/data_models/Web.json | 69 ++++++++--- tests/e2e/constants.py | 5 +- 16 files changed, 542 insertions(+), 74 deletions(-) diff --git a/pytest_splunk_addon/data_models/Alerts.json b/pytest_splunk_addon/data_models/Alerts.json index 7cd84f78..2fbdb312 100644 --- a/pytest_splunk_addon/data_models/Alerts.json +++ b/pytest_splunk_addon/data_models/Alerts.json @@ -17,19 +17,44 @@ }, { "name": "body", + "type": "optional", + "comment":"The body of a message." + }, + { + "name": "description", "type": "required", - "comment":"The body of a message." + "comment": "The description of the alert event." }, { "name": "dest", "type": "required", - "comment":"The destination of the alert message, such as an email address or SNMP trap. You can alias this from more specific fields, such as dest_host, dest_ip, or dest_name." + "comment":"The destination of the alert message, such as an email address or SNMP trap. You can alias this from more specific fields, such as dest_host, dest_ip, or dest_name." + }, + { + "name": "dest_type", + "type": "optional", + "comment": "The type of the destination object, such as instance, storage, firewall." }, { "name": "id", "type": "required", "comment":"The unique identifier of a message." }, + { + "name": "mitre_technique_id", + "type": "optional", + "comment": "The MITRE ATT&CK technique ID of the alert event." + }, + { + "name": "signature", + "type": "required", + "comment": "A human-readable signature name." + }, + { + "name": "signature_id", + "type": "required", + "comment": "The unique identifier or event code of the event signature." + }, { "name": "severity", "type": "required", @@ -49,8 +74,13 @@ }, { "name": "src", + "type": "required", + "comment":"The source of the message. You can alias this from more specific fields, such as src_host, src_ip, or src_name." + }, + { + "name": "src_type", "type": "optional", - "comment":"The source of the message. You can alias this from more specific fields, such as src_host, src_ip, or src_name." + "comment": "The type of the source object, such as instance, storage, firewall." }, { "name": "subject", @@ -67,7 +97,27 @@ "task", "warning" ], - "comment":"The message type." + "comment":"The message type." + }, + { + "name": "user", + "type": "required", + "comment": "The user involved in the alert event." + }, + { + "name": "user_name", + "type": "optional", + "comment": "The name of the user involved in the alert event." + }, + { + "name": "vendor_account", + "type": "optional", + "comment": "The account associated with the alert event. The account represents the organization, or a Cloud customer or a Cloud account." + }, + { + "name": "vendor_region", + "type": "optional", + "comment": "The data center region involved in the alert event, such as us-west-2." } ], "child_dataset": [] diff --git a/pytest_splunk_addon/data_models/Authentication.json b/pytest_splunk_addon/data_models/Authentication.json index dcb4f43d..0af74023 100644 --- a/pytest_splunk_addon/data_models/Authentication.json +++ b/pytest_splunk_addon/data_models/Authentication.json @@ -10,7 +10,7 @@ { "name": "action", "type": "required", - "expected_values": ["success", "failure", "error"], + "expected_values": ["success", "failure", "pending", "error"], "comment": "The action performed on the resource." }, { @@ -18,11 +18,46 @@ "type": "required", "comment": "The application involved in the event (such as ssh, splunk, win:local)." }, + { + "name": "authentication_method", + "type": "optional", + "comment": "The method used to authenticate the request" + }, + { + "name": "authentication_service", + "type": "optional", + "comment": "The service used to authenticate the request" + }, { "name": "dest", "type": "required", "comment": "The target involved in the authentication. You can alias this from more specific fields, such as dest_host, dest_ip, or dest_nt_host." }, + { + "name": "src_user_type", + "type": "optional", + "comment": "The type of the user who initiated the privilege escalation." + }, + { + "name": "user_type", + "type": "optional", + "comment": "The type of the user involved in the event or who initiated the event.\nIAMUser, Admin, or System." + }, + { + "name": "src_user_role", + "type": "optional", + "comment": "The role of the user who initiated the privilege escalation." + }, + { + "name": "user_role", + "type": "optional", + "comment": "The role of the user involved in the event, or who initiated the event. For authentication privilege escalation events, this should represent the user role targeted by the escalation." + }, + { + "name": "user_agent", + "type": "optional", + "comment": "The user agent through which the request was made, such as Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) or aws-cli/2.0.0 Python/3.7.4 Darwin/18.7.0 botocore/2.0.0dev4." + }, { "name": "duration", "type": "optional", @@ -48,7 +83,7 @@ }, { "name": "src", - "type": "optional", + "type": "required", "comment": "The name of the user involved in the event, or who initiated the event. For authentication privilege escalation events, this should represent the user targeted by the escalation." }, { @@ -56,11 +91,27 @@ "type": "required", "comment": "The name of the user involved in the event, or who initiated the event. For authentication privilege escalation events, this should represent the user targeted by the escalation." }, + { + "name": "user_id", + "type": "optional", + "comment": "The unique id of the user involved in the event." + }, + { + "name": "reason", + "type": "optional", + "validity": "if(action in ['success', 'failure'], action, null())", + "comment": "The human-readable message associated with the authentication action (success or failure)." + }, { "name": "src_user", - "condition": "src_user=*", + "condition": "src_user=* tag=privileged", "type": "conditional", "comment": "In privilege escalation events, src_user represents the user who initiated the privilege escalation. This field is unnecessary when an escalation has not been performed. If present it must be a valid user." + }, + { + "name": "vendor_account", + "type": "optional", + "comment": "The account that manages the user that initiated the request. The account represents the organization, a Cloud customer, or a Cloud account." } ], "child_dataset": [ diff --git a/pytest_splunk_addon/data_models/Certificates.json b/pytest_splunk_addon/data_models/Certificates.json index b98a9cfe..4fd87347 100644 --- a/pytest_splunk_addon/data_models/Certificates.json +++ b/pytest_splunk_addon/data_models/Certificates.json @@ -71,7 +71,7 @@ "fields":[ { "name": "ssl_end_time", - "type": "optional", + "type": "required", "comment":"The expiry time of the certificate. Needs to be converted to UNIX time for calculations in dashboards." }, { @@ -81,7 +81,7 @@ }, { "name": "ssl_hash", - "type": "optional", + "type": "required", "comment":"The hash of the certificate." }, { @@ -110,6 +110,11 @@ "type": "optional", "comment":"The certificate issuer's email address." }, + { + "name": "ssl_issuer_email_domain", + "type": "optional", + "comment":"The domain name contained within the certificate issuer's email address." + }, { "name": "ssl_issuer_locality", "type": "optional", @@ -167,7 +172,7 @@ }, { "name": "ssl_start_time", - "type": "optional", + "type": "required", "comment":"This is the start date and time for this certificate's validity. Needs to be converted to UNIX time for calculations in dashboards." }, { @@ -185,6 +190,11 @@ "type": "optional", "comment":"The certificate owner's e-mail address." }, + { + "name": "ssl_subject_email_domain", + "type": "optional", + "comment":"The domain name contained within the certificate subject's email address." + }, { "name": "ssl_subject_locality", "type": "optional", diff --git a/pytest_splunk_addon/data_models/Change.json b/pytest_splunk_addon/data_models/Change.json index 8ba8611c..fc3df705 100644 --- a/pytest_splunk_addon/data_models/Change.json +++ b/pytest_splunk_addon/data_models/Change.json @@ -48,7 +48,7 @@ }, { "name": "object_category", - "validity": "if(like(object_category,'%\\\"%'),null(),object_category)", + "validity": "if(tag==\"account\" AND object_category==user,object_category, null())", "type": "required", "comment": "Generic name for the class of the updated resource object. Expected values may be specific to an app." }, @@ -61,13 +61,13 @@ { "name": "object_path", "validity": "if(like(object_path,'%\\\"%'),null(),object_path)", - "type": "required", + "type": "optional", "comment": "The path of the modified resource object, if applicable (such as a file, directory, or volume)." }, { "name": "result", - "type": "optional", - "expected_values": ["lockout"], + "condition": "status=failure", + "type": "conditional", "comment": "The vendor-specific result of a change, or clarification of an action status. For instance, status=failure may be accompanied by result=blocked by policy or result=disk full. result is a string. Please use a msg_severity_id field (not included in the data model) for severity ID fields that are integer data types." }, { @@ -77,7 +77,7 @@ }, { "name": "src", - "type": "optional", + "type": "required", "comment": "The resource where the change was originated. You can alias this from more specific fields not included in the data model, such as src_host, src_ip, or src_name." }, { @@ -96,6 +96,31 @@ "type": "required", "comment": "The user or entity performing the change. For account changes, this is the account that was changed (see src_user for user or entity performing the change)." }, + { + "name": "user_agent", + "type": "optional", + "comment": "The user agent through which the request was made, such as Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) or aws-cli/2.0.0 Python/3.7.4 Darwin/18.7.0 botocore/2.0.0dev4." + }, + { + "name": "user_name", + "type": "optional", + "comment": "The user name of the user or entity performing the change. For account changes, this is the account that was changed this is the account that was changed (see src_user_name)." + }, + { + "name": "user_type", + "type": "optional", + "comment": "The type of the user involved in the event or who initiated the event, such as IAMUser, Admin, or System. For account management events, this should represent the type of the user changed by the request." + }, + { + "name": "vendor_account", + "type": "optional", + "comment": "The account that manages the user that initiated the request. The account represents the organization, or a Cloud customer or a Cloud account." + }, + { + "name": "vendor_region", + "type": "optional", + "comment": "The account that manages the user that initiated the request. The account represents the organization, or a Cloud customer or a Cloud account." + }, { "name": "vendor_product", "type": "required", @@ -124,6 +149,16 @@ "type": "conditional", "condition": "object_category=user", "comment": "For account changes, the user or entity performing the change." + }, + { + "name": "src_user_type", + "type": "optional", + "comment": "For account management events, this should represent the type of the user changed by the request." + }, + { + "name": "src_user_name", + "type": "optional", + "comment": "For account changes, the user name of the user or entity performing the change." } ], "child_dataset": [ @@ -194,11 +229,71 @@ ], "search_constraints": "tag=endpoint" }, + { + "name": "Instance_Changes", + "tags": [["change", "instance"]], + "fields_cluster": [], + "search_constraints": "tag=instance", + "fields": [ + { + "name": "image_id", + "type": "required", + "comment": "For create instance events, this field represents the image ID used for creating the instance such as the OS, applications, installed libraries, and more." + }, + { + "name": "instance_type", + "type": "required", + "comment": "For create instance events, this field represents the type of instance to build such as the combination of CPU, memory, storage, and network capacity." + } + ], + "child_dataset": [] + }, { "name": "Network_Changes", "tags": [["change", "network"]], "fields_cluster": [], - "fields": [], + "fields": [ + { + "name": "dest_ip_range", + "type": "optional", + "comment": "For network events, the outgoing traffic for a specific destination IP address range. Specify a single IP address or an IP address range in CIDR notation. For example, 203.0.113.5 or 203.0.113.5/32." + }, + { + "name": "dest_port_range", + "type": "optional", + "comment": "For network events, this field represents destination port or range. For example, 80 or 8000 - 8080 or 80,443." + }, + { + "name": "direction", + "type": "optional", + "comment": "For network events, this field represents whether the traffic is inbound or outbound." + }, + { + "name": "protocol", + "type": "optional", + "comment": "This field represents the protocol for the network event rule." + }, + { + "name": "rule_action", + "type": "optional", + "comment": "For network events, this field represents whether to allow or deny traffic." + }, + { + "name": "src_ip_range", + "type": "optional", + "comment": "For network events, this field represents the incoming traffic from a specific source IP address or range. Specify a single IP address or an IP address range in CIDR notation." + }, + { + "name": "src_port_range", + "type": "optional", + "comment": "For network events, this field represents source port or range. For example, 80 or 8000 - 8080 or 80,443" + }, + { + "name": "device_restarts", + "type": "optional", + "comment": "Monitor all infrastructure device restarts." + } + ], "child_dataset": [ { "name": "Device_Restarts", diff --git a/pytest_splunk_addon/data_models/DLP.json b/pytest_splunk_addon/data_models/DLP.json index bb167005..33940918 100644 --- a/pytest_splunk_addon/data_models/DLP.json +++ b/pytest_splunk_addon/data_models/DLP.json @@ -68,11 +68,21 @@ "type": "required", "comment": "The severity of the DLP event." }, + { + "name": "severity_id", + "type": "optional", + "comment": "The numeric or vendor specific severity indicator corresponding to the event severity." + }, { "name": "signature", "type": "required", "comment": "The name of the DLP event." }, + { + "name": "signature_id", + "type": "optional", + "comment": "The unique identifier or event code of the event signature." + }, { "name": "src", "type": "optional", @@ -91,12 +101,12 @@ { "name": "user", "type": "conditional", - "condition": "dlp_type=email OR dlp_type=im", + "condition": "dlp_type=email OR dlp_type=share_point OR dlp_type=o365 OR dlp_type=google.* OR dlp_type=GWS.*", "comment": "The target user of the DLP event." }, { "name": "vendor_product", - "type": "optional", + "type": "required", "comment": "The vendor and product name of the DLP system" } ], diff --git a/pytest_splunk_addon/data_models/Email.json b/pytest_splunk_addon/data_models/Email.json index 4c1198ac..d5d61c6f 100644 --- a/pytest_splunk_addon/data_models/Email.json +++ b/pytest_splunk_addon/data_models/Email.json @@ -107,6 +107,11 @@ "validity":"if(isnum(recipient_count) and recipient_count==mvcount(recipient),recipient_count, null())", "comment": "The total number of intended message recipients." }, + { + "name": "recipient_domain", + "type": "required", + "comment": "The domain name contained within the recipient email addresses." + }, { "name": "recipient_status", "type": "optional", @@ -149,8 +154,14 @@ "name": "status_code", "type": "conditional", "condition": "protocol=smtp", + "validity": "if(match(status_code, \"(?:(\\d(\\.\\d{1,3}){0,2}))\"))", "comment": "The status code associated with the message." }, + { + "name": "src_user_domain", + "type": "required", + "comment": "The domain name contained within the email address of the message sender." + }, { "name": "subject", "type": "optional", @@ -163,12 +174,12 @@ }, { "name": "user", - "type": "required", + "type": "optional", "comment": "The user context for the process. This is not the email address for the sender. For that, look at the src_user field." }, { "name": "vendor_product", - "type": "optional", + "type": "required", "comment": "The vendor and product of the email server used for the email transaction. This field can be automatically populated by vendor and product fields in your data." }, { @@ -218,7 +229,7 @@ }, { "name": "signature", - "type": "optional", + "type": "required", "comment": "The name of the filter applied." }, { diff --git a/pytest_splunk_addon/data_models/Endpoint.json b/pytest_splunk_addon/data_models/Endpoint.json index 8b58c5b0..8a64d128 100644 --- a/pytest_splunk_addon/data_models/Endpoint.json +++ b/pytest_splunk_addon/data_models/Endpoint.json @@ -23,6 +23,21 @@ "validity": "if(isnum(dest_port),dest_port,null())", "comment": "Network port listening on the endpoint, such as 53." }, + { + "name": "dest_requires_av", + "type": "optional", + "comment": "This field is automatically provided by asset and identity correlation features of applications like Splunk Enterprise Security. Do not define extractions for this field when writing add-ons." + }, + { + "name": "dest_should_timesync", + "type": "optional", + "comment": "This field is automatically provided by asset and identity correlation features of applications like Splunk Enterprise Security. Do not define extractions for this field when writing add-ons." + }, + { + "name": "dest_should_update", + "type": "optional", + "comment": "This field is automatically provided by asset and identity correlation features of applications like Splunk Enterprise Security. Do not define extractions for this field when writing add-ons." + }, { "name": "process_guid", "type": "optional", @@ -44,6 +59,21 @@ "validity": "if(isnum(src_port),src_port,null())", "comment": "The 'remote' port connected to the listening port (if applicable)." }, + { + "name": "src_requires_av", + "type": "optional", + "comment": "This field is automatically provided by asset and identity correlation features of applications like Splunk Enterprise Security. Do not define extractions for this field when writing add-ons." + }, + { + "name": "src_should_timesync", + "type": "optional", + "comment": "This field is automatically provided by asset and identity correlation features of applications like Splunk Enterprise Security. Do not define extractions for this field when writing add-ons." + }, + { + "name": "src_should_update", + "type": "optional", + "comment": "This field is automatically provided by asset and identity correlation features of applications like Splunk Enterprise Security. Do not define extractions for this field when writing add-ons." + }, { "name": "state", "type": "required", @@ -57,13 +87,19 @@ }, { "name": "transport_dest_port", - "type": "not_allowed_in_search", + "type": "required", + "validity": "(?:tcp|udp|dccp|sctp)\\/(?:(6553[0-5]|655[0-2][0-9]|65[0-4][0-9]{2}|6[0-4][0-9]{3}|[1-5][0-9]{4}|[0-9]{1,4})$)", "comment": "Calculated as transport/dest_port, such as tcp/53." }, { "name": "user", "type": "optional", "comment": "The user account associated with the listening port." + }, + { + "name": "vendor_product", + "type": "required", + "comment": "The vendor and product name of the Endpoint solution that reported the event, such as Carbon Black Cb Response. This field can be automatically populated by vendor and product fields in your data." } ], "child_dataset": [], @@ -90,6 +126,11 @@ "type": "required", "comment": "The endpoint for which the process was spawned." }, + { + "name": "loaded_file", + "type": "optional", + "comment": "File that was loaded." + }, { "name": "mem_used", "type": "optional", @@ -102,8 +143,13 @@ "comment": "The operating system of the resource, such as Microsoft Windows Server 2008r2." }, { - "name": "parent_process", + "name": "original_file_name", "type": "optional", + "comment": "Original name of the file, not including path." + }, + { + "name": "parent_process", + "type": "required", "comment": "The full command string of the parent process." }, { @@ -133,6 +179,11 @@ "type": "required", "comment": "The file path of the parent process, such as C:\\Windows\\System32\notepad.exe." }, + { + "name": "parent_process_hash", + "type": "optional", + "comment": "TThe digest(s) of the parent process, such as , , etc." + }, { "name": "process", "type": "required", @@ -145,7 +196,7 @@ }, { "name": "process_exec", - "type": "required", + "type": "optional", "comment": "The executable name of the process." }, { @@ -193,7 +244,7 @@ }, { "name": "vendor_product", - "type": "optional", + "type": "required", "comment": "The vendor and product name of the Endpoint solution that reported the event, such as Carbon Black Cb Response. This field can be automatically populated by vendor and product fields in your data." } ], @@ -222,6 +273,21 @@ "type": "required", "comment": "The endpoint pertaining to the filesystem activity." }, + { + "name": "dest_requires_av", + "type": "optional", + "comment": "This field is automatically provided by asset and identity correlation features of applications like Splunk Enterprise Security. Do not define extractions for this field when writing add-ons." + }, + { + "name": "dest_should_timesync", + "type": "optional", + "comment": "This field is automatically provided by asset and identity correlation features of applications like Splunk Enterprise Security. Do not define extractions for this field when writing add-ons." + }, + { + "name": "dest_should_update", + "type": "optional", + "comment": "This field is automatically provided by asset and identity correlation features of applications like Splunk Enterprise Security. Do not define extractions for this field when writing add-ons." + }, { "name": "file_access_time", "type": "optional", @@ -236,7 +302,7 @@ { "name": "file_hash", "type": "conditional", - "condition": "action=created or action=modified ", + "condition": "action=created or action=modified or action=read", "comment": "A cryptographic identifier assigned to the file object affected by the event." }, { @@ -263,7 +329,7 @@ }, { "name": "file_size", - "type": "optional", + "type": "required", "comment": "The size of the file that is the object of the event, in kilobytes." }, { @@ -283,7 +349,7 @@ }, { "name": "vendor_product", - "type": "optional", + "type": "required", "comment": "The vendor and product name of the Endpoint solution that reported the event, such as Carbon Black Cb Response. This field can be automatically populated by vendor and product fields in your data." } ], @@ -306,6 +372,21 @@ "type": "required", "comment": "The endpoint pertaining to the registry events." }, + { + "name": "dest_requires_av", + "type": "optional", + "comment": "This field is automatically provided by asset and identity correlation features of applications like Splunk Enterprise Security. Do not define extractions for this field when writing add-ons." + }, + { + "name": "dest_should_timesync", + "type": "optional", + "comment": "This field is automatically provided by asset and identity correlation features of applications like Splunk Enterprise Security. Do not define extractions for this field when writing add-ons." + }, + { + "name": "dest_should_update", + "type": "optional", + "comment": "This field is automatically provided by asset and identity correlation features of applications like Splunk Enterprise Security. Do not define extractions for this field when writing add-ons." + }, { "name": "process_guid", "type": "optional", @@ -386,7 +467,7 @@ }, { "name": "vendor_product", - "type": "optional", + "type": "required", "comment": "The vendor and product name of the Endpoint solution that reported the event, such as Carbon Black Cb Response. This field can be automatically populated by vendor and product fields in your data." } ], @@ -410,6 +491,21 @@ "validation": "", "comment": "The endpoint for which the service is installed." }, + { + "name": "dest_is_expected", + "type": "optional", + "comment": "The endpoint for which the service is installed." + }, + { + "name": "dest_requires_av", + "type": "optional", + "comment": "This field is automatically provided by asset and identity correlation features of applications like Splunk Enterprise Security. Do not define extractions for this field when writing add-ons." + }, + { + "name": "dest_should_timesync", + "type": "optional", + "comment": "This field is automatically provided by asset and identity correlation features of applications like Splunk Enterprise Security. Do not define extractions for this field when writing add-ons." + }, { "name": "process_guid", "type": "optional", @@ -521,7 +617,7 @@ }, { "name": "vendor_product", - "type": "optional", + "type": "required", "validation": "", "comment": "The vendor and product name of the Endpoint solution that reported the event, such as Carbon Black Cb Response. This field can be automatically populated by vendor and product fields in your data." } diff --git a/pytest_splunk_addon/data_models/Intrusion_Detection.json b/pytest_splunk_addon/data_models/Intrusion_Detection.json index 9bf6d339..8e720fc4 100644 --- a/pytest_splunk_addon/data_models/Intrusion_Detection.json +++ b/pytest_splunk_addon/data_models/Intrusion_Detection.json @@ -66,11 +66,21 @@ ], "comment": "The severity of the network protection event. This field is a string. Use a severity_id field (not included in this data model) for severity ID fields that are integer data types. Also, specific values are required for this field. Use vendor_severity for the vendor's own human readable severity strings, such as Good, Bad, and Really Bad." }, + { + "name": "severity_id", + "type": "optional", + "comment": "The numeric or vendor specific severity indicator corresponding to the event severity." + }, { "name": "signature", "type": "required", "comment": "The name of the intrusion detected on the client (the src), such as PlugAndPlay_BO and JavaScript_Obfuscation_Fre. This is a string value. Use a signature_id field (not included in this data model) for numeric indicators." }, + { + "name": "signature_id", + "type": "optional", + "comment": "The unique identifier or event code of the event signature." + }, { "name": "src", "type": "conditional", @@ -104,7 +114,7 @@ }, { "name": "vendor_product", - "type": "optional", + "type": "required", "comment": "The vendor and product name of the IDS or IPS system that detected the vulnerability, such as HP Tipping Point. This field can be automatically populated by vendor and product fields in your data." } ], diff --git a/pytest_splunk_addon/data_models/Malware.json b/pytest_splunk_addon/data_models/Malware.json index 57194624..30dca2b2 100644 --- a/pytest_splunk_addon/data_models/Malware.json +++ b/pytest_splunk_addon/data_models/Malware.json @@ -21,7 +21,7 @@ }, { "name": "date", - "type": "not_allowed_in_search", + "type": "optional", "comment": "The date of the malware event." }, { @@ -29,6 +29,16 @@ "type": "required", "comment": "The system that was affected by the malware event. You can alias this from more specific fields, such as dest_host, dest_ip, or dest_name." }, + { + "name": "dest_nt_domain", + "type": "optional", + "comment": "The NT domain of the destination, if applicable." + }, + { + "name": "dest_requires_av", + "type": "optional", + "comment": "This field is automatically provided by asset and identity correlation features of applications like Splunk Enterprise Security. Do not define extractions for this field when writing add-ons." + }, { "name": "file_hash", "type": "optional", @@ -45,20 +55,42 @@ "comment": "The full file path of the file with suspected malware" }, { - "name": "sender", + "name": "severity", + "type": "required", + "expected_values": [ + "critical", + "high", + "medium", + "low", + "informational" + ], + "comment":"The severity of a message." + }, + { + "name": "severity_id", "type": "optional", - "comment": "The reported sender of an email-based attack." + "comment": "The numeric or vendor specific severity indicator corresponding to the event severity." }, { "name": "signature", "type": "required", "comment": "The name of the malware infection detected on the client (the dest), such as Trojan.Vundo, Spyware.Gaobot, and W32.Nimbda" }, + { + "name": "signature_id", + "type": "optional", + "comment": "The unique identifier or event code of the event signature." + }, { "name": "src", - "type": "not_allowed_in_search", + "type": "optional", "comment": "The source of the event, such as a DAT file relay server. You can alias this from more specific fields, such as src_host, src_ip, or src_name." }, + { + "name": "src_user", + "type": "optional", + "comment": "The reported sender of an email-based attack." + }, { "name": "user", "type": "optional", @@ -71,7 +103,7 @@ }, { "name": "vendor_product", - "type": "optional", + "type": "required", "comment": "The hash of the file with suspected malware" } ], @@ -113,6 +145,16 @@ "type": "required", "comment": "The system where the malware operations event occurred" }, + { + "name": "dest_nt_domain", + "type": "optional", + "comment": "The NT domain of the dest system, if applicable." + }, + { + "name": "dest_requires_av", + "type": "optional", + "comment": "This field is automatically provided by asset and identity correlation features of applications like Splunk Enterprise Security. Do not define extractions for this field when writing add-ons." + }, { "name": "product_version", "type": "optional", diff --git a/pytest_splunk_addon/data_models/Network_Resolution.json b/pytest_splunk_addon/data_models/Network_Resolution.json index 34851935..e5a0f842 100644 --- a/pytest_splunk_addon/data_models/Network_Resolution.json +++ b/pytest_splunk_addon/data_models/Network_Resolution.json @@ -13,7 +13,7 @@ "fields_cluster": [], "fields": [{ "name": "additional_answer_count", - "type": "required", + "type": "optional", "validity": "if(isnum(additional_answer_count),additional_answer_count,null())", "comment": "Number of entries in the 'additional' section of the DNS message." }, @@ -31,7 +31,7 @@ }, { "name": "authority_answer_count", - "type": "required", + "type": "optional", "validity": "if(isnum(authority_answer_count),authority_answer_count,null())", "comment": "Number of entries in the 'authority' section of the DNS message." }, @@ -272,7 +272,7 @@ }, { "name": "vendor_product", - "type": "optional", + "type": "required", "comment": "The vendor product name of the DNS server. The Splunk platform can derive this field from the fields vendor and product in the raw data, if they exist." } ], diff --git a/pytest_splunk_addon/data_models/Network_Sessions.json b/pytest_splunk_addon/data_models/Network_Sessions.json index d869232a..87c5addb 100644 --- a/pytest_splunk_addon/data_models/Network_Sessions.json +++ b/pytest_splunk_addon/data_models/Network_Sessions.json @@ -11,7 +11,7 @@ { "name": "action", "type": "required", - "expected_values": ["added", "blocked"], + "expected_values": ["started", "ended", "blocked"], "comment": "The action taken by the reporting device." }, { @@ -29,6 +29,21 @@ "type": "required", "comment": "An indication of the type of network session event." }, + { + "name": "signature_id", + "type": "optional", + "comment": "The unique identifier or event code of the event signature." + }, + { + "name": "dest_nt_host", + "type": "optional", + "comment": "The NetBIOS name of the client initializing a network session." + }, + { + "name": "dest_dns", + "type": "optional", + "comment": "The domain name system address of the destination for a network session event." + }, { "name": "dest_priority", "type": "optional", @@ -51,15 +66,21 @@ "type": "optional", "comment": "The external domain name of the client initializing a network session. Not applicable for DHCP events." }, + { + "name": "src_nt_host", + "type": "optional", + "comment": "The NetBIOS name of the client initializing a network session. Not applicable for DHCP events." + }, { "name": "src_mac", "type": "optional", "condition": "tag != dhcp", + "validity": "if(match(src_mac,\"^([0-9A-F]{2}[:-]){5}([0-9A-F]{2})$\"),src_mac,null())", "comment": "The MAC address of the client initializing a network session. Not applicable for DHCP events.Note: Always force lower case on this field.Note: Always use colons instead of dashes, spaces, or no separator." }, { "name": "vendor_product", - "type": "optional", + "type": "required", "comment": "The full name of the Dynamic Host Configuration Protocol (DHCP) or DNS server involved in this event including vendor and product name, such as Microsoft DHCP or ISC BIND. This field is generated by combining the values of the vendor and product fields." }, { @@ -70,7 +91,8 @@ }, { "name": "user", - "type": "required", + "type": "conditional", + "condition": "tag=vpn", "comment": "The user in a network session event, where applicable. For example, a VPN session or an authenticated DHCP event." } ], @@ -105,7 +127,7 @@ }, { "name": "lease_scope", - "type": "required", + "type": "optional", "comment": "The consecutive range of possible IP addresses that the Dynamic Host Configuration Protocol (DHCP) server can lease to clients on a subnet. A lease_scope typically defines a single physical subnet on your network to which DHCP services are offered." }, { diff --git a/pytest_splunk_addon/data_models/Network_Traffic.json b/pytest_splunk_addon/data_models/Network_Traffic.json index be23dd3b..739370a5 100644 --- a/pytest_splunk_addon/data_models/Network_Traffic.json +++ b/pytest_splunk_addon/data_models/Network_Traffic.json @@ -63,15 +63,15 @@ { "name": "dest_ip", "type": "conditional", - "condition": "dest_ip=*", - "validity": "if(match(dest_ip, \"(?:(?:::ffff:)|(?:[0-9a-fA-F]{1,4}:){6}ffff:)\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}|(?>([a-f0-9]{1,4})(?>:(?1)){7}|(?!(?:.[a-f0-9](?>:|$)){8,})^((?1)(?>:(?1)){0,6})?::(?2)?(?!(?:.*[a-f0-9](?>:|$))))|(?>(?>(?1)(?>:(?1)){5}:|(?!(?:.*[a-f0-9]:){6,})(?3)?::(?>((?1)(?>:(?1)){0,4}):)?)?(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])(?>\\.(?4)){3})\"),dest_ip,null())", + "condition": "| where match(dest, \"(?:(?:::ffff:)|(?:[0-9a-fA-F]{1,4}:){6}ffff:)\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}|(?>([a-f0-9]{1,4})(?>:(?1)){7}|(?!(?:.[a-f0-9](?>:|$)){8,})^((?1)(?>:(?1)){0,6})?::(?2)?(?!(?:.*[a-f0-9](?>:|$))))|(?>(?>(?1)(?>:(?1)){5}:|(?!(?:.*[a-f0-9]:){6,})(?3)?::(?>((?1)(?>:(?1)){0,4}):)?)?(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])(?>\\.(?4)){3})\")", + "validity": "if((!isnull(dest_ip) AND dest == dest_ip), dest_ip, null())", "comment": "The IP address of the destination." }, { "name": "dest_mac", "type": "conditional", - "condition": "dest_mac=*", - "validity": "if(match(dest_mac,\"^([0-9A-F]{2}[:-]){5}([0-9A-F]{2})$\"),dest_mac,null())", + "condition": "| where match(dest,\"^([0-9A-F]{2}[:-]){5}([0-9A-F]{2})$\")", + "validity": "if((!isnull(dest_mac) AND dest_mac == dest), dest_mac, null())", "comment": "The destination TCP/IP layer 2 Media Access Control (MAC) address of a packet's destination, such as 06:10:9f:eb:8f:14. Note: Always force lower case on this field and use colons instead of dashes, spaces, or no separator." }, { @@ -121,6 +121,11 @@ "type": "optional", "comment": "The device TCP/IP layer 2 Media Access Control (MAC) address of a packet's destination, such as 06:10:9f:eb:8f:14. Note: Always force lower case on this field and use colons instead of dashes, spaces, or no separator." }, + { + "name": "dvc_ip", + "type": "optional", + "comment": "The ip address of the device." + }, { "name": "dvc_zone", "type": "optional", @@ -164,10 +169,16 @@ "validity": "if(isnum(packets_out),packets_out,null())", "comment": "The total count of packets transmitted by this device/interface." }, + { + "name": "process_id", + "type": "optional", + "comment": "The numeric identifier of the process (PID) or service generating the network traffic." + }, { "name": "protocol", "type": "conditional", "condition": "| where match(src, \"(?:(?:::ffff:)|(?:[0-9a-fA-F]{1,4}:){6}ffff:)\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}|(?>([a-f0-9]{1,4})(?>:(?1)){7}|(?!(?:.[a-f0-9](?>:|$)){8,})^((?1)(?>:(?1)){0,6})?::(?2)?(?!(?:.*[a-f0-9](?>:|$))))|(?>(?>(?1)(?>:(?1)){5}:|(?!(?:.*[a-f0-9]:){6,})(?3)?::(?>((?1)(?>:(?1)){0,4}):)?)?(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])(?>\\.(?4)){3})\") or match(dest, \"(?:(?:::ffff:)|(?:[0-9a-fA-F]{1,4}:){6}ffff:)\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}|(?>([a-f0-9]{1,4})(?>:(?1)){7}|(?!(?:.[a-f0-9](?>:|$)){8,})^((?1)(?>:(?1)){0,6})?::(?2)?(?!(?:.*[a-f0-9](?>:|$))))|(?>(?>(?1)(?>:(?1)){5}:|(?!(?:.*[a-f0-9]:){6,})(?3)?::(?>((?1)(?>:(?1)){0,4}):)?)?(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])(?>\\.(?4)){3})\")", + "validity": "case(protocol==\"icmp\" AND transport==\"icmp\",protocol ,protocol==\"ip\" AND (transport==\"tcp\" OR transport==\"udp\"),protocol,true(), null())", "expected_values": ["ip", "icmp"], "comment": "The OSI layer 3 (network) protocol of the traffic observed, in lower case. For example, ip, appletalk, ipx." }, @@ -218,12 +229,12 @@ }, { "name": "ssid", - "type": "not_allowed_in_search", + "type": "optional", "comment": "The 802.11 service set identifier (ssid) assigned to a wireless session." }, { "name": "wifi", - "type": "not_allowed_in_search", + "type": "optional", "comment": "The wireless standard(s) in use, such as 802.11a, 802.11b, 802.11g, or 802.11n." }, { @@ -249,8 +260,13 @@ "comment": "The user that requested the traffic flow." }, { - "name": "vendor_product", + "name": "vendor_account", "type": "optional", + "comment": "The account associated with the network traffic. The account represents the organization, or a Cloud customer or a Cloud account." + }, + { + "name": "vendor_product", + "type": "required", "comment": "The vendor and product of the device generating the network event. This field can be automatically populated by vendor and product fields in your data." }, { @@ -261,21 +277,23 @@ { "name": "transport", "type": "required", + "condition": "", + "validity": "case(protocol==\"icmp\" AND transport==\"icmp\",transport ,protocol==\"ip\" AND (transport==\"tcp\" OR transport==\"udp\"),transport,true(), null())", "expected_values": ["tcp", "udp", "icmp"], "comment": "The OSI layer 4 (transport) protocol of the traffic observed, in lower case." }, { "name": "src_ip", "type": "conditional", - "condition": "src_ip=*", - "validity": "if(match(src_ip, \"(?:(?:::ffff:)|(?:[0-9a-fA-F]{1,4}:){6}ffff:)\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}|(?>([a-f0-9]{1,4})(?>:(?1)){7}|(?!(?:.[a-f0-9](?>:|$)){8,})^((?1)(?>:(?1)){0,6})?::(?2)?(?!(?:.*[a-f0-9](?>:|$))))|(?>(?>(?1)(?>:(?1)){5}:|(?!(?:.*[a-f0-9]:){6,})(?3)?::(?>((?1)(?>:(?1)){0,4}):)?)?(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])(?>\\.(?4)){3})\"),src_ip,null())", + "condition": "| where match(src, \"(?:(?:::ffff:)|(?:[0-9a-fA-F]{1,4}:){6}ffff:)\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}|(?>([a-f0-9]{1,4})(?>:(?1)){7}|(?!(?:.[a-f0-9](?>:|$)){8,})^((?1)(?>:(?1)){0,6})?::(?2)?(?!(?:.*[a-f0-9](?>:|$))))|(?>(?>(?1)(?>:(?1)){5}:|(?!(?:.*[a-f0-9]:){6,})(?3)?::(?>((?1)(?>:(?1)){0,4}):)?)?(25[0-5]|2[0-4][0-9]|1[0-9]{2}|[1-9]?[0-9])(?>\\.(?4)){3})\")", + "validity": "if((!isnull(src_ip) AND src == src_ip), src_ip, null())", "comment": "The ip address of the source." }, { "name": "src_mac", "type": "conditional", - "condition": "src_mac=*", - "validity": "if(match(src_mac,\"^([0-9A-F]{2}[:-]){5}([0-9A-F]{2})$\"),src_mac,null())", + "condition": "| where match(src,\"^([0-9A-F]{2}[:-]){5}([0-9A-F]{2})$\")", + "validity": "if((!isnull(src_mac) AND src_mac == src), src_mac, null())", "comment": "The source TCP/IP layer 2 Media Access Control (MAC) address of a packet's destination, such as 06:10:9f:eb:8f:14. Note: Always force lower case on this field and use colons instead of dashes, spaces, or no separator." }, { diff --git a/pytest_splunk_addon/data_models/Updates.json b/pytest_splunk_addon/data_models/Updates.json index 7478acb9..ba8e3560 100644 --- a/pytest_splunk_addon/data_models/Updates.json +++ b/pytest_splunk_addon/data_models/Updates.json @@ -42,6 +42,11 @@ ], "comment":"The severity associated with the patch event." }, + { + "name": "severity_id", + "type": "optional", + "comment": "The numeric or vendor specific severity indicator corresponding to the event severity." + }, { "name": "signature", "type": "required", @@ -67,7 +72,7 @@ }, { "name": "vendor_product", - "type": "optional", + "type": "required", "comment":"The vendor and product of the patch monitoring product, such as Lumension Patch Manager. This field can be automatically populated by vendor and product fields in your data." } ], diff --git a/pytest_splunk_addon/data_models/Vulnerabilities.json b/pytest_splunk_addon/data_models/Vulnerabilities.json index 16bdcc20..96eb322a 100644 --- a/pytest_splunk_addon/data_models/Vulnerabilities.json +++ b/pytest_splunk_addon/data_models/Vulnerabilities.json @@ -69,11 +69,21 @@ ], "comment":"The severity of the vulnerability detection event. Specific values are required." }, + { + "name": "severity_id", + "type": "optional", + "comment": "The numeric or vendor specific severity indicator corresponding to the event severity." + }, { "name": "signature", "type": "required", "comment":"The name of the vulnerability detected on the host, such as HPSBMU02785 SSRT100526 rev.2 - HP LoadRunner Running on Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS)." }, + { + "name": "signature_id", + "type": "optional", + "comment": "The unique identifier or event code of the event signature." + }, { "name": "url", "type": "optional", @@ -86,7 +96,7 @@ }, { "name": "vendor_product", - "type": "optional", + "type": "required", "comment":"The vendor and product that detected the vulnerability. This field can be automatically populated by vendor and product fields in your data." }, { diff --git a/pytest_splunk_addon/data_models/Web.json b/pytest_splunk_addon/data_models/Web.json index 05807c28..0aaaf56a 100644 --- a/pytest_splunk_addon/data_models/Web.json +++ b/pytest_splunk_addon/data_models/Web.json @@ -115,6 +115,11 @@ "type": "required", "comment": "The URL of the requested HTTP resource." }, + { + "name": "url_domain", + "type": "required", + "comment": "The domain name contained within the URL of the requested HTTP resource." + }, { "name": "url_length", "type": "optional", @@ -144,6 +149,21 @@ "validity": "if(isnum(bytes_out),bytes_out,null())", "comment": "The number of outbound bytes transferred." }, + { + "name": "http_method", + "type": "required", + "expected_values": [ + "GET", + "PUT", + "POST", + "DELETE", + "HEAD", + "OPTIONS", + "CONNECT", + "TRACE" + ], + "comment": "The HTTP method used in the request." + }, { "name": "http_user_agent", "type": "required", @@ -172,21 +192,6 @@ "type": "optional", "comment": "The content-type of the requested HTTP resource." }, - { - "name": "http_content_type", - "type": "optional", - "expected_values": [ - "GET", - "PUT", - "POST", - "DELETE", - "HEAD", - "OPTIONS", - "CONNECT", - "TRACE" - ], - "comment": "The HTTP method used in the request." - }, { "name": "response_time", "type": "optional", @@ -205,7 +210,7 @@ }, { "name": "vendor_product", - "type": "optional", + "type": "required", "comment": "The vendor and product of the proxy server, such as Squid Proxy Server. This field can be automatically populated by vendor and product fields in your data." }, { @@ -218,6 +223,11 @@ "type": "optional", "comment": "The HTTP referrer used in the request. The W3C specification and many implementations misspell this as http_referer. Use a FIELDALIAS to handle both key names." }, + { + "name": "http_referrer_domain", + "type": "optional", + "comment": "The domain name contained within the HTTP referrer used in the request." + }, { "name": "site", "type": "optional", @@ -232,9 +242,34 @@ "fields": [], "child_dataset": [], "search_constraints": "tag=proxy" + }, + { + "name": "Storage", + "tags": [["storage", "web"]], + "fields_cluster": [], + "fields":[ + { + "name": "error_code", + "type": "optional", + "comment": "The error code that occurred while accessing the storage account" + }, + { + "name": "operation", + "type": "optional", + "comment": "The operation performed on the storage account." + }, + { + "name": "storage_name", + "type": "optional", + "comment": "The name of the bucket or storage account." + } + ], + "child_dataset": [], + "search_constraints": "tag=storage" + } ], "search_constraints": "tag=web" } ] -} +} \ No newline at end of file diff --git a/tests/e2e/constants.py b/tests/e2e/constants.py index ead3981c..5aaa9bad 100644 --- a/tests/e2e/constants.py +++ b/tests/e2e/constants.py @@ -771,6 +771,7 @@ '*test_splunk_app_req.py::Test_App::test_cim_required_fields[eventtype="test_auth"::Authentication::action* PASSED*', '*test_splunk_app_req.py::Test_App::test_cim_required_fields[eventtype="test_auth"::Authentication::app* PASSED*', '*test_splunk_app_req.py::Test_App::test_cim_required_fields[eventtype="test_auth"::Authentication::dest* PASSED*', + '*test_splunk_app_req.py::Test_App::test_cim_required_fields[eventtype="test_auth"::Authentication::src* PASSED*', '*test_splunk_app_req.py::Test_App::test_cim_required_fields[eventtype="test_auth"::Authentication::src_user* PASSED*', '*test_splunk_app_req.py::Test_App::test_cim_required_fields[eventtype="test_auth"::Authentication::user* PASSED*', '*test_splunk_app_req.py::Test_App::test_cim_required_fields[eventtype="test_auth"::Failed_Authentication* PASSED*', @@ -859,12 +860,12 @@ '*test_splunk_app_req_broken.py::Test_App::test_cim_required_fields[eventtype="net"::All_Traffic::src_port* PASSED*', '*test_splunk_app_req_broken.py::Test_App::test_cim_required_fields[eventtype="net"::All_Traffic::src_translated_ip* PASSED*', '*test_splunk_app_req_broken.py::Test_App::test_cim_required_fields[eventtype="net"::All_Traffic::src_translated_port* PASSED*', - '*test_splunk_app_req_broken.py::Test_App::test_cim_required_fields[eventtype="net"::All_Traffic::transport* PASSED*', '*test_splunk_app_req_broken.py::Test_App::test_cim_required_fields[eventtype="net"::Allowed_Traffic* PASSED*', '*test_splunk_app_req_broken.py::Test_App::test_cim_required_fields[eventtype="net"::Traffic_By_Action* PASSED*', '*test_splunk_app_req_broken.py::Test_App::test_cim_required_fields[eventtype="test_auth"::Authentication* PASSED*', '*test_splunk_app_req_broken.py::Test_App::test_cim_required_fields[eventtype="test_auth"::Authentication::action* PASSED*', '*test_splunk_app_req_broken.py::Test_App::test_cim_required_fields[eventtype="test_auth"::Authentication::app* PASSED*', + '*test_splunk_app_req_broken.py::Test_App::test_cim_required_fields[eventtype="test_auth"::Authentication::src* PASSED*', '*test_splunk_app_req_broken.py::Test_App::test_cim_required_fields[eventtype="test_auth"::Authentication::dest* PASSED*', '*test_splunk_app_req_broken.py::Test_App::test_cim_required_fields[eventtype="test_auth"::Authentication::src_user* PASSED*', '*test_splunk_app_req_broken.py::Test_App::test_cim_required_fields[eventtype="test_auth"::Authentication::user* PASSED*', @@ -906,7 +907,9 @@ '*test_splunk_app_req_broken.py::Test_App::test_cim_required_fields[eventtype="net"::All_Traffic::protocol* FAILED*', '*test_splunk_app_req_broken.py::Test_App::test_cim_required_fields[eventtype="net"::All_Traffic::src* FAILED*', '*test_splunk_app_req_broken.py::Test_App::test_cim_required_fields[eventtype="net"::All_Traffic::src_zone* FAILED*', + '*test_splunk_app_req_broken.py::Test_App::test_cim_required_fields[eventtype="net"::All_Traffic::transport* FAILED*', '*test_splunk_app_req_broken.py::Test_App::test_cim_required_fields[eventtype="net"::Blocked_Traffic* FAILED*', + '*test_splunk_app_req_broken.py::Test_App::test_cim_required_fields[eventtype="net"::All_Traffic::vendor_product* FAILED*', "*test_splunk_app_req_broken.py::Test_App::test_requirements_fields[sample_name::sample_modinput.xml::host::so13* FAILED*", "*test_splunk_app_req_broken.py::Test_App::test_cim_fields_recommended[Authentication-::sample_name::sample_modinput.xml::host::so11* FAILED*", "*test_splunk_app_req_broken.py::Test_App::test_datamodels[Network_Traffic::sample_name::syslog.xml::host::10.0.0.31* FAILED*", From 6acef89e7017f63930e0aba5c35946c638090e6f Mon Sep 17 00:00:00 2001 From: srv-rr-github-token <94607705+srv-rr-github-token@users.noreply.github.com> Date: Mon, 1 Jul 2024 13:34:32 +0000 Subject: [PATCH 17/29] chore(release): 5.3.0-beta.6 # [5.3.0-beta.6](https://github.com/splunk/pytest-splunk-addon/compare/v5.3.0-beta.5...v5.3.0-beta.6) (2024-07-01) ### Features * add support for CIM v5.3.2 ([#853](https://github.com/splunk/pytest-splunk-addon/issues/853)) ([5e7d1e8](https://github.com/splunk/pytest-splunk-addon/commit/5e7d1e89d1a9712d992f0accc5fd423571126525)) --- NOTICE | 2 +- pyproject.toml | 2 +- pytest_splunk_addon/__init__.py | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/NOTICE b/NOTICE index f88bf2a8..a197e6aa 100644 --- a/NOTICE +++ b/NOTICE @@ -9,7 +9,7 @@ The following 3rd-party software packages may be used by or distributed with pyt Date generated: 2024-7-1 -Revision ID: d68d20da8138a4b879e27a095bc452c4b81e9412 +Revision ID: 5e7d1e89d1a9712d992f0accc5fd423571126525 ================================================================================ ================================================================================ diff --git a/pyproject.toml b/pyproject.toml index 837e05e4..92baabe2 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -16,7 +16,7 @@ [tool.poetry] name = "pytest-splunk-addon" -version = "5.3.0-beta.5" +version = "5.3.0-beta.6" description = "A Dynamic test tool for Splunk Apps and Add-ons" authors = ["Splunk "] license = "APACHE-2.0" diff --git a/pytest_splunk_addon/__init__.py b/pytest_splunk_addon/__init__.py index 5d21e56e..e3cc4dbd 100644 --- a/pytest_splunk_addon/__init__.py +++ b/pytest_splunk_addon/__init__.py @@ -18,4 +18,4 @@ __author__ = """Splunk Inc.""" __email__ = "addonfactory@splunk.com" -__version__ = "5.3.0-beta.5" +__version__ = "5.3.0-beta.6" From 168b91563f21636a72b334c95c05fa56b59f2a79 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kamil=20K=C4=99dziak?= Date: Wed, 3 Jul 2024 10:04:37 +0200 Subject: [PATCH 18/29] feat: schema changes for LR notes (#862) --- .../sample_generation/schema.xsd | 2 + .../test_data/xmls/lr_incorrect.xml | 44 +++++++++++++++++++ .../test_data/xmls/lr_notes.xml | 43 ++++++++++++++++++ .../test_data/xmls/lr_without_notes.xml | 42 ++++++++++++++++++ .../tests_sample_generation/test_schema.py | 31 +++++++++++++ 5 files changed, 162 insertions(+) create mode 100644 tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_incorrect.xml create mode 100644 tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_notes.xml create mode 100644 tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_without_notes.xml create mode 100644 tests/unit/tests_standard_lib/tests_sample_generation/test_schema.py diff --git a/pytest_splunk_addon/sample_generation/schema.xsd b/pytest_splunk_addon/sample_generation/schema.xsd index 85da743a..2d82ee4a 100644 --- a/pytest_splunk_addon/sample_generation/schema.xsd +++ b/pytest_splunk_addon/sample_generation/schema.xsd @@ -83,6 +83,7 @@ + @@ -103,6 +104,7 @@ + diff --git a/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_incorrect.xml b/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_incorrect.xml new file mode 100644 index 00000000..b6de81f0 --- /dev/null +++ b/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_incorrect.xml @@ -0,0 +1,44 @@ + + + Microsoft + Sysmon + + + + HELLO + + + lab, index = * EventCode=19 + + Some event level note!!! + 19341900x8000000000000000114712Microsoft-Windows-Sysmon/Operationalserver1-WmiFilterEvent2023-08-24 08:52:46.443CreatedSERVER1\Administrator "root\\cimv2" "ServiceFilter_creation_for_EventID19" "select Look_ME_UP_eventID19 from __instanceModificationEvent within 5 where targetInstance isa 'non_existent'"]]> + + + Change:Endpoint_Changes + + + + + + + + + + + + + + + + + + command + object + object_attrs + object_id + object_path + result_id + + + + diff --git a/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_notes.xml b/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_notes.xml new file mode 100644 index 00000000..70169e35 --- /dev/null +++ b/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_notes.xml @@ -0,0 +1,43 @@ + + + Microsoft + Sysmon + + + + + + lab, index = * EventCode=19 + + Some event level note!!! + 19341900x8000000000000000114712Microsoft-Windows-Sysmon/Operationalserver1-WmiFilterEvent2023-08-24 08:52:46.443CreatedSERVER1\Administrator "root\\cimv2" "ServiceFilter_creation_for_EventID19" "select Look_ME_UP_eventID19 from __instanceModificationEvent within 5 where targetInstance isa 'non_existent'"]]> + + + Change:Endpoint_Changes + + + + + + + + + + + + + + + + + + command + object + object_attrs + object_id + object_path + result_id + + + + diff --git a/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_without_notes.xml b/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_without_notes.xml new file mode 100644 index 00000000..9343a6c8 --- /dev/null +++ b/tests/unit/tests_standard_lib/tests_sample_generation/test_data/xmls/lr_without_notes.xml @@ -0,0 +1,42 @@ + + + Microsoft + Sysmon + + + + + + lab, index = * EventCode=19 + + 19341900x8000000000000000114712Microsoft-Windows-Sysmon/Operationalserver1-WmiFilterEvent2023-08-24 08:52:46.443CreatedSERVER1\Administrator "root\\cimv2" "ServiceFilter_creation_for_EventID19" "select Look_ME_UP_eventID19 from __instanceModificationEvent within 5 where targetInstance isa 'non_existent'"]]> + + + Change:Endpoint_Changes + + + + + + + + + + + + + + + + + + command + object + object_attrs + object_id + object_path + result_id + + + + diff --git a/tests/unit/tests_standard_lib/tests_sample_generation/test_schema.py b/tests/unit/tests_standard_lib/tests_sample_generation/test_schema.py new file mode 100644 index 00000000..5ca87255 --- /dev/null +++ b/tests/unit/tests_standard_lib/tests_sample_generation/test_schema.py @@ -0,0 +1,31 @@ +import os.path + +import pytest +from xmlschema import XMLSchema, XMLSchemaChildrenValidationError + +from pytest_splunk_addon.sample_generation.pytest_splunk_addon_data_parser import ( + SCHEMA_PATH, +) + + +@pytest.fixture +def validator() -> XMLSchema: + return XMLSchema(SCHEMA_PATH) + + +def get_xml(name: str) -> str: + with open(os.path.join(os.path.dirname(__file__), "test_data", "xmls", name)) as fp: + return fp.read() + + +def test_validate_schema(validator): + validator.validate(get_xml("lr_without_notes.xml")) + + +def test_validate_schema_incorrect_event_element(validator): + with pytest.raises(XMLSchemaChildrenValidationError): + validator.validate(get_xml("lr_incorrect.xml")) + + +def test_validate_schema_notes(validator): + validator.validate(get_xml("lr_notes.xml")) From ea2443648309d04140b945f8869408e89bd52537 Mon Sep 17 00:00:00 2001 From: srv-rr-github-token <94607705+srv-rr-github-token@users.noreply.github.com> Date: Wed, 3 Jul 2024 08:32:20 +0000 Subject: [PATCH 19/29] chore(release): 5.3.0-beta.7 # [5.3.0-beta.7](https://github.com/splunk/pytest-splunk-addon/compare/v5.3.0-beta.6...v5.3.0-beta.7) (2024-07-03) ### Features * schema changes for LR notes ([#862](https://github.com/splunk/pytest-splunk-addon/issues/862)) ([168b915](https://github.com/splunk/pytest-splunk-addon/commit/168b91563f21636a72b334c95c05fa56b59f2a79)) --- NOTICE | 6 +++--- pyproject.toml | 2 +- pytest_splunk_addon/__init__.py | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/NOTICE b/NOTICE index a197e6aa..2906997f 100644 --- a/NOTICE +++ b/NOTICE @@ -7,9 +7,9 @@ The following 3rd-party software packages may be used by or distributed with pytest-splunk-addon. Any information relevant to third-party vendors listed below are collected using common, reasonable means. -Date generated: 2024-7-1 +Date generated: 2024-7-3 -Revision ID: 5e7d1e89d1a9712d992f0accc5fd423571126525 +Revision ID: 168b91563f21636a72b334c95c05fa56b59f2a79 ================================================================================ ================================================================================ @@ -5739,4 +5739,4 @@ No license text available -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -Report Generated by FOSSA on 2024-7-1 +Report Generated by FOSSA on 2024-7-3 diff --git a/pyproject.toml b/pyproject.toml index 92baabe2..92ab244e 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -16,7 +16,7 @@ [tool.poetry] name = "pytest-splunk-addon" -version = "5.3.0-beta.6" +version = "5.3.0-beta.7" description = "A Dynamic test tool for Splunk Apps and Add-ons" authors = ["Splunk "] license = "APACHE-2.0" diff --git a/pytest_splunk_addon/__init__.py b/pytest_splunk_addon/__init__.py index e3cc4dbd..f2b32d55 100644 --- a/pytest_splunk_addon/__init__.py +++ b/pytest_splunk_addon/__init__.py @@ -18,4 +18,4 @@ __author__ = """Splunk Inc.""" __email__ = "addonfactory@splunk.com" -__version__ = "5.3.0-beta.6" +__version__ = "5.3.0-beta.7" From a00fc81756ce302d264771452a4ccfd079c39f09 Mon Sep 17 00:00:00 2001 From: harshilgajera-crest <69803385+harshilgajera-crest@users.noreply.github.com> Date: Wed, 10 Jul 2024 20:21:07 +0530 Subject: [PATCH 20/29] fix: updating url rule (#864) Updated **url** rule so that if only url["path"] or url["query"] is given, just path and query is generated. EG: url["path"] will generate path like: "/random/path" EG: url["query"] will generate query like: "?asd=abs" --- pytest_splunk_addon/sample_generation/rule.py | 5 ++++- tests/e2e/addons/TA_fiction_indextime/default/props.conf | 4 ++++ tests/e2e/constants.py | 5 +++++ 3 files changed, 13 insertions(+), 1 deletion(-) diff --git a/pytest_splunk_addon/sample_generation/rule.py b/pytest_splunk_addon/sample_generation/rule.py index fc768714..8aeb5ac1 100644 --- a/pytest_splunk_addon/sample_generation/rule.py +++ b/pytest_splunk_addon/sample_generation/rule.py @@ -934,6 +934,8 @@ def replace(self, sample, token_count): url = self.fake.url() if bool(set(["full", "path"]).intersection(value_list)): + if value_list == ["path"]: + url = "" url = ( url + "/" @@ -944,8 +946,9 @@ def replace(self, sample, token_count): ] ) ) - if bool(set(["full", "query"]).intersection(value_list)): + if value_list == ["query"]: + url = "" url = url + self.generate_url_query_params() yield self.token_value(*([str(url)] * 2)) else: diff --git a/tests/e2e/addons/TA_fiction_indextime/default/props.conf b/tests/e2e/addons/TA_fiction_indextime/default/props.conf index d0225d57..9cd37397 100644 --- a/tests/e2e/addons/TA_fiction_indextime/default/props.conf +++ b/tests/e2e/addons/TA_fiction_indextime/default/props.conf @@ -12,6 +12,10 @@ FIELDALIAS-write_ops = w_op_s as write_ops EVAL-total_ops = read_ops + write_ops EVAL-vendor_product = if(isnull(vendor_product), "TEST_INDEX_TIME", vendor_product) +[test:indextime:sourcetype_basic] +EVAL-extracted_path = if(match(test_url_path,"^\/.*"), test_url_query, null) +EVAL-extracted_query = if(match(test_url_query,"^\?.*"), test_url_query, null) + [test:indextime:sourcetype:file_all_dependent] TRANSFORMS-sourcetype_file_all_dependent_change_host = sourcetype_file_all_dependent_change_host diff --git a/tests/e2e/constants.py b/tests/e2e/constants.py index 5aaa9bad..0fd69aeb 100644 --- a/tests/e2e/constants.py +++ b/tests/e2e/constants.py @@ -497,6 +497,11 @@ "*test_splunk_fiction_indextime.py::Test_App::test_indextime_key_fields*test:indextime:sourcetype:modinput_host_event_time_plugin::modinput_host_event_time_plugin.samples_2* PASSED*", "*test_splunk_fiction_indextime.py::Test_App::test_indextime_key_fields*test:indextime:sourcetype:user_email_relation_time_plugin::sample_file_two.samples* PASSED*", "*test_splunk_fiction_indextime.py::Test_App::test_indextime_key_fields*test:indextime:sourcetype_basic::sample-file-samples-13* PASSED*", + "*test_splunk_fiction_indextime.py::Test_App::test_props_fields[test:indextime:sourcetype_basic::field::extracted_query* PASSED*", + "*test_splunk_fiction_indextime.py::Test_App::test_props_fields[test:indextime:sourcetype_basic::field::extracted_path* PASSED*", + "*test_splunk_fiction_indextime.py::Test_App::test_props_fields[test:indextime:sourcetype_basic* PASSED*", + "*test_splunk_fiction_indextime.py::Test_App::test_props_fields_no_dash_not_empty[test:indextime:sourcetype_basic::field::extracted_path* PASSED*", + "*test_splunk_fiction_indextime.py::Test_App::test_props_fields_no_dash_not_empty[test:indextime:sourcetype_basic::field::extracted_query* PASSED*", "*test_splunk_fiction_indextime.py::Test_App::test_indextime_key_fields*test:indextime:sourcetype_basic::sample-file-samples-14* PASSED*", "*test_splunk_fiction_indextime.py::Test_App::test_indextime_key_fields*test:indextime:sourcetype_basic::sample-file-samples-15* PASSED*", "*test_splunk_fiction_indextime.py::Test_App::test_indextime_key_fields*test:indextime:sourcetype_basic::sample-file-samples-16* PASSED*", From ee5ef843511f16db2fc5a22ea8480062572573f1 Mon Sep 17 00:00:00 2001 From: srv-rr-github-token <94607705+srv-rr-github-token@users.noreply.github.com> Date: Wed, 10 Jul 2024 15:16:39 +0000 Subject: [PATCH 21/29] chore(release): 5.3.0-beta.8 # [5.3.0-beta.8](https://github.com/splunk/pytest-splunk-addon/compare/v5.3.0-beta.7...v5.3.0-beta.8) (2024-07-10) ### Bug Fixes * updating url rule ([#864](https://github.com/splunk/pytest-splunk-addon/issues/864)) ([a00fc81](https://github.com/splunk/pytest-splunk-addon/commit/a00fc81756ce302d264771452a4ccfd079c39f09)) --- NOTICE | 6 +++--- pyproject.toml | 2 +- pytest_splunk_addon/__init__.py | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/NOTICE b/NOTICE index 2906997f..bf557c79 100644 --- a/NOTICE +++ b/NOTICE @@ -7,9 +7,9 @@ The following 3rd-party software packages may be used by or distributed with pytest-splunk-addon. Any information relevant to third-party vendors listed below are collected using common, reasonable means. -Date generated: 2024-7-3 +Date generated: 2024-7-10 -Revision ID: 168b91563f21636a72b334c95c05fa56b59f2a79 +Revision ID: a00fc81756ce302d264771452a4ccfd079c39f09 ================================================================================ ================================================================================ @@ -5739,4 +5739,4 @@ No license text available -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -Report Generated by FOSSA on 2024-7-3 +Report Generated by FOSSA on 2024-7-10 diff --git a/pyproject.toml b/pyproject.toml index 92ab244e..e0e14670 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -16,7 +16,7 @@ [tool.poetry] name = "pytest-splunk-addon" -version = "5.3.0-beta.7" +version = "5.3.0-beta.8" description = "A Dynamic test tool for Splunk Apps and Add-ons" authors = ["Splunk "] license = "APACHE-2.0" diff --git a/pytest_splunk_addon/__init__.py b/pytest_splunk_addon/__init__.py index f2b32d55..199ef41c 100644 --- a/pytest_splunk_addon/__init__.py +++ b/pytest_splunk_addon/__init__.py @@ -18,4 +18,4 @@ __author__ = """Splunk Inc.""" __email__ = "addonfactory@splunk.com" -__version__ = "5.3.0-beta.7" +__version__ = "5.3.0-beta.8" From 91fd95d1c971c112717a87b7304663b86378299f Mon Sep 17 00:00:00 2001 From: harshilgajera-crest <69803385+harshilgajera-crest@users.noreply.github.com> Date: Thu, 11 Jul 2024 13:40:17 +0530 Subject: [PATCH 22/29] feat: adding new data models (#863) Added new data models: - Compute_Inventory - Data_Access - Databases - Event_Signatures - Interprocess Messaging - JVM - Performance - Ticket_Management Updated version in requirement_test_datamodel_tag_constants.py file --- .../data_models/Compute_Inventory.json | 405 +++++++++++++++ .../data_models/Data_Access.json | 192 +++++++ .../data_models/Databases.json | 490 ++++++++++++++++++ .../data_models/Event_Signatures.json | 37 ++ .../data_models/Interprocess Messaging.json | 194 +++++++ pytest_splunk_addon/data_models/JVM.json | 332 ++++++++++++ .../data_models/Performance.json | 314 +++++++++++ .../data_models/Ticket_Management.json | 129 +++++ ...equirement_test_datamodel_tag_constants.py | 2 +- 9 files changed, 2094 insertions(+), 1 deletion(-) create mode 100644 pytest_splunk_addon/data_models/Compute_Inventory.json create mode 100644 pytest_splunk_addon/data_models/Data_Access.json create mode 100644 pytest_splunk_addon/data_models/Databases.json create mode 100644 pytest_splunk_addon/data_models/Event_Signatures.json create mode 100644 pytest_splunk_addon/data_models/Interprocess Messaging.json create mode 100644 pytest_splunk_addon/data_models/JVM.json create mode 100644 pytest_splunk_addon/data_models/Performance.json create mode 100644 pytest_splunk_addon/data_models/Ticket_Management.json diff --git a/pytest_splunk_addon/data_models/Compute_Inventory.json b/pytest_splunk_addon/data_models/Compute_Inventory.json new file mode 100644 index 00000000..a08e5606 --- /dev/null +++ b/pytest_splunk_addon/data_models/Compute_Inventory.json @@ -0,0 +1,405 @@ +{ + "model_name": "Compute_Inventory", + "version": "1.0.0", + "objects": [ + { + "name": "All_Inventory", + "tags": [["inventory"] + ], + "fields_cluster": [], + "search_constraints": "tag=inventory (tag=cpu OR tag=memory OR tag=network OR tag=storage OR (tag=system tag=version) OR tag=user OR tag=virtual)", + "fields": [ + { + "name": "dest", + "type": "required", + "comment": "The system where the data originated, the source of the event. You can alias this from more specific fields, such as dest_host, dest_ip, or dest_name." + }, + { + "name": "description", + "type": "optional", + "comment": "The description of the inventory system." + }, + { + "name": "dest_bunit", + "type": "optional", + "comment": "The business unit of the system where the data originated. This field is automatically provided by asset and identity correlation features of applications like Splunk Enterprise Security. Do not define extractions for this field when writing add-ons." + }, + { + "name": "dest_category", + "type": "optional", + "comment": "The category of the system where the data originated, such as email_server or SOX-compliant. This field is automatically provided by asset and identity correlation features of applications like Splunk Enterprise Security. Do not define extractions for this field when writing add-ons." + }, + { + "name": "dest_priority", + "type": "optional", + "comment": "The priority of the system where the data originated." + }, + { + "name": "enabled", + "type": "optional", + "comment": "Indicates whether the resource is enabled or disabled." + }, + { + "name": "family", + "type": "optional", + "comment": "The product family of the resource, such as 686_64 or RISC." + }, + { + "name": "hypervisor_id", + "type": "optional", + "comment": "The hypervisor identifier, if applicable." + }, + { + "name": "serial", + "type": "optional", + "comment": "The serial number of the resource." + }, + { + "name": "status", + "type": "optional", + "comment": "The current reported state of the resource." + }, + { + "name": "version", + "type": "optional", + "comment": "The version of a computer resource, such as 2008r2 or 3.0.0." + }, + { + "name": "tag", + "type": "optional", + "comment": "This automatically generated field is used to access tags from within data models. Add-on builders do not need to populate it." + }, + { + "name": "vendor_product", + "type": "required", + "comment": "The vendor and product name of the resource, such as Cisco Catalyst 3850. This field can be automatically populated by vendor and product fields in your data." + } + ], + "child_dataset": [ + { + "name": "CPU", + "tags": [ + ["cpu","inventory"] + ], + "fields_cluster": [], + "search_constraints": "tag=cpu", + "fields": [ + { + "name": "cpu_cores", + "type": "required", + "comment": "The number of CPU cores reported by the resource (total, not per CPU)." + }, + { + "name": "cpu_count", + "type": "required", + "comment": "The number of CPUs reported by the resource." + }, + { + "name": "cpu_mhz", + "type": "required", + "comment": "The maximum speed of the CPU reported by the resource (in megahertz)." + } + ], + "child_dataset": [] + }, + { + "name": "Memory", + "tags": [["memory"] + ], + "fields_cluster": [], + "search_constraints": "tag=memory", + "fields": [ + { + "name": "mem", + "type": "required", + "comment": "The total amount of memory installed in or allocated to the resource, in megabytes." + } + ], + "child_dataset": [] + }, + { + "name": "Network", + "tags": [ + ["network", "inventory"] + ], + "fields_cluster": [], + "search_constraints": "tag=network", + "fields": [ + { + "name": "dns", + "type": "required", + "comment": "The domain name server for the resource." + }, + { + "name": "interface", + "type": "required", + "comment": "The network interfaces of the computing resource, such as eth0, eth1 or Wired Ethernet Connection, Teredo Tunneling Pseudo-Interface." + }, + { + "name": "ip", + "type": "required", + "comment": "The network addresses of the computing resource, such as 192.168.1.1 or E80:0000:0000:0000:0202:B3FF:FE1E:8329." + }, + { + "name": "dest_ip", + "type": "optional", + "comment": "The IP address for the system that the data is going to." + }, + { + "name": "src_ip", + "type": "optional", + "comment": "The IP address for the system from which the data originates." + }, + { + "name": "mac", + "type": "required", + "comment": "A MAC (media access control) address associated with the resource, such as 06:10:9f:eb:8f:14. Note: Always force lower case on this field and use colons instead of dashes, spaces, or no separator." + }, + { + "name": "lb_method", + "type": "optional", + "comment": "The load balancing method used by the computing resource such as method, round robin, or least weight." + }, + { + "name": "node", + "type": "optional", + "comment": "Represents a node hit." + }, + { + "name": "inline_nat", + "type": "optional", + "comment": "Identifies whether the resource is a network address translation pool." + }, + { + "name": "vip_port", + "type": "optional", + "comment": "The port number for the virtual IP address (VIP). A VIP allows multiple MACs to use one IP address. VIPs are often used by load balancers." + }, + { + "name": "node_port", + "type": "optional", + "comment": "The number of the destination port on the server that you requested from." + }, + { + "name": "name", + "type": "required", + "comment": "A name field provided in some data sources." + } + ], + "child_dataset": [] + }, + { + "name": "Storage", + "tags": [["storage", "inventory"] + ], + "fields_cluster": [], + "search_constraints": "tag=storage", + "fields": [ + { + "name": "array", + "type": "optional", + "comment": "The array that the storage resource is a member of, if applicable." + }, + { + "name": "blocksize", + "type": "optional", + "comment": "The block size used by the storage resource, in kilobytes." + }, + { + "name": "cluster", + "type": "optional", + "comment": "The index cluster that the resource is a member of, if applicable." + }, + { + "name": "fd_max", + "type": "optional", + "comment": "The maximum number of file descriptors available." + }, + { + "name": "latency", + "type": "optional", + "comment": "The latency reported by the resource, in milliseconds." + }, + { + "name": "mount", + "type": "required", + "comment": "The path at which a storage resource is mounted." + }, + { + "name": "parent", + "type": "optional", + "comment": "A higher level object that this resource is owned by, if applicable." + }, + { + "name": "read_blocks", + "type": "optional", + "comment": "The maximum possible number of blocks read per second during a polling period." + }, + { + "name": "read_latency", + "type": "optional", + "comment": "For a polling period, the average amount of time elapsed until a read request is filled by the host disks (in ms)." + }, + { + "name": "read_ops", + "type": "optional", + "comment": "The total number of read operations in the polling period." + }, + { + "name": "storage", + "type": "required", + "comment": "The amount of storage capacity allocated to the resource, in megabytes." + }, + { + "name": "write_blocks", + "type": "optional", + "comment": "The maximum possible number of blocks written per second during a polling period." + }, + { + "name": "write_latency", + "type": "optional", + "comment": "For a polling period, the average amount of time elapsed until a write request is filled by the host disks (in ms)." + }, + { + "name": "write_ops", + "type": "optional", + "comment": "The total number of write operations in the polling period." + } + ], + "child_dataset": [] + }, + { + "name": "OS", + "tags": [ + ["system", "version", "inventory"] + ], + "fields_cluster": [], + "search_constraints": "tag=system OR tag=version", + "fields": [ + { + "name": "os", + "type": "required", + "comment": "The operating system of the resource, such as Microsoft Windows Server 2008r2. This field is constructed from vendor_product and version fields." + } + ], + "child_dataset": [] + }, + { + "name": "User", + "tags": [ + ["user", "inventory"] + ], + "fields_cluster": [], + "search_constraints": "tag=user", + "fields": [ + { + "name": "shell", + "type": "optional", + "comment": "Indicates the shell program used by a locally defined account." + }, + { + "name": "user_bunit", + "type": "optional", + "comment": "The business unit of the locally-defined user account. This field is automatically provided by asset and identity correlation features of applications like Splunk Enterprise Security. Do not define extractions for this field when writing add-ons." + }, + { + "name": "user_category", + "type": "optional", + "comment": "The category of the system where the data originated, such as email_server or SOX-compliant. This field is automatically provided by asset and identity correlation features of applications like Splunk Enterprise Security. Do not define extractions for this field when writing add-ons." + }, + { + "name": "user_id", + "type": "optional", + "comment": "The user identification for a locally defined account." + }, + { + "name": "user_priority", + "type": "optional", + "comment": "The priority of a locally-defined account." + }, + { + "name": "interactive", + "type": "required", + "comment": "Indicates whether a locally defined account on a resource can be interactively logged in." + }, + { + "name": "password", + "type": "required", + "comment": "Displays the stored password(s) for a locally defined account, if it has any. For instance, an add-on may report the password column from \/etc\/passwd in this field" + }, + { + "name": "user", + "type": "required", + "comment": "The full name of a locally defined account." + } + ], + "child_dataset": [ + { + "name": "Cleartext_Passwords", + "tags": [ + ["user", "inventory"] + ], + "fields_cluster": [], + "search_constraints": "password=*", + "fields": [], + "child_dataset": [] + }, + { + "name": "Default_Accounts", + "tags": [ + ["user", "inventory", "default"] + ], + "fields_cluster": [], + "search_constraints": "tag=default", + "fields": [], + "child_dataset": [] + } + ] + }, + { + "name": "Virtual_OS", + "tags": [ + ["virtual", "inventory"] + ], + "fields_cluster": [], + "search_constraints": "tag=virtual", + "fields": [ + { + "name": "hypervisor", + "type": "required", + "comment": "The hypervisor parent of a virtual guest OS." + } + ], + "child_dataset": [ + { + "name": "Snapshot", + "tags": [ + ["snapshot", "virtual", "inventory"] + ], + "fields_cluster": [], + "search_constraints": "tag=snapshot", + "fields": [ + { + "name": "size", + "type": "required", + "comment": "The snapshot file size, in megabytes." + }, + { + "name": "snapshot", + "type": "required", + "comment": "The name of a snapshot file." + }, + { + "name": "time", + "type": "optional", + "comment": "The time at which the snapshot was taken." + } + ], + "child_dataset": [] + } + ] + } + ] + } + ] +} \ No newline at end of file diff --git a/pytest_splunk_addon/data_models/Data_Access.json b/pytest_splunk_addon/data_models/Data_Access.json new file mode 100644 index 00000000..bb9ddae9 --- /dev/null +++ b/pytest_splunk_addon/data_models/Data_Access.json @@ -0,0 +1,192 @@ +{ + "model_name": "Data_Access", + "version": "1.0.0", + "objects": [ + { + "name": "Data_Access", + "tags": [ + ["data", "access"] + ], + "fields_cluster": [], + "search_constraints": "tag=data tag=access", + "fields": [ + { + "name": "action", + "type": "required", + "comment": "The data access action taken by the user." + }, + { + "name": "app", + "type": "required", + "comment": "he system, service, or application that generated the data access event. Examples include Onedrive, Sharepoint, drive, AzureActiveDirectory." + }, + { + "name": "application_id", + "type": "optional", + "comment": "Application ID of the user" + }, + { + "name": "object", + "type": "required", + "comment": "Resource object name on which the action was performed by a user." + }, + { + "name": "object_attrs", + "type": "required", + "comment": "The attributes that were updated on the updated resource object, if applicable." + }, + { + "name": "object_category", + "type": "required", + "comment": "Generic name for the class of the updated resource object. Expected values may be specific to an app." + }, + { + "name": "object_id", + "type": "required", + "comment": "The unique updated resource object ID as presented to the system, if applicable. For example, a source_folder_id, doc_id." + }, + { + "name": "object_path", + "type": "optional", + "comment": "The path of the modified resource object, if applicable, such as a file, directory, or volume." + }, + { + "name": "object_size", + "type": "required", + "comment": "The size of the modified resource object." + }, + { + "name": "dest", + "type": "required", + "comment": "The destination where the data resides or where it is being accessed, such as the product or application. You can alias this from more specific fields not included in this data model, such as dest_host, dest_ip, dest_url or dest_name." + }, + { + "name": "dest_name", + "type": "optional", + "comment": "Name of the destination as defined by the Vendor." + }, + { + "name": "dest_url", + "type": "optional", + "comment": "Url of the product, application or object." + }, + { + "name": "dvc", + "type": "optional", + "comment": "The device that reported the data access event." + }, + { + "name": "email", + "type": "optional", + "comment": "The email address of the user involved in the event, or who initiated the event." + }, + { + "name": "owner", + "type": "optional", + "comment": "Resource owner." + }, + { + "name": "owner_id", + "type": "optional", + "comment": "ID of the owner as defined by the vendor." + }, + { + "name": "owner_email", + "type": "optional", + "comment": "Email of the resource owner." + }, + { + "name": "parent_object", + "type": "optional", + "comment": "Parent of the object name on which the action was performed by a user." + }, + { + "name": "parent_object_category", + "type": "optional", + "comment": "Object category of the parent object on which action was performed by a user." + }, + { + "name": "parent_object_id", + "type": "optional", + "comment": "Object id of the parent object on which the action was performed by a user." + }, + { + "name": "signature", + "type": "optional", + "comment": "A human-readable signature name." + }, + { + "name": "signature_id", + "type": "optional", + "comment": "The unique identifier or event code of the event signature." + }, + { + "name": "src", + "type": "required", + "comment": "The endpoint client host." + }, + { + "name": "user_agent", + "type": "optional", + "comment": "The user agent through which the request was made, such as Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) or aws-cli/2.0.0 Python/3.7.4 Darwin/18.7.0 botocore/2.0.0dev4." + }, + { + "name": "user_email", + "type": "optional", + "comment": "The email address of the user involved in the event, or who initiated the event." + }, + { + "name": "user_group", + "type": "optional", + "comment": "The group of the user involved in the event, or who initiated the event." + }, + { + "name": "user_id", + "type": "optional", + "comment": "The unique id of the user involved in the event. For authentication privilege escalation events, this should represent the user targeted by the escalation." + }, + { + "name": "user_name", + "type": "required", + "comment": "The user name of the user or entity performing the change. For account changes, this is the account that was changed (see src_user_name for user or entity performing the change)" + }, + { + "name": "user_role", + "type": "optional", + "comment": "The role of the user involved in the event, or who initiated the event." + }, + { + "name": "user_type", + "type": "optional", + "comment": "The type of the user involved in the event or who initiated the event, such as IAMUser, Admin, or System. For account management events, this should represent the type of the user changed by the request." + }, + { + "name": "vendor_account", + "type": "required", + "comment": "The account that manages the user that initiated the request." + }, + { + "name": "vendor_product_id", + "type": "optional", + "comment": "The vendor and product name ID as defined by the vendor." + }, + { + "name": "vendor_region", + "type": "optional", + "comment": "The data center region where the change occurred, such as us-west-2." + }, + { + "name": "user", + "type": "required", + "comment": "The user involved in the event, or who initiated the event." + }, + { + "name": "vendor_product", + "type": "required", + "comment": "The vendor and product name of the vendor." + } + ], + "child_dataset": [] + } + ] +} \ No newline at end of file diff --git a/pytest_splunk_addon/data_models/Databases.json b/pytest_splunk_addon/data_models/Databases.json new file mode 100644 index 00000000..00df6911 --- /dev/null +++ b/pytest_splunk_addon/data_models/Databases.json @@ -0,0 +1,490 @@ +{ + "model_name": "Databases", + "version": "1.0.0", + "objects": [ + { + "name": "All_Databases", + "tags": [["database"]], + "fields_cluster": [], + "search_constraints": "tag=database", + "fields": [ + { + "name": "dest", + "type": "optional", + "comment": "The destination of the database event. You can alias this from more specific fields, such as dest_host, dest_ip, or dest_name." + }, + { + "name": "dest_bunit", + "type": "optional", + "comment": "The business unit of the destination." + }, + { + "name": "dest_category", + "type": "optional", + "comment": "The category of the destination." + }, + { + "name": "dest_priority", + "type": "optional", + "comment": "The priority of the destination." + }, + { + "name": "duration", + "type": "optional", + "comment": "The amount of time for the completion of the database event, in seconds." + }, + { + "name": "object", + "type": "optional", + "comment": "The name of the database object." + }, + { + "name": "response_time", + "type": "optional", + "comment": "The amount of time it took to receive a response in the database event, in seconds." + }, + { + "name": "src", + "type": "optional", + "comment": "The source of the database event. You can alias this from more specific fields, such as src_host, src_ip, or src_name." + }, + { + "name": "src_bunit", + "type": "optional", + "comment": "The business unit of the source." + }, + { + "name": "src_category", + "type": "optional", + "comment": "The category of the source." + }, + { + "name": "src_priority", + "type": "optional", + "comment": "The priority of the source." + }, + { + "name": "tag", + "type": "optional", + "comment": "This automatically generated field is used to access tags from within data models. Add-on builders do not need to populate it." + }, + { + "name": "user", + "type": "optional", + "comment": "Name of the database process user." + }, + { + "name": "user_bunit", + "type": "optional", + "comment": "The business unit of the user." + }, + { + "name": "user_category", + "type": "optional", + "comment": "The category associated with the user." + }, + { + "name": "user_priority", + "type": "optional", + "comment": "The priority of the user." + }, + { + "name": "vendor_product", + "type": "optional", + "comment": "The vendor and product name of the database system. This field can be automatically populated by vendor and product fields in your data." + } + ], + "child_dataset": [ + { + "name": "Database_Instance", + "tags": [ + ["instance", "database"] + ], + "search_constraints":"tag=instance", + "fields_cluster":[], + "fields":[ + { + "name": "instance_name", + "type": "optional", + "comment": "The name of the database instance." + }, + { + "name": "instance_version", + "type": "optional", + "comment": "The version of the database instance." + }, + { + "name": "session_limit", + "type": "optional", + "comment": "The maximum number of sessions that the database instance can handle." + }, + { + "name": "process_limit", + "type": "optional", + "comment": "The maximum number of processes that the database instance can handle." + } + ], + "child_dataset": [ + { + "name": "Instance_Stats", + "tags": [ + ["stats", "instance", "database"] + ], + "search_constraints":"tag=stats", + "fields_cluster":[], + "fields":[ + { + "name": "availability", + "type": "optional", + "expected_values": [ + "Available", + "Not Available" + ], + "comment": "The status of the database server." + }, + { + "name": "avg_executions", + "type": "optional", + "comment": "The average number of executions for the database instance." + }, + { + "name": "dump_area_used", + "type": "optional", + "comment": "The amount of the database dump area that has been used." + }, + { + "name": "number_of_users", + "type": "optional", + "comment": "The total number of users for the database instance." + }, + { + "name": "start_time", + "type": "optional", + "comment": "The total amount of uptime for the database instance." + }, + { + "name": "sessions", + "type": "optional", + "comment": "The total number of sessions currently in use for the database instance." + }, + { + "name": "processes", + "type": "optional", + "comment": "The number of processes currently running for the database instance." + }, + { + "name": "tablespace_used", + "type": "optional", + "comment": "The total amount of tablespace used for the database instance, in bytes." + }, + { + "name": "instance_reads", + "type": "optional", + "comment": "The total number of reads for the database instance." + }, + { + "name": "instance_writes", + "type": "optional", + "comment": "The total number of writes for the database instance." + }, + { + "name": "sga_buffer_cache_size", + "type": "optional", + "comment": "The total size of the buffer cache for the database instance, in bytes." + }, + { + "name": "sga_data_dict_hit_ratio", + "type": "optional", + "comment": "The hit-to-miss ratio for the database instance's data dictionary." + }, + { + "name": "sga_buffer_hit_limit", + "type": "optional", + "comment": "The maximum number of buffers that can be hit in the database instance without finding a free buffer." + }, + { + "name": "sga_library_cache_size", + "type": "optional", + "comment": "The total library cache size for the database instance, in bytes." + }, + { + "name": "sga_fixed_area_size", + "type": "optional", + "comment": "The size of the fixed area (also referred to as the fixed SGA) for the database instance, in bytes." + }, + { + "name": "sga_free_memory", + "type": "optional", + "comment": "The total amount of free memory in the database instance SGA, in bytes." + }, + { + "name": "sga_shared_pool_size", + "type": "optional", + "comment": "The total size of the shared pool for this database instance, in bytes." + }, + { + "name": "sga_redo_log_buffer_size", + "type": "optional", + "comment": "The total size of the redo log buffer for the database instance, in bytes." + }, + { + "name": "sga_sql_area_size", + "type": "optional", + "comment": "The total size of the SQL area for this database instance, in bytes." + } + ], + "child_dataset": [] + }, + { + "name": "Session_Info", + "tags": [ + ["session", "database", "database"] + ], + "search_constraints":"tag=session", + "fields_cluster":[], + "fields":[ + { + "name": "session_id", + "type": "optional", + "comment": "The unique id that identifies the session." + }, + { + "name": "session_status", + "type": "optional", + "expected_values": [ + "Online", + "Offline" + ], + "comment": "The current status of the session." + }, + { + "name": "machine", + "type": "optional", + "comment": "The name of the logical host associated with the database instance." + }, + { + "name": "elapsed_time", + "type": "optional", + "comment": "The total amount of time elapsed since the user started the session by logging into the database server, in seconds." + }, + { + "name": "cpu_used", + "type": "optional", + "comment": "The number of CPU centiseconds used by the session. Divide this value by 100 to get the CPU seconds." + }, + { + "name": "memory_sorts", + "type": "optional", + "comment": "The total number of memory sorts performed during the session." + }, + { + "name": "table_scans", + "type": "optional", + "comment": "Number of table scans performed during the session." + }, + { + "name": "physical_reads", + "type": "optional", + "comment": "The total number of physical reads performed during the session." + }, + { + "name": "logical_reads", + "type": "optional", + "comment": "The total number of consistent gets and database block gets performed during the session." + }, + { + "name": "commits", + "type": "optional", + "comment": "The number of commits per second performed by the user associated with the session." + }, + { + "name": "cursor", + "type": "optional", + "comment": "The number of the cursor currently in use by the session." + }, + { + "name": "buffer_cache_hit_ratio", + "type": "optional", + "comment": "The percentage of logical reads from the buffer during the session (1-physical reads\/session logical reads*100)." + }, + { + "name": "wait_state", + "type": "optional", + "expected_values": [ + "WAITING", + "WAITED UNKNOWN", + "WAITED SHORT TIME", + "WAITED KNOWN TIME" + ], + "comment": "Provides the current wait state for the session. Can indicate that the session is currently waiting or provide information about the session's last wait. WAITING indicates the session is currently waiting, WAITED UNKNOWN TIME indicates the duration of the last session wait is unknown, WAITED SHORT TIME indicates the last session wait was < 1\/100th of a second, WAITED KNOWN TIME indicates the wait_time is the duration of the last session wait." + }, + { + "name": "wait_time", + "type": "optional", + "comment": "When wait_time = 0, the session is waiting. When wait_time has a nonzero value, it is displaying the last wait time for the session." + }, + { + "name": "seconds_in_wait", + "type": "optional", + "comment": "The seconds_in_wait depends on the value of wait_time. If wait_time = 0, seconds_in_wait is the number of seconds spent in the current wait condition. If wait_time has a nonzero value, seconds_in_wait is the number of seconds that have elapsed since the start of the last wait. You can get the active seconds that have elapsed since the last wait ended by calculating seconds_in_wait - wait_time \/ 100." + } + ], + "child_dataset": [] + + }, + { + "name": "Lock_Info", + "tags": [ + ["lock", "instance", "database"] + ], + "search_constraints":"tag=lock", + "fields_cluster":[], + "fields":[ + { + "name": "obj_name", + "type": "optional", + "comment": "The name of the locked object." + }, + { + "name": "lock_session_id", + "type": "optional", + "comment": "The session identifier of the locked object." + }, + { + "name": "serial_num", + "type": "optional", + "comment": "The serial number of the object." + }, + { + "name": "lock_mode", + "type": "optional", + "comment": "The mode of the lock on the object." + }, + { + "name": "os_pid", + "type": "optional", + "comment": "The process identifier for the operating system." + }, + { + "name": "last_call_minute", + "type": "optional", + "comment": "Represents the amount of time elapsed since the session_status changed to its current status. The definition of this field depends on the session_status value. If session_status = ONLINE, the last_call_minute value represents the time elapsed since the session became active. If session_status = OFFLINE, the last_call_minute value represents the time elapsed since the session became inactive." + }, + { + "name": "logon_time", + "type": "optional", + "comment": "The database logon time for the session." + } + ], + "child_dataset": [] + } + ] + + }, + { + "name": "Database_Query", + "tags": [ + ["query", "database"] + ], + "search_constraints":"tag=query", + "fields_cluster":[], + "fields":[ + { + "name": "query", + "type": "optional", + "comment": "The full database query." + }, + { + "name": "query_id", + "type": "optional", + "comment": "The identifier for the database query." + }, + { + "name": "query_time", + "type": "optional", + "comment": "The time the system initiated the database query." + }, + { + "name": "records_affected", + "type": "optional", + "comment": "The number of records affected by the database query." + } + ], + "child_dataset": [ + { + "name": "Tablespace", + "tags": [ + ["tablespace", "query", "database"] + ], + "search_constraints":"tag=tablespace", + "fields_cluster":[], + "fields":[ + { + "name": "tablespace_name", + "type": "optional", + "comment": "The name of the tablespace." + }, + { + "name": "tablespace_status", + "type": "optional", + "expected_values": [ + "Offline", + "Online", + "Read Only" + ], + "comment": "The status of the tablespace." + }, + { + "name": "free_bytes", + "type": "optional", + "comment": "The total amount of free space in the tablespace, in bytes." + }, + { + "name": "tablespace_reads", + "type": "optional", + "comment": "The number of tablespace reads carried out by the query." + }, + { + "name": "tablespace_writes", + "type": "optional", + "comment": "The number of tablespace writes carried out by the query." + } + ], + "child_dataset": [] + }, + { + "name": "Query_Stats", + "tags": [["stats", "query", "stats"]], + "search_constraints":"tag=stats", + "fields_cluster":[], + "fields":[ + { + "name": "stored_procedures_called", + "type": "optional", + "comment": "The names of the stored procedures called by the query." + }, + { + "name": "tables_hit", + "type": "optional", + "comment": "The names of the tables hit by the query." + }, + { + "name": "indexes_hit", + "type": "optional", + "comment": "The names of the indexes hit by the database query." + }, + { + "name": "query_plan_hit", + "type": "optional", + "comment": "The name of the query plan hit by the query." + } + ], + "child_dataset": [] + } + ] + + } + ] + } + ] +} \ No newline at end of file diff --git a/pytest_splunk_addon/data_models/Event_Signatures.json b/pytest_splunk_addon/data_models/Event_Signatures.json new file mode 100644 index 00000000..ef7c70f4 --- /dev/null +++ b/pytest_splunk_addon/data_models/Event_Signatures.json @@ -0,0 +1,37 @@ +{ + "model_name": "Event_Signatures", + "version": "1.0.0", + "objects": [ + { + "name": "Event_Signatures", + "tags": [ + ["track_event_signatures"] + ], + "fields_cluster": [], + "search_constraints": "tag=track_event_signatures (signature=* OR signature_id=*)", + "fields": [ + { + "name": "dest", + "type": "required", + "comment": "System affected by the signature." + }, + { + "name": "signature", + "type": "required", + "comment": "The human readable event name." + }, + { + "name": "signature_id", + "type": "required", + "comment": "The event name identifier (as supplied by the vendor)." + }, + { + "name": "vendor_product", + "type": "optional", + "comment": "The vendor and product name of the technology that reported the event, such as Carbon Black Cb Response. This field can be automatically populated by vendor and product fields in your data." + } + ], + "child_dataset": [] + } + ] +} \ No newline at end of file diff --git a/pytest_splunk_addon/data_models/Interprocess Messaging.json b/pytest_splunk_addon/data_models/Interprocess Messaging.json new file mode 100644 index 00000000..6f18178e --- /dev/null +++ b/pytest_splunk_addon/data_models/Interprocess Messaging.json @@ -0,0 +1,194 @@ +{ + "model_name": "", + "version": "1.0.0", + "objects": [ + { + "name": "All_Messaging", + "tags": [["messaging"] + ], + "fields_cluster": [], + "search_constraints": "tag=messaging", + "fields": [ + { + "name": "dest", + "type": "optional", + "comment": "The destination of the message. You can alias this from more specific fields, such as dest_host, dest_ip, or dest_name." + }, + { + "name": "dest_bunit", + "type": "optional", + "comment": "The business unit of the destination." + }, + { + "name": "dest_category", + "type": "optional", + "expected_values": [ + "queue", + "topic" + ], + "comment": "The type of message destination." + }, + { + "name": "dest_priority", + "type": "optional", + "comment": "The priority of the destination." + }, + { + "name": "duration", + "type": "optional", + "comment": "The number of seconds from message call to message response. Can be derived by getting the difference between the request_sent_time and the message_received_time." + }, + { + "name": "endpoint", + "type": "optional", + "comment": "The endpoint that the message accessed during the RPC (remote procedure call) transaction." + }, + { + "name": "endpoint_version", + "type": "optional", + "comment": "The version of the endpoint accessed during the RPC (remote procedure call) transaction, such as 1.0 or 1.22." + }, + { + "name": "message", + "type": "optional", + "comment": "A command or reference that an RPC (remote procedure call) reads or responds to." + }, + { + "name": "message_id", + "type": "optional", + "comment": "The message identification." + }, + { + "name": "message_consumed_time", + "type": "optional", + "comment": "The time that the RPC (remote procedure call) read the message and was prepared to take some sort of action." + }, + { + "name": "message_correlation_id", + "type": "optional", + "comment": "The message correlation identification value." + }, + { + "name": "message_delivered_time", + "type": "optional", + "comment": "The time that the message producer sent the message." + }, + { + "name": "message_delivery_mode", + "type": "optional", + "comment": "The message delivery mode. Possible values depend on the type of message-oriented middleware (MOM) solution in use. They can be words like Transient (meaning the message is stored in memory and is lost if the server dies or restarts) or Persistent (meaning the message is stored both in memory and on disk and is preserved if the server dies or restarts). They can also be numbers like 1, 2, and so on." + }, + { + "name": "message_expiration_time", + "type": "optional", + "comment": "The time that the message expired." + }, + { + "name": "message_priority", + "type": "optional", + "comment": "The priority of the message. Important jobs that the message queue should answer no matter what receive a higher message_priority than other jobs, ensuring they are completed before the others." + }, + { + "name": "message_properties", + "type": "optional", + "comment": "An arbitrary list of message properties. The set of properties displayed depends on the message-oriented middleware (MOM) solution that you are using." + }, + { + "name": "message_received_time", + "type": "optional", + "comment": "The time that the message was received by a message-oriented middleware (MOM) solution." + }, + { + "name": "message_redelivered", + "type": "optional", + "comment": "Indicates whether or not the message was redelivered." + }, + { + "name": "message_reply_dest", + "type": "optional", + "comment": "The name of the destination for replies to the message." + }, + { + "name": "message_type", + "type": "optional", + "comment": "The type of message, such as call or reply." + }, + { + "name": "parameters", + "type": "optional", + "comment": "Arguments that have been passed to an endpoint by a REST call or something similar. A sample parameter could be something like foo=bar." + }, + { + "name": "payload", + "type": "optional", + "comment": "The message payload." + }, + { + "name": "payload_type", + "type": "optional", + "comment": "The type of payload in the message. The payload type can be text (such as json, xml, and raw) or binary (such as compressed, object, encrypted, and image)." + }, + { + "name": "request_payload", + "type": "optional", + "comment": "The content of the message request." + }, + { + "name": "request_payload_type", + "type": "optional", + "comment": "The type of payload in the message request. The payload type can be text (such as json, xml, and raw) or binary (such as compressed, object, encrypted, and image)." + }, + { + "name": "request_sent_time", + "type": "optional", + "comment": "The time that the message request was sent." + }, + { + "name": "response_code", + "type": "optional", + "comment": "The response status code sent by the receiving server. Ranges between 200 and 404." + }, + { + "name": "response_payload_type", + "type": "optional", + "comment": "The type of payload in the message response. The payload type can be text (such as json, xml, and raw) or binary (such as compressed, object, encrypted, and image)." + }, + { + "name": "response_received_time", + "type": "optional", + "comment": "The time that the message response was received." + }, + { + "name": "response_time", + "type": "optional", + "comment": "The amount of time it took to receive a response, in seconds." + }, + { + "name": "return_message", + "type": "optional", + "comment": "The response status message sent by the message server." + }, + { + "name": "rpc_protocol", + "type": "optional", + "comment": "The protocol that the message server uses for remote procedure calls (RPC). Possible values include HTTP REST, SOAP, and EJB." + }, + { + "name": "status", + "type": "optional", + "expected_values": [ + "pass", + "fail" + ], + "comment": "The status of the message response." + }, + { + "name": "tag", + "type": "optional", + "comment": "This automatically generated field is used to access tags from within data models. Add-on builders do not need to populate it." + } + ], + "child_dataset": [] + } + ] +} \ No newline at end of file diff --git a/pytest_splunk_addon/data_models/JVM.json b/pytest_splunk_addon/data_models/JVM.json new file mode 100644 index 00000000..612858f0 --- /dev/null +++ b/pytest_splunk_addon/data_models/JVM.json @@ -0,0 +1,332 @@ +{ + "model_name": "JVM", + "version": "1.0.0", + "objects": [ + { + "name": "Event_Signatures", + "tags": [["jvm"] + ], + "fields_cluster": [], + "search_constraints": "tag=jvm", + "fields": [ + { + "name": "jvm_description", + "type": "optional", + "comment": "A description field provided in some data sources." + }, + { + "name": "tag", + "type": "optional", + "comment": "This automatically generated field is used to access tags from within data models. Add-on builders do not need to populate it." + } + ], + "child_dataset": [ + { + "name": "Threading", + "tags": [ + ["jvm", "threading"] + ], + "fields_cluster": [], + "search_constraints": "tag=threading", + "fields": [ + { + "name": "threads_started", + "type": "optional", + "comment": "The total number of threads started in the JVM." + }, + { + "name": "thread_count", + "type": "optional", + "comment": "The JVM's current thread count." + }, + { + "name": "cpu_time_enabled", + "type": "optional", + "expected_values": [ + "true", + "false" + ], + "comment": "Indicates whether thread CPU time measurement is enabled." + }, + { + "name": "cm_supported", + "type": "optional", + "expected_values": [ + "true", + "false" + ], + "comment": "Indicates whether the JVM supports thread contention monitoring." + }, + { + "name": "cm_enabled", + "type": "optional", + "expected_values": [ + "true", + "false" + ], + "comment": "Indicates whether thread contention monitoring is enabled." + }, + { + "name": "synch_supported", + "type": "optional", + "expected_values": [ + "true", + "false" + ], + "comment": "Indicates whether the JVM supports monitoring of ownable synchronizer usage." + }, + { + "name": "peak_thread_count", + "type": "optional", + "comment": "The JVM's peak thread count." + }, + { + "name": "omu_supported", + "type": "optional", + "expected_values": [ + "true", + "false" + ], + "comment": "Indicates whether the JVM supports monitoring of object monitor usage." + }, + { + "name": "daemon_thread_count", + "type": "optional", + "comment": "The JVM's current daemon count." + }, + { + "name": "current_user_time", + "type": "optional", + "comment": "User-space time taken by the JVM, in seconds." + }, + { + "name": "cpu_time_supported", + "type": "optional", + "expected_values": [ + "true", + "false" + ], + "comment": "Indicates whether the Java virtual machine supports CPU time measurement for the current thread." + }, + { + "name": "current_cpu_time", + "type": "optional", + "comment": "CPU-space time taken by the JVM, in seconds." + } + ], + "child_dataset": [] + }, + { + "name": "Runtime", + "tags": [ + ["jvm", "runtime"] + ], + "fields_cluster": [], + "search_constraints": "tag=runtime", + "fields": [ + { + "name": "version", + "type": "optional", + "comment": "Version of the JVM." + }, + { + "name": "uptime", + "type": "optional", + "comment": "Uptime of the JVM process, in seconds." + }, + { + "name": "start_time", + "type": "optional", + "comment": "Start time of the JVM process." + }, + { + "name": "process_name", + "type": "optional", + "comment": "Process name of the JVM process." + }, + { + "name": "vendor_product", + "type": "optional", + "comment": "The JVM product or service. This field can be automatically populated by the the vendor and product fields in your raw data." + } + ], + "child_dataset": [] + }, + { + "name": "OS", + "tags": [ + ["jvm", "os"] + ], + "fields_cluster": [], + "search_constraints": "tag=os", + "fields": [ + { + "name": "os_version", + "type": "optional", + "comment": "OS version that the JVM is running on." + }, + { + "name": "swap_space", + "type": "optional", + "comment": "Swap memory space available to the OS that the JVM is running on, in bytes." + }, + { + "name": "physical_memory", + "type": "optional", + "comment": "Physical memory available to the OS that the JVM is running on, in bytes." + }, + { + "name": "system_load", + "type": "optional", + "comment": "System load of the OS that the JVM is running on." + }, + { + "name": "cpu_time", + "type": "optional", + "comment": "Amount of CPU time taken by the JVM, in seconds." + }, + { + "name": "os", + "type": "optional", + "comment": "OS that the JVM is running on." + }, + { + "name": "open_file_descriptors", + "type": "optional", + "comment": "Number of file descriptors opened by the JVM." + }, + { + "name": "max_file_descriptors", + "type": "optional", + "comment": "Maximum file descriptors available to the JVM." + }, + { + "name": "free_swap", + "type": "optional", + "comment": "Amount of free swap memory remaining to the JVM, in bytes." + }, + { + "name": "free_physical_memory", + "type": "optional", + "comment": "Amount of free physical memory remaining to the JVM, in bytes." + }, + { + "name": "committed_memory", + "type": "optional", + "comment": "Amount of memory committed to the JVM, in bytes." + }, + { + "name": "total_processors", + "type": "optional", + "comment": "Total processor cores available to the OS that the JVM is running on." + }, + { + "name": "os_architecture", + "type": "optional", + "comment": "OS architecture that the JVM is running on." + } + ], + "child_dataset": [] + }, + { + "name": "Compilation", + "tags": [ + ["jvm", "compilation"] + ], + "fields_cluster": [], + "search_constraints": "tag=compilation", + "fields": [ + { + "name": "compilation_time", + "type": "optional", + "comment": "Time taken by JIT compilation, in seconds." + } + ], + "child_dataset": [] + }, + { + "name": "Classloading", + "tags": [ + ["jvm", "classloading"] + ], + "fields_cluster": [], + "search_constraints": "tag=classloading", + "fields": [ + { + "name": "total_loaded", + "type": "optional", + "comment": "The total count of classes loaded in the JVM." + }, + { + "name": "current_loaded", + "type": "optional", + "comment": "The current count of classes loaded in the JVM." + }, + { + "name": "total_unloaded", + "type": "optional", + "comment": "The total count of classes unloaded from the JVM." + } + ], + "child_dataset": [] + }, + { + "name": "Memory", + "tags": [ + ["jvm", "memory"] + ], + "fields_cluster": [], + "search_constraints": "tag=memory", + "fields": [ + { + "name": "non_heap_used", + "type": "optional", + "comment": "Non-heap memory used by the JVM, in bytes." + }, + { + "name": "non_heap_max", + "type": "optional", + "comment": "Maximum amount of non-heap memory used by the JVM, in bytes" + }, + { + "name": "non_heap_initial", + "type": "optional", + "comment": "Initial amount of non-heap memory used by the JVM, in bytes." + }, + { + "name": "non_heap_committed", + "type": "optional", + "comment": "Committed amount of non-heap memory used by the JVM, in bytes." + }, + { + "name": "heap_used", + "type": "optional", + "comment": "Heap memory used by the JVM, in bytes." + }, + { + "name": "heap_max", + "type": "optional", + "comment": "Maximum amount of heap memory used by the JVM, in bytes." + }, + { + "name": "heap_initial", + "type": "optional", + "comment": "Initial amount of heap memory used by the JVM, in bytes." + }, + { + "name": "heap_committed", + "type": "optional", + "comment": "Committed amount of heap memory used by the JVM, in bytes." + }, + { + "name": "objects_pending", + "type": "optional", + "comment": "Number of objects pending in the JVM." + } + ], + "child_dataset": [] + } + ] + } + ] +} \ No newline at end of file diff --git a/pytest_splunk_addon/data_models/Performance.json b/pytest_splunk_addon/data_models/Performance.json new file mode 100644 index 00000000..b96c2a26 --- /dev/null +++ b/pytest_splunk_addon/data_models/Performance.json @@ -0,0 +1,314 @@ +{ + "model_name": "Performance", + "version": "1.0.0", + "objects": [ + { + "name": "All_Performance", + "tags": [["performance"]], + "search_constraints": "tag=performance", + "fields_cluster": [], + "fields": [ + { + "name": "dest_should_timesync", + "type": "optional", + "comment": "Indicates whether or not the system where the performance event occurred should time sync. This field is automatically provided by Asset and Identity correlation features of applications like the Splunk App for Enterprise Security." + }, + { + "name": "dest_should_update", + "type": "optional", + "comment": "Indicates whether or not the system where the performance event occurred should update. This field is automatically provided by asset and identity correlation features of applications like Splunk Enterprise Security. Do not define extractions for this field when writing add-ons." + }, + { + "name": "hypervisor_id", + "type": "optional", + "comment": "The ID of the virtualization hypervisor." + }, + { + "name": "resource_type", + "type": "optional", + "comment": "The type of facilities resource involved in the performance event, such as a rack, room, or system." + }, + { + "name": "dest", + "type": "required", + "comment": "The system where the event occurred, usually a facilities resource such as a rack or room. You can alias this from more specific fields, such as dest_host, dest_ip, or dest_name." + } + ], + "child_dataset": [ + { + "name": "CPU", + "tags": [["cpu", "performance"]], + "fields_cluster": [], + "search_constraints": "tag=cpu", + "fields": [ + { + "name": "cpu_load_mhz", + "type": "optional", + "comment": "The amount of CPU load reported by the controller in megahertz." + }, + { + "name": "cpu_load_percent", + "type": "required", + "comment": "The amount of CPU load reported by the controller in percentage points." + }, + { + "name": "cpu_time", + "type": "optional", + "comment": "The number of CPU seconds consumed by processes." + }, + { + "name": "cpu_user_percent", + "type": "optional", + "comment": "Percentage of CPU user time consumed by processes." + } + ], + "child_dataset": [] + }, + { + "name": "Facilities", + "tags": [["facilities", "performance"]], + "fields_cluster": [], + "search_constraints": "tag=facilities", + "fields": [ + { + "name": "temperature", + "type": "required", + "comment": "Average temperature of the facilities resource, in degrees Celsius." + }, + { + "name": "power", + "type": "optional", + "comment": "Amount of power consumed by the facilities resource, in Kw\/h." + }, + { + "name": "fan_speed", + "type": "optional", + "comment": "The speed of the cooling fan in the facilities resource, in rotations per second." + } + ], + "child_dataset": [] + }, + { + "name": "Memory", + "tags": [["memory", "performance"]], + "fields_cluster": [], + "search_constraints": "tag=memory", + "fields": [ + { + "name": "mem", + "type": "required", + "comment": "The total amount of memory capacity reported by the resource, in megabytes." + }, + { + "name": "mem_committed", + "type": "optional", + "comment": "The committed amount of memory reported by the resource, in megabytes." + }, + { + "name": "mem_free", + "type": "required", + "comment": "The free amount of memory reported by the resource, in megabytes." + }, + { + "name": "mem_used", + "type": "required", + "comment": "The used amount of memory reported by the resource, in megabytes." + }, + { + "name": "swap", + "type": "optional", + "comment": "The total swap space size, in megabytes, if applicable." + }, + { + "name": "swap_free", + "type": "optional", + "comment": "The free swap space size, in megabytes, if applicable." + }, + { + "name": "swap_used", + "type": "optional", + "comment": "The used swap space size, in megabytes, if applicable." + } + ], + "child_dataset": [] + }, + { + "name": "Storage", + "tags": [["storage", "performance"]], + "fields_cluster": [], + "search_constraints": "tag=storage", + "fields": [ + { + "name": "array", + "type": "optional", + "comment": "The array that the resource is a member of, if applicable." + }, + { + "name": "blocksize", + "type": "optional", + "comment": "Block size used by the storage resource, in kilobytes." + }, + { + "name": "cluster", + "type": "optional", + "comment": "The cluster that the resource is a member of, if applicable." + }, + { + "name": "fd_max", + "type": "optional", + "comment": "The maximum number of available file descriptors." + }, + { + "name": "fd_used", + "type": "optional", + "comment": "The current number of open file descriptors." + }, + { + "name": "latency", + "type": "optional", + "comment": "The latency reported by the resource, in milliseconds." + }, + { + "name": "mount", + "type": "optional", + "comment": "The mount point of a storage resource." + }, + { + "name": "parent", + "type": "optional", + "comment": "A generic indicator of hierarchy. For instance, a disk event might include the array id here." + }, + { + "name": "read_blocks", + "type": "optional", + "comment": "Number of blocks read." + }, + { + "name": "read_latency", + "type": "optional", + "comment": "The latency of read operations, in milliseconds." + }, + { + "name": "read_ops", + "type": "optional", + "comment": "Number of read operations." + }, + { + "name": "storage", + "type": "optional", + "comment": "The total amount of storage capacity reported by the resource, in megabytes." + }, + { + "name": "storage_free", + "type": "required", + "comment": "The free amount of storage capacity reported by the resource, in megabytes." + }, + { + "name": "storage_free_percent", + "type": "required", + "comment": "The percentage of storage capacity reported by the resource that is free." + }, + { + "name": "storage_used", + "type": "required", + "comment": "The used amount of storage capacity reported by the resource, in megabytes." + }, + { + "name": "storage_used_percent", + "type": "required", + "comment": "The percentage of storage capacity reported by the resource that is used." + }, + { + "name": "write_blocks", + "type": "optional", + "comment": "The number of blocks written by the resource." + }, + { + "name": "write_latency", + "type": "optional", + "comment": "The latency of write operations, in milliseconds." + }, + { + "name": "write_ops", + "type": "optional", + "comment": "The total number of write operations processed by the resource." + } + ], + "child_dataset": [] + }, + { + "name": "Network", + "tags": [["network", "performance"]], + "fields_cluster": [], + "search_constraints": "tag=network", + "fields": [ + { + "name": "thruput", + "type": "required", + "comment": "The current throughput reported by the service, in bytes." + }, + { + "name": "thruput_max", + "type": "optional", + "comment": "The maximum possible throughput reported by the service, in bytes." + } + ], + "child_dataset": [] + }, + { + "name": "OS", + "tags": [["os", "performance"]], + "fields_cluster": [], + "search_constraints": "tag=os", + "fields": [ + { + "name": "signature", + "type": "required", + "comment": "The event description signature, if available." + }, + { + "name": "signature_id", + "type": "optional", + "comment": "The unique identifier or event code of the event signature." + } + ], + "child_dataset": [ + { + "name": "Timesync", + "tags": [["performance", "os", "performance", "synchronize"]], + "fields_cluster": [], + "search_constraints": "tag=synchronize tag=time", + "fields": [ + { + "name": "action", + "type": "required", + "expected_values": [ + "success", + "failure" + ], + "comment": "The result of a time sync event." + } + ], + "child_dataset": [] + }, + { + "name": "Uptime", + "tags": [["uptime", "os", "performance"]], + "fields_cluster": [], + "search_constraints": "tag=uptime", + "fields": [ + { + "name": "uptime", + "type": "required", + "comment": "The uptime of the compute resource, in seconds." + } + ], + "child_dataset": [] + } + ] + } + + ] + } + ] +} diff --git a/pytest_splunk_addon/data_models/Ticket_Management.json b/pytest_splunk_addon/data_models/Ticket_Management.json new file mode 100644 index 00000000..fa809ad7 --- /dev/null +++ b/pytest_splunk_addon/data_models/Ticket_Management.json @@ -0,0 +1,129 @@ + +{ + "model_name": "Ticket_Management", + "version": "1.0.0", + "objects": [ + { + "name": "All_Ticket_Management", + "tags": [["ticketing"]], + "search_constraints": "tag=ticketing", + "fields_cluster": [], + "fields": [ + { + "name": "affect_dest", + "type": "optional", + "comment": "Destinations affected by the service request." + }, + { + "name": "comments", + "type": "optional", + "comment": "Comments about the service request." + }, + { + "name": "description", + "type": "optional", + "comment": "The description of the service request." + }, + { + "name": "priority", + "type": "required", + "comment": "The relative priority of the service request." + }, + { + "name": "severity", + "type": "required", + "comment": "The relative severity of the service request." + }, + { + "name": "severity_id", + "type": "required", + "comment": "The numeric or vendor specific severity indicator corresponding to the event severity." + }, + { + "name": "splunk_id", + "type": "optional", + "comment": "The unique identifier of the service request as it pertains to Splunk. For example, 14DA67E8-6084-4FA8-9568-48D05969C522@@_internal@@0533eff241db0d892509be46cd3126e30e0f6046." + }, + { + "name": "splunk_realm", + "type": "optional", + "comment": "The Splunk application or use case associated with the unique identifier (splunk_id). For example, es_notable." + }, + { + "name": "src_user", + "type": "optional", + "comment": "The user or entity that created or triggered the service request, if applicable." + }, + { + "name": "status", + "type": "required", + "comment": "The relative status of the service request." + }, + { + "name": "time_submitted", + "type": "optional", + "comment": "The time that the src_user submitted the service request." + }, + { + "name": "user", + "type": "optional", + "comment": "The name of the user or entity that is assigned to carry out the service request, if applicable." + }, + { + "name": "dest", + "type": "required", + "comment": "The destination of the service request. You can alias this from more specific fields, such as dest_host, dest_ip, or dest_name." + }, + { + "name": "ticket_id", + "type": "required", + "comment": "An identification name, code, or number for the service request." + } + ], + "child_dataset": [ + { + "name": "Change", + "tags": [["change", "ticketing"]], + "search_constraints": "tag=change", + "fields_cluster": [], + "fields": [ + { + "name": "change", + "type": "optional", + "comment": "Designation for a request for change (RFC) that is raised to modify an IT service to resolve an incident or problem." + } + ], + "child_dataset": [] + }, + { + "name": "Incident", + "tags": [["incident", "ticketing"]], + "search_constraints": "tag=incident", + "fields_cluster": [], + "fields": [ + { + "name": "incident", + "type": "optional", + "comment": "The destination of the service request. You can alias this from more specific fields, such as dest_host, dest_ip, or dest_name." + } + ], + "child_dataset": [] + }, + { + "name": "Problem", + "tags": [["problem", "ticketing"]], + "search_constraints": "tag=problem", + "fields_cluster": [], + "fields": [ + { + "name": "problem", + "type": "optional", + "comment": "When multiple occurrences of related incidents are observed, they are collectively designated with a single problem value. Problem management differs from the process of managing an isolated incident. Often problems are managed by a specific set of staff and through a problem management process." + } + ], + "child_dataset": [] + } + ] + } + ] +} \ No newline at end of file diff --git a/pytest_splunk_addon/fields_tests/requirement_test_datamodel_tag_constants.py b/pytest_splunk_addon/fields_tests/requirement_test_datamodel_tag_constants.py index 6cee7b55..f1b66cdf 100644 --- a/pytest_splunk_addon/fields_tests/requirement_test_datamodel_tag_constants.py +++ b/pytest_splunk_addon/fields_tests/requirement_test_datamodel_tag_constants.py @@ -13,7 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. # -# CIM 4.20.2 +# CIM 5.3.2 # Defines tags associated with data models. Used to determine the DM's associated with tags returned by the Splunk # search for eg: 'tag': "['authentication', 'insecure', 'network', 'resolution', 'dns', 'success']" matches # 'Authentication': ['authentication'], 'Authentication_Insecure_Authentication': ['authentication', 'insecure'], From b54ce6af8e5d5aac5ebbdb1f452aac67df02cadc Mon Sep 17 00:00:00 2001 From: srv-rr-github-token <94607705+srv-rr-github-token@users.noreply.github.com> Date: Thu, 11 Jul 2024 08:35:28 +0000 Subject: [PATCH 23/29] chore(release): 5.3.0-beta.9 # [5.3.0-beta.9](https://github.com/splunk/pytest-splunk-addon/compare/v5.3.0-beta.8...v5.3.0-beta.9) (2024-07-11) ### Features * adding new data models ([#863](https://github.com/splunk/pytest-splunk-addon/issues/863)) ([91fd95d](https://github.com/splunk/pytest-splunk-addon/commit/91fd95d1c971c112717a87b7304663b86378299f)) --- NOTICE | 84 ++------------------------------- pyproject.toml | 2 +- pytest_splunk_addon/__init__.py | 2 +- 3 files changed, 5 insertions(+), 83 deletions(-) diff --git a/NOTICE b/NOTICE index bf557c79..b0aceed6 100644 --- a/NOTICE +++ b/NOTICE @@ -7,9 +7,9 @@ The following 3rd-party software packages may be used by or distributed with pytest-splunk-addon. Any information relevant to third-party vendors listed below are collected using common, reasonable means. -Date generated: 2024-7-10 +Date generated: 2024-7-11 -Revision ID: a00fc81756ce302d264771452a4ccfd079c39f09 +Revision ID: 91fd95d1c971c112717a87b7304663b86378299f ================================================================================ ================================================================================ @@ -50,8 +50,6 @@ No licenses found -------------------------------------------------------------------------------- Package Title: addonfactory-splunk-conf-parser-lib (0.4.0) - -Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -264,8 +262,6 @@ Apache-2.0 -------------------------------------------------------------------------------- Package Title: attrs (23.2.0) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -298,8 +294,6 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: certifi (2024.6.2) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -331,8 +325,6 @@ one at http://mozilla.org/MPL/2.0/. -------------------------------------------------------------------------------- Package Title: charset-normalizer (3.3.2) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -364,8 +356,6 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: colorama (0.4.6) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -404,8 +394,6 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -------------------------------------------------------------------------------- Package Title: defusedxml (0.7.1) - -Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -466,8 +454,6 @@ Agreement. -------------------------------------------------------------------------------- Package Title: deprecation (2.1.0) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -704,8 +690,6 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: elementpath (4.1.5) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -738,8 +722,6 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: exceptiongroup (1.2.1) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -855,8 +837,6 @@ Agreement. -------------------------------------------------------------------------------- Package Title: execnet (2.0.2) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -886,8 +866,6 @@ MIT -------------------------------------------------------------------------------- Package Title: Faker (18.13.0) - -Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -918,8 +896,6 @@ THE SOFTWARE. -------------------------------------------------------------------------------- Package Title: filelock (3.12.2) - -Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -955,8 +931,6 @@ For more information, please refer to -------------------------------------------------------------------------------- Package Title: future (1.0.0) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1042,8 +1016,6 @@ SECRET LABS AB AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTW -------------------------------------------------------------------------------- Package Title: httplib2 (0.22.0) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1134,8 +1106,6 @@ You should have received a copy of the GNU General Public License along with thi -------------------------------------------------------------------------------- Package Title: idna (3.7) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1178,8 +1148,6 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -------------------------------------------------------------------------------- Package Title: importlib-metadata (6.7.0) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1393,8 +1361,6 @@ Apache-2.0 -------------------------------------------------------------------------------- Package Title: importlib-resources (5.12.0) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1608,8 +1574,6 @@ Apache-2.0 -------------------------------------------------------------------------------- Package Title: iniconfig (2.0.0) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1640,8 +1604,6 @@ MIT -------------------------------------------------------------------------------- Package Title: jsonschema (4.17.3) - -Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -1691,8 +1653,6 @@ See the License for the specific language governing permissions and limitations -------------------------------------------------------------------------------- Package Title: junitparser (2.8.0) - -Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -1716,8 +1676,6 @@ Copyright 2020 Joel Wang -------------------------------------------------------------------------------- Package Title: packaging (24.0) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1789,8 +1747,6 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -------------------------------------------------------------------------------- Package Title: pkgutil_resolve_name (1.3.10) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1891,8 +1847,6 @@ PYTHON SOFTWARE FOUNDATION LICENSE VERSION 2 -------------------------------------------------------------------------------- Package Title: pluggy (1.2.0) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1925,8 +1879,6 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: pyparsing (3.1.2) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -2004,8 +1956,6 @@ You should have received a copy of the GNU General Public License along with thi -------------------------------------------------------------------------------- Package Title: pyrsistent (0.19.3) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -2070,8 +2020,6 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -------------------------------------------------------------------------------- Package Title: pytest (7.4.4) - -Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -2104,8 +2052,6 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: pytest-ordering (0.6) - -Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -2134,8 +2080,6 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: pytest-xdist (3.5.0) - -Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -2165,8 +2109,6 @@ MIT -------------------------------------------------------------------------------- Package Title: python-dateutil (2.9.0.post0) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -2261,8 +2203,6 @@ The above BSD License Applies to all code, even that also covered by Apache 2.0. -------------------------------------------------------------------------------- Package Title: requests (2.31.0) - -Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -2449,8 +2389,6 @@ Apache-2.0 -------------------------------------------------------------------------------- Package Title: six (1.16.0) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -2480,8 +2418,6 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -------------------------------------------------------------------------------- Package Title: splunk-sdk (2.0.1) - -Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -2505,8 +2441,6 @@ See the License for the specific language governing permissions and limitations -------------------------------------------------------------------------------- Package Title: splunksplwrapper (1.1.4) - -Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -2719,8 +2653,6 @@ Apache-2.0 -------------------------------------------------------------------------------- Package Title: tomli (2.0.1) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -2753,8 +2685,6 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: typing-extensions (4.7.1) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -3076,8 +3006,6 @@ PERFORMANCE OF THIS SOFTWARE. -------------------------------------------------------------------------------- Package Title: urllib3 (1.26.18) - -Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -3129,8 +3057,6 @@ See the License for the specific language governing permissions and limitations -------------------------------------------------------------------------------- Package Title: xmlschema (2.5.1) - -Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -3184,8 +3110,6 @@ The name and trademarks of copyright holders may NOT be used in advertising or p -------------------------------------------------------------------------------- Package Title: xmltodict (0.13.0) - -Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -3204,8 +3128,6 @@ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLI -------------------------------------------------------------------------------- Package Title: zipp (3.15.0) - -Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -5739,4 +5661,4 @@ No license text available -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -Report Generated by FOSSA on 2024-7-10 +Report Generated by FOSSA on 2024-7-11 diff --git a/pyproject.toml b/pyproject.toml index e0e14670..96a5760a 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -16,7 +16,7 @@ [tool.poetry] name = "pytest-splunk-addon" -version = "5.3.0-beta.8" +version = "5.3.0-beta.9" description = "A Dynamic test tool for Splunk Apps and Add-ons" authors = ["Splunk "] license = "APACHE-2.0" diff --git a/pytest_splunk_addon/__init__.py b/pytest_splunk_addon/__init__.py index 199ef41c..d552f792 100644 --- a/pytest_splunk_addon/__init__.py +++ b/pytest_splunk_addon/__init__.py @@ -18,4 +18,4 @@ __author__ = """Splunk Inc.""" __email__ = "addonfactory@splunk.com" -__version__ = "5.3.0-beta.8" +__version__ = "5.3.0-beta.9" From b2f6dc5b09c05a3eef5f7973cbf38c55ca498db3 Mon Sep 17 00:00:00 2001 From: harshilgajera-crest <69803385+harshilgajera-crest@users.noreply.github.com> Date: Wed, 24 Jul 2024 12:53:04 +0530 Subject: [PATCH 24/29] feat: adding CLEAN_KEYS support (#869) Added support for CLEAN_KEYS in Transforms.conf. Added respective e2e test case for the same Impact on Addons: Now if Addons have have field names in transforms report which have non-alphanumeric chars then those chars would be first converted to _ and then tests would be generated as by default in splunk CLEAN_KEYS is set to true, so splunk also does the same thing. Moreover if any report stanza has explicitly set CLEAN_KEYS=false then for those reports field conversion would not happen and tests would be generated as it is. --- .../addon_parser/props_parser.py | 17 ++++++++++++++++- .../fields_tests/test_templates.py | 3 +-- .../addons/TA_broken/default/transforms.conf | 2 +- tests/e2e/addons/TA_fiction/default/props.conf | 3 +++ .../addons/TA_fiction/default/transforms.conf | 17 +++++++++++++++++ tests/e2e/constants.py | 10 ++++++++++ 6 files changed, 48 insertions(+), 4 deletions(-) diff --git a/pytest_splunk_addon/addon_parser/props_parser.py b/pytest_splunk_addon/addon_parser/props_parser.py index a44e831b..816716fd 100644 --- a/pytest_splunk_addon/addon_parser/props_parser.py +++ b/pytest_splunk_addon/addon_parser/props_parser.py @@ -16,7 +16,7 @@ """ Provides props.conf parsing mechanism """ -from typing import Dict +from typing import Dict, List from typing import Generator from typing import Optional import logging @@ -57,6 +57,14 @@ def props(self) -> Optional[Dict]: self._props = self._conf_parser.item_dict() return self._props if self._props else None + def update_field_names(self, field_list: List[str]) -> List[str]: + """ + update field names to remove all the non-alphanumeric chars and replace them with _ + """ + for field in field_list: + field.name = re.sub(r"\W+", "_", field.name) + return field_list + def get_props_fields(self): """ Parse the props.conf and yield all supported fields @@ -82,6 +90,13 @@ def get_props_fields(self): else: for transform_stanza, fields in self._get_report_fields(key, value): field_list = list(fields) + if ( + self.transforms_parser.transforms.get( + transform_stanza, {} + ).get("CLEAN_KEYS") + != "false" + ): + field_list = self.update_field_names(field_list) if field_list: yield { "stanza": stanza_name, diff --git a/pytest_splunk_addon/fields_tests/test_templates.py b/pytest_splunk_addon/fields_tests/test_templates.py index 109ab77a..c16cd11b 100644 --- a/pytest_splunk_addon/fields_tests/test_templates.py +++ b/pytest_splunk_addon/fields_tests/test_templates.py @@ -20,12 +20,11 @@ import pprint import logging import pytest -from ..addon_parser import Field import json from itertools import chain +from ..addon_parser import Field from ..utilities.log_helper import get_table_output from ..utilities.log_helper import format_search_query_log - from .requirement_test_datamodel_tag_constants import dict_datamodel_tag TOP_FIVE_STRUCTURALLY_UNIQUE_EVENTS_QUERY_PART = " | dedup punct | head 5" diff --git a/tests/e2e/addons/TA_broken/default/transforms.conf b/tests/e2e/addons/TA_broken/default/transforms.conf index 0bd3e95c..84b958b1 100644 --- a/tests/e2e/addons/TA_broken/default/transforms.conf +++ b/tests/e2e/addons/TA_broken/default/transforms.conf @@ -48,4 +48,4 @@ case_sensitive_match = false # Expected result: FAIL [broken-NaN_lookup] filename = NaN.csv -case_sensitive_match = false +case_sensitive_match = false \ No newline at end of file diff --git a/tests/e2e/addons/TA_fiction/default/props.conf b/tests/e2e/addons/TA_fiction/default/props.conf index 71836260..22fd7537 100644 --- a/tests/e2e/addons/TA_fiction/default/props.conf +++ b/tests/e2e/addons/TA_fiction/default/props.conf @@ -81,6 +81,9 @@ EXTRACT-fiction-fourteen = (?\d+-\d+-\d+).*in ho REPORT-fiction-tsc-delim-fields = fiction-tsc-delim-fields REPORT-fiction-tsc-sk-regex-format = fiction-tsc-sk-regex-format REPORT-fiction-tsc-sk-delim-format = fiction-tsc-sk-delim-format +REPORT-fiction-tsc-sk-delim-format-with-clean-keys = fiction-tsc-sk-delim-format-with-clean-keys +REPORT-fiction-tsc-non-alphanumeric = fiction-tsc-non-alphanumeric + ## multiple transforms stanza associated with REPORT REPORT-fiction-tsc-regex-format = fiction-tsc-regex, fiction-tsc-regex-format diff --git a/tests/e2e/addons/TA_fiction/default/transforms.conf b/tests/e2e/addons/TA_fiction/default/transforms.conf index 3fcacdab..16ea0259 100644 --- a/tests/e2e/addons/TA_fiction/default/transforms.conf +++ b/tests/e2e/addons/TA_fiction/default/transforms.conf @@ -22,6 +22,23 @@ SOURCE_KEY = event_id DELIMS = "=" FIELDS = server_contact_mode, dest +# Component tested: REPORT, DELIM-FIELDS-SOURCE_KEY +# Scenario:# Similar to the above scenario +## Here as CLEAN_KEYS = false server-contact-mode will be searched as is instead of converting it. +[fiction-tsc-sk-delim-format-with-clean-keys] +CLEAN_KEYS = false +SOURCE_KEY = event_id +DELIMS = "=" +FIELDS = server-contact-mode, dest + +# Component tested: REPORT, DELIM +# Scenario: +## server-contact-mode should be searched as server_contact_mode as CLEAN_KEYS = true by default[fiction-tsc-non-alphanumeric] +[fiction-tsc-non-alphanumeric] +DELIMS = " " +FIELDS = server-contact, dest_1 + + # Component tested: REPORT, REGEX-FORMAT-SOURCE_KEY # Scenario: Source-key with regex and format ## An individual search for SOURCE_KEY and each field extracted in FORMAT and a single search of all the fields with SOURCE_KEY. diff --git a/tests/e2e/constants.py b/tests/e2e/constants.py index 0fd69aeb..2cd7d521 100644 --- a/tests/e2e/constants.py +++ b/tests/e2e/constants.py @@ -64,6 +64,11 @@ "*test_splunk_app_fiction.py::Test_App::test_props_fields*splunkd::field::dest* PASSED*", "*test_splunk_app_fiction.py::Test_App::test_props_fields*splunkd::REPORT-fiction-tsc-regex-format::fiction-tsc-regex* PASSED*", "*test_splunk_app_fiction.py::Test_App::test_props_fields*splunkd::REPORT-fiction-tsc-regex-format::fiction-tsc-regex-format* PASSED*", + "*test_splunk_app_fiction.py::Test_App::test_props_fields*splunkd::REPORT-fiction-tsc-sk-delim-format-with-clean-keys::fiction-tsc-sk-delim-format-with-clean-keys* PASSED*", + "*test_splunk_app_fiction.py::Test_App::test_props_fields*splunkd::field::server-contact-mode* PASSED*", + "*test_splunk_app_fiction.py::Test_App::test_props_fields*splunkd::field::server_contact* PASSED*", + "*test_splunk_app_fiction.py::Test_App::test_props_fields*splunkd::field::dest* PASSED*", + "*test_splunk_app_fiction.py::Test_App::test_props_fields*splunkd::field::dest_1* PASSED*", "*test_splunk_app_fiction.py::Test_App::test_props_fields*splunkd::field::size1* PASSED*", "*test_splunk_app_fiction.py::Test_App::test_props_fields*splunkd::field::size2* PASSED*", "*test_splunk_app_fiction.py::Test_App::test_props_fields*splunkd::field::myeval* PASSED*", @@ -119,6 +124,11 @@ "*test_splunk_app_fiction.py::Test_App::test_props_fields_no_dash_not_empty**/opt/splunk/var/log/splunk/splunkd.log*::field::splunk_server* PASSED*", "*test_splunk_app_fiction.py::Test_App::test_props_fields_no_dash_not_empty**/opt/splunk/var/log/splunk/splunkd_access.log*::field::splunk_server* PASSED*", "*test_splunk_app_fiction.py::Test_App::test_props_fields_no_dash_not_empty*splunkd::EXTRACT-fiction-one* PASSED*", + "*test_splunk_app_fiction.py::Test_App::test_props_fields_no_dash_not_empty*splunkd::REPORT-fiction-tsc-sk-delim-format-with-clean-keys::fiction-tsc-sk-delim-format-with-clean-keys* PASSED*", + "*test_splunk_app_fiction.py::Test_App::test_props_fields_no_dash_not_empty*splunkd::field::server-contact-mode* PASSED*", + "*test_splunk_app_fiction.py::Test_App::test_props_fields_no_dash_not_empty*splunkd::field::dest* PASSED*", + "*test_splunk_app_fiction.py::Test_App::test_props_fields_no_dash_not_empty*splunkd::field::dest_1* PASSED*", + "*test_splunk_app_fiction.py::Test_App::test_props_fields_no_dash_not_empty*splunkd::field::server_contact* PASSED*", "*test_splunk_app_fiction.py::Test_App::test_props_fields_no_dash_not_empty*splunkd::field::extractone* PASSED*", "*test_splunk_app_fiction.py::Test_App::test_props_fields_no_dash_not_empty*splunkd::EXTRACT-fiction-two* PASSED*", "*test_splunk_app_fiction.py::Test_App::test_props_fields_no_dash_not_empty*splunkd::field::extracttwoA* PASSED*", From 575c440d4ce2f10fe91a424253baf9d9b5f632d4 Mon Sep 17 00:00:00 2001 From: srv-rr-github-token <94607705+srv-rr-github-token@users.noreply.github.com> Date: Wed, 24 Jul 2024 07:50:32 +0000 Subject: [PATCH 25/29] chore(release): 5.3.0-beta.10 # [5.3.0-beta.10](https://github.com/splunk/pytest-splunk-addon/compare/v5.3.0-beta.9...v5.3.0-beta.10) (2024-07-24) ### Features * adding CLEAN_KEYS support ([#869](https://github.com/splunk/pytest-splunk-addon/issues/869)) ([b2f6dc5](https://github.com/splunk/pytest-splunk-addon/commit/b2f6dc5b09c05a3eef5f7973cbf38c55ca498db3)) --- NOTICE | 672 +++++++++++++++++++++++++++++++- pyproject.toml | 2 +- pytest_splunk_addon/__init__.py | 2 +- 3 files changed, 671 insertions(+), 5 deletions(-) diff --git a/NOTICE b/NOTICE index b0aceed6..9dc719bd 100644 --- a/NOTICE +++ b/NOTICE @@ -7,9 +7,9 @@ The following 3rd-party software packages may be used by or distributed with pytest-splunk-addon. Any information relevant to third-party vendors listed below are collected using common, reasonable means. -Date generated: 2024-7-11 +Date generated: 2024-7-24 -Revision ID: 91fd95d1c971c112717a87b7304663b86378299f +Revision ID: b2f6dc5b09c05a3eef5f7973cbf38c55ca498db3 ================================================================================ ================================================================================ @@ -5658,7 +5658,673 @@ This formulation of W3C's notice and license became active on August 14 1998 so No license text available +================================================================================ + + Copyrights + +================================================================================ + +BSD Zero Clause License + +Copyright (c) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 + +Copyright (c) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 + +Copyright (c) i.e., "Copyright (c) + +Copyright (c) + +Copyright (c) 1991 - 1995 Stichting Mathematisch Centrum Amsterdam, +Copyright (C) 2006 by Rob Landley +Permission to use, copy, modify, and/or distribute this software for any purpose with or without fee is hereby granted. +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +-------------------------------------------------------------------------------- +Apache License 2.0 + +Copyright (c) 2021 Splunk Inc. + +Copyright (c) 2023 Splunk Inc. + +Copyright (c) 2022 Splunk Inc. + +Copyright (c) yyyy} {name of copyright owner} + +Copyright (c) yyyy} {name of copyright owner} + +Copyright (c) owner} + +Copyright (c) 2011-2024 Splunk, Inc. + +Copyright (c) 2015 Google Inc. All rights reserved. + +Copyright (c) 2007 Google Inc. + +Copyright (c) 2017 Paul Ganssle + +Copyright (c) 2017 dateutil contributors (see AUTHORS file) + +Copyright (c) 2003-2011 Gustavo Niemeyer + +Copyright (c) 2012-2014 Tomi Pieviläinen + +Copyright (c) 2014-2016 Yaron de Leeuw + +Copyright (c) 2015 Paul Ganssle + +Copyright (c) 2015 dateutil contributors (see AUTHORS file) + +Copyright (c) 2020 Joel Wang +Apache License +Version 2.0, January 2004 +http://www.apache.org/licenses/ TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all other entities that control, are controlled by, or are under common control with that entity. For the purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, including but not limited to software source code, documentation source, and configuration files. + + "Object" form shall mean any form resulting from mechanical transformation or translation of a Source form, including but not limited to compiled object code, generated documentation, and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or Object form, made available under the License, as indicated by a copyright notice that is included in or attached to the work (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object form, that is based on (or derived from) the Work and for which the editorial revisions, annotations, elaborations, or other modifications represent, as a whole, an original work of authorship. For the purposes of this License, Derivative Works shall not include works that remain separable from, or merely link (or bind by name) to the interfaces of, the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including the original version of the Work and any modifications or additions to that Work or Derivative Works thereof, that is intentionally submitted to Licensor for inclusion in the Work by the copyright owner or by an individual or Legal Entity authorized to submit on behalf of the copyright owner. For the purposes of this definition, "submitted" means any form of electronic, verbal, or written communication sent to the Licensor or its representatives, including but not limited to communication on electronic mailing lists, source code control systems, and issue tracking systems that are managed by, or on behalf of, the Licensor for the purpose of discussing and improving the Work, but excluding communication that is conspicuously marked or otherwise designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and subsequently incorporated within the Work. + 2. Grant of Copyright License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable copyright license to reproduce, prepare Derivative Works of, publicly display, publicly perform, sublicense, and distribute the Work and such Derivative Works in Source or Object form. + 3. Grant of Patent License. Subject to the terms and conditions of this License, each Contributor hereby grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, irrevocable (except as stated in this section) patent license to make, have made, use, offer to sell, sell, import, and otherwise transfer the Work, where such license applies only to those patent claims licensable by such Contributor that are necessarily infringed by their Contribution(s) alone or by combination of their Contribution(s) with the Work to which such Contribution(s) was submitted. If You institute patent litigation against any entity (including a cross-claim or counterclaim in a lawsuit) alleging that the Work or a Contribution incorporated within the Work constitutes direct or contributory patent infringement, then any patent licenses granted to You under this License for that Work shall terminate as of the date such litigation is filed. + 4. Redistribution. You may reproduce and distribute copies of the Work or Derivative Works thereof in any medium, with or without modifications, and in Source or Object form, provided that You meet the following conditions: + (a) You must give any other recipients of the Work or Derivative Works a copy of this License; and + (b) You must cause any modified files to carry prominent notices stating that You changed the files; and + (c) You must retain, in the Source form of any Derivative Works that You distribute, all copyright, patent, trademark, and attribution notices from the Source form of the Work, excluding those notices that do not pertain to any part of the Derivative Works; and + (d) If the Work includes a "NOTICE" text file as part of its distribution, then any Derivative Works that You distribute must include a readable copy of the attribution notices contained within such NOTICE file, excluding those notices that do not pertain to any part of the Derivative Works, in at least one of the following places: within a NOTICE text file distributed as part of the Derivative Works; within the Source form or documentation, if provided along with the Derivative Works; or, within a display generated by the Derivative Works, if and wherever such third-party notices normally appear. The contents of the NOTICE file are for informational purposes only and do not modify the License. You may add Your own attribution notices within Derivative Works that You distribute, alongside or as an addendum to the NOTICE text from the Work, provided that such additional attribution notices cannot be construed as modifying the License. + You may add Your own copyright statement to Your modifications and may provide additional or different license terms and conditions for use, reproduction, or distribution of Your modifications, or for any such Derivative Works as a whole, provided Your use, reproduction, and distribution of the Work otherwise complies with the conditions stated in this License. + 5. Submission of Contributions. Unless You explicitly state otherwise, any Contribution intentionally submitted for inclusion in the Work by You to the Licensor shall be under the terms and conditions of this License, without any additional terms or conditions. Notwithstanding the above, nothing herein shall supersede or modify the terms of any separate license agreement you may have executed with Licensor regarding such Contributions. + 6. Trademarks. This License does not grant permission to use the trade names, trademarks, service marks, or product names of the Licensor, except as required for reasonable and customary use in describing the origin of the Work and reproducing the content of the NOTICE file. + 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. + 8. Limitation of Liability. In no event and under no legal theory, whether in tort (including negligence), contract, or otherwise, unless required by applicable law (such as deliberate and grossly negligent acts) or agreed to in writing, shall any Contributor be liable to You for damages, including any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or out of the use or inability to use the Work (including but not limited to damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses), even if such Contributor has been advised of the possibility of such damages. + 9. Accepting Warranty or Additional Liability. While redistributing the Work or Derivative Works thereof, You may choose to offer, and charge a fee for, acceptance of support, warranty, indemnity, or other liability obligations and/or rights consistent with this License. However, in accepting such obligations, You may act only on Your own behalf and on Your sole responsibility, not on behalf of any other Contributor, and only if You agree to indemnify, defend, and hold each Contributor harmless for any liability incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. END OF TERMS AND CONDITIONS +APPENDIX: How to apply the Apache License to your work. +To apply the Apache License to your work, attach the following boilerplate notice, with the fields enclosed by brackets "[]" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a file or class name and description of purpose be included on the same "printed page" as the copyright notice for easier identification within third-party archives. +Copyright [yyyy] [name of copyright owner] +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at +http://www.apache.org/licenses/LICENSE-2.0 +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. + +-------------------------------------------------------------------------------- +BSD 2-Clause "Simplified" License + +Copyright (c) Donald Stufft and individual contributors. + +Copyright (c) Donald Stufft and individual contributors. +Copyright (c) +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + + and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +-------------------------------------------------------------------------------- +BSD 3-Clause "New" or "Revised" License + +Copyright (c) 2013-2024 Kim Davies and contributors. + +Copyright (c) 2006 Dan-Haim. All rights reserved. + +Copyright (c) 2006 Estrate, the Netherlands + +Copyright (c) 2013 Matthew Rocklin + +Copyright (c) 2017 Paul Ganssle + +Copyright (c) 2010 Jonathan Hartley +Copyright (c) +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright notice, + this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + + 3. Neither the name of the copyright holder nor the names of its + contributors may be used to endorse or promote products derived from + this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE +FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL +DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR +SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER +CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, +OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +-------------------------------------------------------------------------------- +GNU General Public License v1.0 only + +Copyright (c) 2004-2011 Paul T. McGuire. All rights reserved. +GNU GENERAL PUBLIC LICENSE +Version 1, February 1989 +Copyright (C) 1989 Free Software Foundation, Inc. 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA +Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. +Preamble +The license agreements of most software companies try to keep users at the mercy of those companies. By contrast, our General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. The General Public License applies to the Free Software Foundation's software and to any other program whose authors commit to using it. You can use it for your programs, too. +When we speak of free software, we are referring to freedom, not price. Specifically, the General Public License is designed to make sure that you have the freedom to give away or sell copies of free software, that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. +To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. +For example, if you distribute copies of a such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must tell them their rights. +We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. +Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. +The precise terms and conditions for copying, distribution and modification follow. +GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + + 0. This License Agreement applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any work containing the Program or a portion of it, either verbatim or with modifications. Each licensee is addressed as "you". + + 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this General Public License and to the absence of any warranty; and give any other recipients of the Program a copy of this General Public License along with the Program. You may charge a fee for the physical act of transferring a copy. + + 2. You may modify your copy or copies of the Program or any portion of it, and copy and distribute such modifications under the terms of Paragraph 1 above, provided that you also do the following: + a) cause the modified files to carry prominent notices stating that you changed the files and the date of any change; and + b) cause the whole of any work that you distribute or publish, that in whole or in part contains the Program or any part thereof, either with or without modifications, to be licensed at no charge to all third parties under the terms of this General Public License (except that you may choose to grant warranty protection to some or all third parties, at your option). + c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the simplest and most usual way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this General Public License. + d) You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. + Mere aggregation of another independent work with the Program (or its derivative) on a volume of a storage or distribution medium does not bring the other work under the scope of these terms. + + 3. You may copy and distribute the Program (or a portion or derivative of it, under Paragraph 2) in object code or executable form under the terms of Paragraphs 1 and 2 above provided that you also do one of the following: + a) accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Paragraphs 1 and 2 above; or, + b) accompany it with a written offer, valid for at least three years, to give any third party free (except for a nominal charge for the cost of distribution) a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Paragraphs 1 and 2 above; or, + c) accompany it with the information you received as to where the corresponding source code may be obtained. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form alone.) + Source code for a work means the preferred form of the work for making modifications to it. For an executable file, complete source code means all the source code for all modules it contains; but, as a special exception, it need not include source code for modules which are standard libraries that accompany the operating system on which the executable file runs, or for standard header files or definitions files that accompany that operating system. + + 4. You may not copy, modify, sublicense, distribute or transfer the Program except as expressly provided under this General Public License. Any attempt otherwise to copy, modify, sublicense, distribute or transfer the Program is void, and will automatically terminate your rights to use the Program under this License. However, parties who have received copies, or rights to use copies, from you under this General Public License will not have their licenses terminated so long as such parties remain in full compliance. + + 5. By copying, distributing or modifying the Program (or any work based on the Program) you indicate your acceptance of this license to do so, and all its terms and conditions. + + 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. + + 7. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. + Each version is given a distinguishing version number. If the Program specifies a version number of the license which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of the license, you may choose any version ever published by the Free Software Foundation. + + 8. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. + + NO WARRANTY + 9. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + + 10. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS +Appendix: How to Apply These Terms to Your New Programs +If you develop a new program, and you want it to be of the greatest possible use to humanity, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. +To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. + Copyright (C) 19yy +This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 1, or (at your option) any later version. +This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. +You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +Also add information on how to contact you by electronic and paper mail. +If the program is interactive, make it output a short notice like this when it starts in an interactive mode: +Gnomovision version 69, Copyright (C) 19xx name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. +The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. +You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here a sample; alter the names: +Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (a program to direct compilers to make passes at assemblers) written by James Hacker. +, 1 April 1989 Ty Coon, President of Vice +That's all there is to it! + +-------------------------------------------------------------------------------- +GNU General Public License v2.0 only + +Copyright (c) 2000 Bastian Kleineidam + +Copyright (c) 2006 Stefan Petre +GNU GENERAL PUBLIC LICENSE +Version 2, June 1991 +Copyright (C) 1989, 1991 Free Software Foundation, Inc. +51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 , USA +Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. +Preamble +The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. +When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. +To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. +For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. +We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. +Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. +Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. +The precise terms and conditions for copying, distribution and modification follow. +TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION + 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". + Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. + 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. + You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. + 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: + a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. + b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. + c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) + These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. + Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. + In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. + 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: + a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, + b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, + c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) + The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. + If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. + 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. + 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. + 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. + 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. + If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. + It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. + This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. + 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. + 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. + Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. + 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. + NO WARRANTY + 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. + 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS +How to Apply These Terms to Your New Programs +If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. +To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. +< one line to give the program's name and an idea of what it does. > +Copyright (C) < yyyy > < name of author > +This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. +This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. +You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 , USA. Also add information on how to contact you by electronic and paper mail. +If the program is interactive, make it output a short notice like this when it starts in an interactive mode: +Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. +The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. +You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: +Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. +< signature of Ty Coon > , 1 April 1989 Ty Coon, President of Vice + +-------------------------------------------------------------------------------- +Historical Permission Notice and Disclaimer + +Copyright (c) 2000 by Timothy O'Malley +Historical Permission Notice and Disclaimer + +Permission to use, copy, modify and distribute this software and its documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appear in all copies , and that both that the copyright notice and this permission notice appear in supporting documentation , and that the name of not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission . makes no representations about the suitability of this software for any purpose. It is provided "as is" without express or implied warranty. DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS . IN NO EVENT SHALL BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +-------------------------------------------------------------------------------- +MIT License + +Copyright (c) 2012 Martin Blech and individual contributors. + +Copyright (c) 2010-2020 Benjamin Peterson + +Copyright (c) 2012 Daniele Faraglia + +Copyright (c) 2013 Julian Berman + +Copyright (c) 2012 Julian Berman + +Copyright (c) 2013-2024 Python Charmers, Australia + +Copyright (c) 2022 Tobias Gustafsson + +Copyright (c) Jason R. Coombs + +Copyright (c) Jason R. Coombs + +Copyright (c) 2006 by Joe Gregorio + +Copyright (c) 2006 Stefan Petre + +Copyright (c) 2009 by Mark Pilgrim + +Copyright (c) JS Foundation and other contributors + +Copyright (c) 2008-2020 Andrey Petrov and contributors (see CONTRIBUTORS.txt) + +Copyright (c) 2012 Senko Rasic + +Copyright (c) 2015-2016 Will Bond + +Copyright (c) 2019 TAHRI Ahmed R. + +Copyright (c) Ahmed TAHRI @Ousret](https://github.com/Ousret).
+ +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + +-------------------------------------------------------------------------------- +CMU License + +Copyright (c) 1989 by Carnegie Mellon University +Copyright 1989, 1991, 1992 by Carnegie Mellon University +Derivative Work - 1996, 1998-2000 Copyright 1996, 1998-2000 The Regents of the University of California +All Rights Reserved +Permission to use, copy, modify and distribute this software and its documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appears in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of CMU and The Regents of the University of California not be used in advertising or publicity pertaining to distribution of the software without specific written permission. +CMU AND THE REGENTS OF THE UNIVERSITY OF CALIFORNIA DISCLAIM ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL CMU OR THE REGENTS OF THE UNIVERSITY OF CALIFORNIA BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM THE LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +-------------------------------------------------------------------------------- +Mozilla Public License 2.0 +Mozilla Public License Version 2.0 + 1. Definitions + 1.1. "Contributor" means each individual or legal entity that creates, contributes to the creation of, or owns Covered Software. + 1.2. "Contributor Version" means the combination of the Contributions of others (if any) used by a Contributor and that particular Contributor's Contribution. + 1.3. "Contribution" means Covered Software of a particular Contributor. + 1.4. "Covered Software" means Source Code Form to which the initial Contributor has attached the notice in Exhibit A, the Executable Form of such Source Code Form, and Modifications of such Source Code Form, in each case including portions thereof. + 1.5. "Incompatible With Secondary Licenses" means + (a) that the initial Contributor has attached the notice described in Exhibit B to the Covered Software; or + (b) that the Covered Software was made available under the terms of version 1.1 or earlier of the License, but not also under the terms of a Secondary License. + 1.6. "Executable Form" means any form of the work other than Source Code Form. + 1.7. "Larger Work" means a work that combines Covered Software with other material, in a separate file or files, that is not Covered Software. + 1.8. "License" means this document. + 1.9. "Licensable" means having the right to grant, to the maximum extent possible, whether at the time of the initial grant or subsequently, any and all of the rights conveyed by this License. + 1.10. "Modifications" means any of the following: + (a) any file in Source Code Form that results from an addition to, deletion from, or modification of the contents of Covered Software; or + (b) any new file in Source Code Form that contains any Covered Software. + 1.11. "Patent Claims" of a Contributor means any patent claim(s), including without limitation, method, process, and apparatus claims, in any patent Licensable by such Contributor that would be infringed, but for the grant of the License, by the making, using, selling, offering for sale, having made, import, or transfer of either its Contributions or its Contributor Version. + 1.12. "Secondary License" means either the GNU General Public License, Version 2.0, the GNU Lesser General Public License, Version 2.1, the GNU Affero General Public License, Version 3.0, or any later versions of those licenses. + 1.13. "Source Code Form" means the form of the work preferred for making modifications. + 1.14. "You" (or "Your") means an individual or a legal entity exercising rights under this License. For legal entities, "You" includes any entity that controls, is controlled by, or is under common control with You. For purposes of this definition, "control" means (a) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (b) ownership of more than fifty percent (50%) of the outstanding shares or beneficial ownership of such entity. + 2. License Grants and Conditions + 2.1. Grants + Each Contributor hereby grants You a world-wide, royalty-free, non-exclusive license: + (a) under intellectual property rights (other than patent or trademark) Licensable by such Contributor to use, reproduce, make available, modify, display, perform, distribute, and otherwise exploit its Contributions, either on an unmodified basis, with Modifications, or as part of a Larger Work; and + (b) under Patent Claims of such Contributor to make, use, sell, offer for sale, have made, import, and otherwise transfer either its Contributions or its Contributor Version. + 2.2. Effective Date + The licenses granted in Section 2.1 with respect to any Contribution become effective for each Contribution on the date the Contributor first distributes such Contribution. + 2.3. Limitations on Grant Scope + The licenses granted in this Section 2 are the only rights granted under this License. No additional rights or licenses will be implied from the distribution or licensing of Covered Software under this License. Notwithstanding Section 2.1(b) above, no patent license is granted by a Contributor: + (a) for any code that a Contributor has removed from Covered Software; or + (b) for infringements caused by: (i) Your and any other third party's modifications of Covered Software, or (ii) the combination of its Contributions with other software (except as part of its Contributor Version); or + (c) under Patent Claims infringed by Covered Software in the absence of its Contributions. + This License does not grant any rights in the trademarks, service marks, or logos of any Contributor (except as may be necessary to comply with the notice requirements in Section 3.4). + 2.4. Subsequent Licenses + No Contributor makes additional grants as a result of Your choice to distribute the Covered Software under a subsequent version of this License (see Section 10.2) or under the terms of a Secondary License (if permitted under the terms of Section 3.3). + 2.5. Representation + Each Contributor represents that the Contributor believes its Contributions are its original creation(s) or it has sufficient rights to grant the rights to its Contributions conveyed by this License. + 2.6. Fair Use + This License is not intended to limit any rights You have under applicable copyright doctrines of fair use, fair dealing, or other equivalents. + 2.7. Conditions + Sections 3.1, 3.2, 3.3, and 3.4 are conditions of the licenses granted in Section 2.1. + 3. Responsibilities + 3.1. Distribution of Source Form + All distribution of Covered Software in Source Code Form, including any Modifications that You create or to which You contribute, must be under the terms of this License. You must inform recipients that the Source Code Form of the Covered Software is governed by the terms of this License, and how they can obtain a copy of this License. You may not attempt to alter or restrict the recipients' rights in the Source Code Form. + 3.2. Distribution of Executable Form + If You distribute Covered Software in Executable Form then: + (a) such Covered Software must also be made available in Source Code Form, as described in Section 3.1, and You must inform recipients of the Executable Form how they can obtain a copy of such Source Code Form by reasonable means in a timely manner, at a charge no more than the cost of distribution to the recipient; and + (b) You may distribute such Executable Form under the terms of this License, or sublicense it under different terms, provided that the license for the Executable Form does not attempt to limit or alter the recipients' rights in the Source Code Form under this License. + 3.3. Distribution of a Larger Work + You may create and distribute a Larger Work under terms of Your choice, provided that You also comply with the requirements of this License for the Covered Software. If the Larger Work is a combination of Covered Software with a work governed by one or more Secondary Licenses, and the Covered Software is not Incompatible With Secondary Licenses, this License permits You to additionally distribute such Covered Software under the terms of such Secondary License(s), so that the recipient of the Larger Work may, at their option, further distribute the Covered Software under the terms of either this License or such Secondary License(s). + 3.4. Notices + You may not remove or alter the substance of any license notices (including copyright notices, patent notices, disclaimers of warranty, or limitations of liability) contained within the Source Code Form of the Covered Software, except that You may alter any license notices to the extent required to remedy known factual inaccuracies. + 3.5. Application of Additional Terms + You may choose to offer, and to charge a fee for, warranty, support, indemnity or liability obligations to one or more recipients of Covered Software. However, You may do so only on Your own behalf, and not on behalf of any Contributor. You must make it absolutely clear that any such warranty, support, indemnity, or liability obligation is offered by You alone, and You hereby agree to indemnify every Contributor for any liability incurred by such Contributor as a result of warranty, support, indemnity or liability terms You offer. You may include additional disclaimers of warranty and limitations of liability specific to any jurisdiction. + 4. Inability to Comply Due to Statute or Regulation + If it is impossible for You to comply with any of the terms of this License with respect to some or all of the Covered Software due to statute, judicial order, or regulation then You must: (a) comply with the terms of this License to the maximum extent possible; and (b) describe the limitations and the code they affect. Such description must be placed in a text file included with all distributions of the Covered Software under this License. Except to the extent prohibited by statute or regulation, such description must be sufficiently detailed for a recipient of ordinary skill to be able to understand it. + 5. Termination + 5.1. The rights granted under this License will terminate automatically if You fail to comply with any of its terms. However, if You become compliant, then the rights granted under this License from a particular Contributor are reinstated (a) provisionally, unless and until such Contributor explicitly and finally terminates Your grants, and (b) on an ongoing basis, if such Contributor fails to notify You of the non-compliance by some reasonable means prior to 60 days after You have come back into compliance. Moreover, Your grants from a particular Contributor are reinstated on an ongoing basis if such Contributor notifies You of the non-compliance by some reasonable means, this is the first time You have received notice of non-compliance with this License from such Contributor, and You become compliant prior to 30 days after Your receipt of the notice. + 5.2. If You initiate litigation against any entity by asserting a patent infringement claim (excluding declaratory judgment actions, counter-claims, and cross-claims) alleging that a Contributor Version directly or indirectly infringes any patent, then the rights granted to You by any and all Contributors for the Covered Software under Section 2.1 of this License shall terminate. + 5.3. In the event of termination under Sections 5.1 or 5.2 above, all end user license agreements (excluding distributors and resellers) which have been validly granted by You or Your distributors under this License prior to termination shall survive termination. + 6. Disclaimer of Warranty + Covered Software is provided under this License on an "as is" basis, without warranty of any kind, either expressed, implied, or statutory, including, without limitation, warranties that the Covered Software is free of defects, merchantable, fit for a particular purpose or non-infringing. The entire risk as to the quality and performance of the Covered Software is with You. Should any Covered Software prove defective in any respect, You (not any Contributor) assume the cost of any necessary servicing, repair, or correction. This disclaimer of warranty constitutes an essential part of this License. No use of any Covered Software is authorized under this License except under this disclaimer. + 7. Limitation of Liability + Under no circumstances and under no legal theory, whether tort (including negligence), contract, or otherwise, shall any Contributor, or anyone who distributes Covered Software as permitted above, be liable to You for any direct, indirect, special, incidental, or consequential damages of any character including, without limitation, damages for lost profits, loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses, even if such party shall have been informed of the possibility of such damages. This limitation of liability shall not apply to liability for death or personal injury resulting from such party's negligence to the extent applicable law prohibits such limitation. Some jurisdictions do not allow the exclusion or limitation of incidental or consequential damages, so this exclusion and limitation may not apply to You. + 8. Litigation + Any litigation relating to this License may be brought only in the courts of a jurisdiction where the defendant maintains its principal place of business and such litigation shall be governed by laws of that jurisdiction, without reference to its conflict-of-law provisions. Nothing in this Section shall prevent a party's ability to bring cross-claims or counter-claims. + 9. Miscellaneous + This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. Any law or regulation which provides that the language of a contract shall be construed against the drafter shall not be used to construe this License against a Contributor. + 10. Versions of the License + 10.1. New Versions + Mozilla Foundation is the license steward. Except as provided in Section 10.3, no one other than the license steward has the right to modify or publish new versions of this License. Each version will be given a distinguishing version number. + 10.2. Effect of New Versions + You may distribute the Covered Software under the terms of the version of the License under which You originally received the Covered Software, or under the terms of any subsequent version published by the license steward. + 10.3. Modified Versions + If you create software not governed by this License, and you want to create a new license for such software, you may create and use a modified version of this License if you rename the license and remove any references to the name of the license steward (except to note that such modified license differs from this License). + 10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses + If You choose to distribute Source Code Form that is Incompatible With Secondary Licenses under the terms of this version of the License, the notice described in Exhibit B of this License must be attached. Exhibit A - Source Code Form License Notice +This Source Code Form is subject to the terms of the Mozilla Public License, v. 2.0. If a copy of the MPL was not distributed with this file, You can obtain one at http://mozilla.org/MPL/2.0/. +If it is not possible or desirable to put the notice in a particular file, then You may include the notice in a location (such as a LICENSE file in a relevant directory) where a recipient would be likely to look for such a notice. +You may add additional accurate notices of copyright ownership. +Exhibit B - "Incompatible With Secondary Licenses" Notice +This Source Code Form is "Incompatible With Secondary Licenses", as defined by the Mozilla Public License, v. 2.0. + +-------------------------------------------------------------------------------- +PIL Software License + +Copyright (c) 1999-2002 by Secret Labs AB. + +Copyright (c) 1999-2002 by Fredrik Lundh. + +Copyright (c) 1999-2002 by Secret Labs AB + +Copyright (c) 1999-2002 by Fredrik Lundh +By obtaining, using, and/or copying this software and/or its associated documentation, you agree that you have read, understood, and will comply with the following terms and conditions: + +Permission to use, copy, modify, and distribute this software and its associated documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appears in all copies, and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of Secret Labs AB or the author not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. + +SECRET LABS AB AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL SECRET LABS AB OR THE AUTHOR BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +-------------------------------------------------------------------------------- +Python Software License Agreement 2.0 + +Copyright (c) 2020 Thomas Grainger. + +Copyright (c) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 +PYTHON SOFTWARE FOUNDATION LICENSE VERSION 2 + + 1. This LICENSE AGREEMENT is between the Python Software Foundation ("PSF"), and the Individual or Organization ("Licensee") accessing and otherwise using this software ("Python") in source or binary form and its associated documentation. + 2. Subject to the terms and conditions of this License Agreement, PSF hereby grants Licensee a nonexclusive, royalty-free, world-wide license to reproduce, analyze, test, perform and/or display publicly, prepare derivative works, distribute, and otherwise use Python alone or in any derivative version, provided, however, that PSF's License Agreement and PSF's notice of copyright, i.e., "Copyright (c) 2001, 2002, 2003, 2004, 2005, 2006 Python Software Foundation; All Rights Reserved" are retained in Python alone or in any derivative version prepared by Licensee. + 3. In the event Licensee prepares a derivative work that is based on or incorporates Python or any part thereof, and wants to make the derivative work available to others as provided herein, then Licensee hereby agrees to include in any such work a brief summary of the changes made to Python. + 4. PSF is making Python available to Licensee on an "AS IS" basis. PSF MAKES NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED. BY WAY OF EXAMPLE, BUT NOT LIMITATION, PSF MAKES NO AND DISCLAIMS ANY REPRESENTATION OR WARRANTY OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF PYTHON WILL NOT INFRINGE ANY THIRD PARTY RIGHTS. + 5. PSF SHALL NOT BE LIABLE TO LICENSEE OR ANY OTHER USERS OF PYTHON FOR ANY INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES OR LOSS AS A RESULT OF MODIFYING, DISTRIBUTING, OR OTHERWISE USING PYTHON, OR ANY DERIVATIVE THEREOF, EVEN IF ADVISED OF THE POSSIBILITY THEREOF. + 6. This License Agreement will automatically terminate upon a material breach of its terms and conditions. + 7. Nothing in this License Agreement shall be deemed to create any relationship of agency, partnership, or joint venture between PSF and Licensee. This License Agreement does not grant permission to use PSF trademarks or trade name in a trademark sense to endorse or promote products or services of Licensee, or any third party. + 8. By copying, installing or otherwise using Python, Licensee agrees to be bound by the terms and conditions of this License Agreement. + +-------------------------------------------------------------------------------- +Python License 2.0 + +Copyright (c) i.e., "Copyright (c) + +Copyright (c) i.e., "Copyright (c) + +Copyright (c) + +Copyright (c) 2022 Alex Grönholm + +Copyright (c) 2000 Bastian Kleineidam + +Copyright (c) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 + +Copyright (c) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 +PYTHON SOFTWARE FOUNDATION LICENSE VERSION 2 + 1. This LICENSE AGREEMENT is between the Python Software Foundation ("PSF"), and the Individual or Organization ("Licensee") accessing and otherwise using this software ("Python") in source or binary form and its associated documentation. + 2. Subject to the terms and conditions of this License Agreement, PSF hereby grants Licensee a nonexclusive, royalty-free, world-wide license to reproduce, analyze, test, perform and/or display publicly, prepare derivative works, distribute, and otherwise use Python alone or in any derivative version, provided, however, that PSF's License Agreement and PSF's notice of copyright, i.e., "Copyright (c) 2001, 2002, 2003, 2004, 2005, 2006 Python Software Foundation; All Rights Reserved" are retained in Python alone or in any derivative version prepared by Licensee. + 3. In the event Licensee prepares a derivative work that is based on or incorporates Python or any part thereof, and wants to make the derivative work available to others as provided herein, then Licensee hereby agrees to include in any such work a brief summary of the changes made to Python. + 4. PSF is making Python available to Licensee on an "AS IS" basis. PSF MAKES NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED. BY WAY OF EXAMPLE, BUT NOT LIMITATION, PSF MAKES NO AND DISCLAIMS ANY REPRESENTATION OR WARRANTY OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF PYTHON WILL NOT INFRINGE ANY THIRD PARTY RIGHTS. + 5. PSF SHALL NOT BE LIABLE TO LICENSEE OR ANY OTHER USERS OF PYTHON FOR ANY INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES OR LOSS AS A RESULT OF MODIFYING, DISTRIBUTING, OR OTHERWISE USING PYTHON, OR ANY DERIVATIVE THEREOF, EVEN IF ADVISED OF THE POSSIBILITY THEREOF. + 6. This License Agreement will automatically terminate upon a material breach of its terms and conditions. + 7. Nothing in this License Agreement shall be deemed to create any relationship of agency, partnership, or joint venture between PSF and Licensee. This License Agreement does not grant permission to use PSF trademarks or trade name in a trademark sense to endorse or promote products or services of Licensee, or any third party. + 8. By copying, installing or otherwise using Python, Licensee agrees to be bound by the terms and conditions of this License Agreement. BEOPEN.COM LICENSE AGREEMENT FOR PYTHON 2.0 +BEOPEN PYTHON OPEN SOURCE LICENSE AGREEMENT VERSION 1 + 1. This LICENSE AGREEMENT is between BeOpen.com ("BeOpen"), having an office at 160 Saratoga Avenue, Santa Clara, CA 95051, and the Individual or Organization ("Licensee") accessing and otherwise using this software in source or binary form and its associated documentation ("the Software"). + 2. Subject to the terms and conditions of this BeOpen Python License Agreement, BeOpen hereby grants Licensee a non-exclusive, royalty-free, world-wide license to reproduce, analyze, test, perform and/or display publicly, prepare derivative works, distribute, and otherwise use the Software alone or in any derivative version, provided, however, that the BeOpen Python License is retained in the Software, alone or in any derivative version prepared by Licensee. + 3. BeOpen is making the Software available to Licensee on an "AS IS" basis. BEOPEN MAKES NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED. BY WAY OF EXAMPLE, BUT NOT LIMITATION, BEOPEN MAKES NO AND DISCLAIMS ANY REPRESENTATION OR WARRANTY OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF THE SOFTWARE WILL NOT INFRINGE ANY THIRD PARTY RIGHTS. + 4. BEOPEN SHALL NOT BE LIABLE TO LICENSEE OR ANY OTHER USERS OF THE SOFTWARE FOR ANY INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES OR LOSS AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THE SOFTWARE, OR ANY DERIVATIVE THEREOF, EVEN IF ADVISED OF THE POSSIBILITY THEREOF. + 5. This License Agreement will automatically terminate upon a material breach of its terms and conditions. + 6. This License Agreement shall be governed by and interpreted in all respects by the law of the State of California, excluding conflict of law provisions. Nothing in this License Agreement shall be deemed to create any relationship of agency, partnership, or joint venture between BeOpen and Licensee. This License Agreement does not grant permission to use BeOpen trademarks or trade names in a trademark sense to endorse or promote products or services of Licensee, or any third party. As an exception, the "BeOpen Python" logos available at http://www.pythonlabs.com/logos.html may be used according to the permissions granted on that web page. + 7. By copying, installing or otherwise using the software, Licensee agrees to be bound by the terms and conditions of this License Agreement. CNRI OPEN SOURCE LICENSE AGREEMENT (for Python 1.6b1) IMPORTANT: PLEASE READ THE FOLLOWING AGREEMENT CAREFULLY. +BY CLICKING ON "ACCEPT" WHERE INDICATED BELOW, OR BY COPYING, INSTALLING OR OTHERWISE USING PYTHON 1.6, beta 1 SOFTWARE, YOU ARE DEEMED TO HAVE AGREED TO THE TERMS AND CONDITIONS OF THIS LICENSE AGREEMENT. + 1. This LICENSE AGREEMENT is between the Corporation for National Research Initiatives, having an office at 1895 Preston White Drive, Reston, VA 20191 ("CNRI"), and the Individual or Organization ("Licensee") accessing and otherwise using Python 1.6, beta 1 software in source or binary form and its associated documentation, as released at the www.python.org Internet site on August 4, 2000 ("Python 1.6b1"). + 2. Subject to the terms and conditions of this License Agreement, CNRI hereby grants Licensee a non-exclusive, royalty-free, world-wide license to reproduce, analyze, test, perform and/or display publicly, prepare derivative works, distribute, and otherwise use Python 1.6b1 alone or in any derivative version, provided, however, that CNRIs License Agreement is retained in Python 1.6b1, alone or in any derivative version prepared by Licensee. + Alternately, in lieu of CNRIs License Agreement, Licensee may substitute the following text (omitting the quotes): "Python 1.6, beta 1, is made available subject to the terms and conditions in CNRIs License Agreement. This Agreement may be located on the Internet using the following unique, persistent identifier (known as a handle): 1895.22/1011. This Agreement may also be obtained from a proxy server on the Internet using the URL:http://hdl.handle.net/1895.22/1011". + 3. In the event Licensee prepares a derivative work that is based on or incorporates Python 1.6b1 or any part thereof, and wants to make the derivative work available to the public as provided herein, then Licensee hereby agrees to indicate in any such work the nature of the modifications made to Python 1.6b1. + 4. CNRI is making Python 1.6b1 available to Licensee on an "AS IS" basis. CNRI MAKES NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED. BY WAY OF EXAMPLE, BUT NOT LIMITATION, CNRI MAKES NO AND DISCLAIMS ANY REPRESENTATION OR WARRANTY OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF PYTHON 1.6b1 WILL NOT INFRINGE ANY THIRD PARTY RIGHTS. + 5. CNRI SHALL NOT BE LIABLE TO LICENSEE OR ANY OTHER USERS OF THE SOFTWARE FOR ANY INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES OR LOSS AS A RESULT OF USING, MODIFYING OR DISTRIBUTING PYTHON 1.6b1, OR ANY DERIVATIVE THEREOF, EVEN IF ADVISED OF THE POSSIBILITY THEREOF. + 6. This License Agreement will automatically terminate upon a material breach of its terms and conditions. + 7. This License Agreement shall be governed by and interpreted in all respects by the law of the State of Virginia, excluding conflict of law provisions. Nothing in this License Agreement shall be deemed to create any relationship of agency, partnership, or joint venture between CNRI and Licensee. This License Agreement does not grant permission to use CNRI trademarks or trade name in a trademark sense to endorse or promote products or services of Licensee, or any third party. + 8. By clicking on the "ACCEPT" button where indicated, or by copying, installing or otherwise using Python 1.6b1, Licensee agrees to be bound by the terms and conditions of this License Agreement. ACCEPT CWI LICENSE AGREEMENT FOR PYTHON 0.9.0 THROUGH 1.2 +Copyright (c) 1991 - 1995, Stichting Mathematisch Centrum Amsterdam, The Netherlands. All rights reserved. +Permission to use, copy, modify, and distribute this software and its documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of Stichting Mathematisch Centrum or CWI not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. +STICHTING MATHEMATISCH CENTRUM DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL STICHTING MATHEMATISCH CENTRUM BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +-------------------------------------------------------------------------------- +The Unlicense + +Copyright (c) interest in the + +Copyright (c) interest in the +This is free and unencumbered software released into the public domain. +Anyone is free to copy, modify, publish, use, compile, sell, or distribute this software, either in source code form or as a compiled binary, for any purpose, commercial or non-commercial, and by any means. +In jurisdictions that recognize copyright laws, the author or authors of this software dedicate any and all copyright interest in the software to the public domain. We make this dedication for the benefit of the public at large and to the detriment of our heirs and +successors. We intend this dedication to be an overt act of relinquishment in perpetuity of all present and future rights to this software under copyright law. +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +For more information, please refer to + +-------------------------------------------------------------------------------- +W3C Software Notice and License (2002-12-31) + +Copyright (c) 2011 World Wide Web Consortium + +Copyright (c) software-20021231 +W3C SOFTWARE NOTICE AND LICENSE +This work (and included software, documentation such as READMEs, or other related items) is being provided by the copyright holders under the following license. +License +By obtaining, using and/or copying this work, you (the licensee) agree that you have read, understood, and will comply with the following terms and conditions. +Permission to copy, modify, and distribute this software and its documentation, with or without modification, for any purpose and without fee or royalty is hereby granted, provided that you include the following on ALL copies of the software and documentation or portions thereof, including modifications: +The full text of this NOTICE in a location viewable to users of the redistributed or derivative work. +Any pre-existing intellectual property disclaimers, notices, or terms and conditions. If none exist, the W3C Software Short Notice should be included (hypertext is preferred, text is permitted) within the body of any redistributed or derivative code. +Notice of any changes or modifications to the files, including the date changes were made. (We recommend you provide URIs to the location from which the code is derived.) +Disclaimers +THIS SOFTWARE AND DOCUMENTATION IS PROVIDED "AS IS," AND COPYRIGHT HOLDERS MAKE NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO, WARRANTIES OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF THE SOFTWARE OR DOCUMENTATION WILL NOT INFRINGE ANY THIRD PARTY PATENTS, COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS. +COPYRIGHT HOLDERS WILL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, SPECIAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF ANY USE OF THE SOFTWARE OR DOCUMENTATION. +The name and trademarks of copyright holders may NOT be used in advertising or publicity pertaining to the software without specific, written prior permission. Title to copyright in this software and any associated documentation will at all times remain with copyright holders. Notes +This version: http://www.w3.org/Consortium/Legal/2002/copyright-software-20021231 +This formulation of W3C's notice and license became active on December 31 2002. This version removes the copyright ownership notice such that this license can be used with materials other than those owned by the W3C, reflects that ERCIM is now a host of the W3C, includes references to this specific dated version of the license, and removes the ambiguous grant of "use". Otherwise, this version is the same as the previous version and is written so as to preserve the Free Software Foundation's assessment of GPL compatibility and OSI's certification under the Open Source Definition. + +-------------------------------------------------------------------------------- +W3C Software Notice and License (1998-07-20) + +Copyright (c) 2001 The Internet Society and W3C (Massachusetts Institute + +Copyright (c) software-19980720 + +Copyright (c) 2001 World Wide Web Consortium, (Massachusetts Institute of Technology, Institut National de Recherche en Informatique et en Automatique, Keio University). All Rights Reserved. http://www.w3.org/Consortium/Legal/" +W3C® SOFTWARE NOTICE AND LICENSE +Copyright (c) 1994-2002 World Wide Web Consortium, (Massachusetts Institute of Technology, Institut National de Recherche en Informatique et en Automatique, Keio University). All Rights Reserved. http://www.w3.org/Consortium/Legal/ +This W3C work (including software, documents, or other related items) is being provided by the copyright holders under the following license. By obtaining, using and/or copying this work, you (the licensee) agree that you have read, understood, and will comply with the following terms and conditions: +Permission to use, copy, modify, and distribute this software and its documentation, with or without modification, for any purpose and without fee or royalty is hereby granted, provided that you include the following on ALL copies of the software and documentation or portions thereof, including modifications, that you make: + 1. The full text of this NOTICE in a location viewable to users of the redistributed or derivative work. + 2. Any pre-existing intellectual property disclaimers, notices, or terms and conditions. If none exist, a short notice of the following form (hypertext is preferred, text is permitted) should be used within the body of any redistributed or derivative code: "Copyright © [$date-of-software] World Wide Web Consortium, (Massachusetts Institute of Technology, Institut National de Recherche en Informatique et en Automatique, Keio University). All Rights Reserved. http://www.w3.org/Consortium/Legal/" + 3. Notice of any changes or modifications to the W3C files, including the date changes were made. (We recommend you provide URIs to the location from which the code is derived.) +THIS SOFTWARE AND DOCUMENTATION IS PROVIDED "AS IS," AND COPYRIGHT HOLDERS MAKE NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO, WARRANTIES OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF THE SOFTWARE OR DOCUMENTATION WILL NOT INFRINGE ANY THIRD PARTY PATENTS, COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS. +COPYRIGHT HOLDERS WILL NOT BE LIABLE FOR ANY DIRECT, INDIRECT, SPECIAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF ANY USE OF THE SOFTWARE OR DOCUMENTATION. +The name and trademarks of copyright holders may NOT be used in advertising or publicity pertaining to the software without specific, written prior permission. Title to copyright in this software and any associated documentation will at all times remain with copyright holders. ____________________________________ +This formulation of W3C's notice and license became active on August 14 1998 so as to improve compatibility with GPL. This version ensures that W3C software licensing terms are no more restrictive than GPL and consequently W3C software may be distributed in GPL packages. See the older formulation for the policy prior to this date. Please see our Copyright FAQ for common questions about using materials from our site, including specific terms and conditions for packages like libwww, Amaya, and Jigsaw. Other questions about this notice can be directed to site-policy@w3.org. + +-------------------------------------------------------------------------------- +Public Domain + +-------------------------------------------------------------------------------- + -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -Report Generated by FOSSA on 2024-7-11 +Report Generated by FOSSA on 2024-7-24 diff --git a/pyproject.toml b/pyproject.toml index 96a5760a..cb65663d 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -16,7 +16,7 @@ [tool.poetry] name = "pytest-splunk-addon" -version = "5.3.0-beta.9" +version = "5.3.0-beta.10" description = "A Dynamic test tool for Splunk Apps and Add-ons" authors = ["Splunk "] license = "APACHE-2.0" diff --git a/pytest_splunk_addon/__init__.py b/pytest_splunk_addon/__init__.py index d552f792..2167aa03 100644 --- a/pytest_splunk_addon/__init__.py +++ b/pytest_splunk_addon/__init__.py @@ -18,4 +18,4 @@ __author__ = """Splunk Inc.""" __email__ = "addonfactory@splunk.com" -__version__ = "5.3.0-beta.9" +__version__ = "5.3.0-beta.10" From 5f188c4469fa2265448dc845ba034e0beeae482f Mon Sep 17 00:00:00 2001 From: srv-rr-github-token <94607705+srv-rr-github-token@users.noreply.github.com> Date: Wed, 14 Aug 2024 06:19:27 +0000 Subject: [PATCH 26/29] chore(release): 5.4.0-beta.1 # [5.4.0-beta.1](https://github.com/splunk/pytest-splunk-addon/compare/v5.3.0...v5.4.0-beta.1) (2024-08-14) ### Bug Fixes * do not log .conf parser warnings from all workers ([#845](https://github.com/splunk/pytest-splunk-addon/issues/845)) ([8d4fb44](https://github.com/splunk/pytest-splunk-addon/commit/8d4fb445c7159fd9d9e9ec2783dc246e6bc260dd)) * updating src and dest fields ([#846](https://github.com/splunk/pytest-splunk-addon/issues/846)) ([a143c49](https://github.com/splunk/pytest-splunk-addon/commit/a143c4935d41521bc4016c90310620777f3b5f09)) * updating url rule ([#864](https://github.com/splunk/pytest-splunk-addon/issues/864)) ([a00fc81](https://github.com/splunk/pytest-splunk-addon/commit/a00fc81756ce302d264771452a4ccfd079c39f09)) ### Features * add support for CIM v5.3.2 ([#853](https://github.com/splunk/pytest-splunk-addon/issues/853)) ([5e7d1e8](https://github.com/splunk/pytest-splunk-addon/commit/5e7d1e89d1a9712d992f0accc5fd423571126525)) * adding CLEAN_KEYS support ([#869](https://github.com/splunk/pytest-splunk-addon/issues/869)) ([b2f6dc5](https://github.com/splunk/pytest-splunk-addon/commit/b2f6dc5b09c05a3eef5f7973cbf38c55ca498db3)) * adding new data models ([#863](https://github.com/splunk/pytest-splunk-addon/issues/863)) ([91fd95d](https://github.com/splunk/pytest-splunk-addon/commit/91fd95d1c971c112717a87b7304663b86378299f)) * schema changes for LR notes ([#857](https://github.com/splunk/pytest-splunk-addon/issues/857)) ([89fd96e](https://github.com/splunk/pytest-splunk-addon/commit/89fd96e9ad74014aa51dfb0431e75933d4ddd02e)) * schema changes for LR notes ([#862](https://github.com/splunk/pytest-splunk-addon/issues/862)) ([168b915](https://github.com/splunk/pytest-splunk-addon/commit/168b91563f21636a72b334c95c05fa56b59f2a79)) * updating cim model definitions ([#856](https://github.com/splunk/pytest-splunk-addon/issues/856)) ([1157ab9](https://github.com/splunk/pytest-splunk-addon/commit/1157ab9c62c584ba31bd92b1951fee73551b503b)) * updating network resolution data model ([#840](https://github.com/splunk/pytest-splunk-addon/issues/840)) ([b851bb9](https://github.com/splunk/pytest-splunk-addon/commit/b851bb9abfc24eb2565d7f3142ff821dd49c01df)) * updating network resolution model ([#844](https://github.com/splunk/pytest-splunk-addon/issues/844)) ([3859725](https://github.com/splunk/pytest-splunk-addon/commit/38597255fc669a35e79265e4f6dc6bc738199844)) --- NOTICE | 100 ++++++++++++++++++++++++++++---- pyproject.toml | 2 +- pytest_splunk_addon/__init__.py | 2 +- 3 files changed, 91 insertions(+), 13 deletions(-) diff --git a/NOTICE b/NOTICE index ddcb961f..3ba44af0 100644 --- a/NOTICE +++ b/NOTICE @@ -7,9 +7,9 @@ The following 3rd-party software packages may be used by or distributed with pytest-splunk-addon. Any information relevant to third-party vendors listed below are collected using common, reasonable means. -Date generated: 2024-8-7 +Date generated: 2024-8-14 -Revision ID: ec9101152540485a3cc7b35fbea07c1ea7a5e06d +Revision ID: c8510f34eaf0c68fb99423dcbb71df64628937c9 ================================================================================ ================================================================================ @@ -50,6 +50,8 @@ No licenses found -------------------------------------------------------------------------------- Package Title: addonfactory-splunk-conf-parser-lib (0.4.0) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -262,6 +264,8 @@ Apache-2.0 -------------------------------------------------------------------------------- Package Title: attrs (23.2.0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -294,6 +298,8 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: certifi (2024.6.2) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -325,6 +331,8 @@ one at http://mozilla.org/MPL/2.0/. -------------------------------------------------------------------------------- Package Title: charset-normalizer (3.3.2) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -356,6 +364,8 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: colorama (0.4.6) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -394,6 +404,8 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -------------------------------------------------------------------------------- Package Title: defusedxml (0.7.1) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -454,6 +466,8 @@ Agreement. -------------------------------------------------------------------------------- Package Title: deprecation (2.1.0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -690,6 +704,8 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: elementpath (4.1.5) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -722,6 +738,8 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: exceptiongroup (1.2.1) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -837,6 +855,8 @@ Agreement. -------------------------------------------------------------------------------- Package Title: execnet (2.0.2) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -866,6 +886,8 @@ MIT -------------------------------------------------------------------------------- Package Title: Faker (18.13.0) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -896,6 +918,8 @@ THE SOFTWARE. -------------------------------------------------------------------------------- Package Title: filelock (3.12.2) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -931,6 +955,8 @@ For more information, please refer to -------------------------------------------------------------------------------- Package Title: future (1.0.0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1016,6 +1042,8 @@ SECRET LABS AB AND THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTW -------------------------------------------------------------------------------- Package Title: httplib2 (0.22.0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1049,7 +1077,7 @@ SOFTWARE. * Other Licenses * -Apache-2.0, BSD-3-Clause, GPL-2.0-only +Apache-2.0, GPL-2.0-only, BSD-3-Clause * Apache-2.0 * @@ -1067,6 +1095,13 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. +* GPL-2.0-only * + +Copyright (C) 2006 Stefan Petre +This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; version 2. +This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. +You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + * BSD-3-Clause * Copyright (c) 2006 Dan-Haim. All rights reserved. . All rights reserved. @@ -1096,16 +1131,11 @@ CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -* GPL-2.0-only * - -Copyright (C) 2006 Stefan Petre -This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; version 2. -This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. -You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - -------------------------------------------------------------------------------- Package Title: idna (3.7) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1148,6 +1178,8 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -------------------------------------------------------------------------------- Package Title: importlib-metadata (6.7.0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1361,6 +1393,8 @@ Apache-2.0 -------------------------------------------------------------------------------- Package Title: importlib-resources (5.12.0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1574,6 +1608,8 @@ Apache-2.0 -------------------------------------------------------------------------------- Package Title: iniconfig (2.0.0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1604,6 +1640,8 @@ MIT -------------------------------------------------------------------------------- Package Title: jsonschema (4.17.3) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -1653,6 +1691,8 @@ See the License for the specific language governing permissions and limitations -------------------------------------------------------------------------------- Package Title: junitparser (2.8.0) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -1676,6 +1716,8 @@ Copyright 2020 Joel Wang -------------------------------------------------------------------------------- Package Title: packaging (24.0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1747,6 +1789,8 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -------------------------------------------------------------------------------- Package Title: pkgutil_resolve_name (1.3.10) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1847,6 +1891,8 @@ PYTHON SOFTWARE FOUNDATION LICENSE VERSION 2 -------------------------------------------------------------------------------- Package Title: pluggy (1.2.0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1879,6 +1925,8 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: pyparsing (3.1.2) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -1956,6 +2004,8 @@ You should have received a copy of the GNU General Public License along with thi -------------------------------------------------------------------------------- Package Title: pyrsistent (0.19.3) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -2020,6 +2070,8 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -------------------------------------------------------------------------------- Package Title: pytest (7.4.4) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -2052,6 +2104,8 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: pytest-ordering (0.6) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -2080,6 +2134,8 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: pytest-xdist (3.5.0) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -2109,6 +2165,8 @@ MIT -------------------------------------------------------------------------------- Package Title: python-dateutil (2.9.0.post0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -2203,6 +2261,8 @@ The above BSD License Applies to all code, even that also covered by Apache 2.0. -------------------------------------------------------------------------------- Package Title: requests (2.31.0) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -2389,6 +2449,8 @@ Apache-2.0 -------------------------------------------------------------------------------- Package Title: six (1.16.0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -2418,6 +2480,8 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. -------------------------------------------------------------------------------- Package Title: splunk-sdk (2.0.1) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -2441,6 +2505,8 @@ See the License for the specific language governing permissions and limitations -------------------------------------------------------------------------------- Package Title: splunksplwrapper (1.1.4) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -2653,6 +2719,8 @@ Apache-2.0 -------------------------------------------------------------------------------- Package Title: tomli (2.0.1) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -2685,6 +2753,8 @@ SOFTWARE. -------------------------------------------------------------------------------- Package Title: typing-extensions (4.7.1) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -3006,6 +3076,8 @@ PERFORMANCE OF THIS SOFTWARE. -------------------------------------------------------------------------------- Package Title: urllib3 (1.26.19) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -3057,6 +3129,8 @@ See the License for the specific language governing permissions and limitations -------------------------------------------------------------------------------- Package Title: xmlschema (2.5.1) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -3110,6 +3184,8 @@ The name and trademarks of copyright holders may NOT be used in advertising or p -------------------------------------------------------------------------------- Package Title: xmltodict (0.13.0) + +Package Depth: Direct -------------------------------------------------------------------------------- * Declared Licenses * @@ -3128,6 +3204,8 @@ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLI -------------------------------------------------------------------------------- Package Title: zipp (3.15.0) + +Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * @@ -6327,4 +6405,4 @@ Public Domain -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -Report Generated by FOSSA on 2024-8-7 +Report Generated by FOSSA on 2024-8-14 diff --git a/pyproject.toml b/pyproject.toml index 8aec3c3b..9c2ab913 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -16,7 +16,7 @@ [tool.poetry] name = "pytest-splunk-addon" -version = "5.3.0" +version = "5.4.0-beta.1" description = "A Dynamic test tool for Splunk Apps and Add-ons" authors = ["Splunk "] license = "APACHE-2.0" diff --git a/pytest_splunk_addon/__init__.py b/pytest_splunk_addon/__init__.py index 5fd0eeee..ef3c5d55 100644 --- a/pytest_splunk_addon/__init__.py +++ b/pytest_splunk_addon/__init__.py @@ -18,4 +18,4 @@ __author__ = """Splunk Inc.""" __email__ = "addonfactory@splunk.com" -__version__ = "5.3.0" +__version__ = "5.4.0-beta.1" From c4f72fe915a18aabf65aebd4102c32e92bdee0fb Mon Sep 17 00:00:00 2001 From: dvarasani-crest <151819886+dvarasani-crest@users.noreply.github.com> Date: Thu, 22 Aug 2024 14:44:51 +0530 Subject: [PATCH 27/29] feat!: remove feature cim-field-report generation (#885) This PR removes the feature of generating cim-field-report. ref: [ADDON-73385](https://splunk.atlassian.net/browse/ADDON-73385) NOTE: - moved unit test file (test_report.py) of cim-compliance report generation test from test_tools folder to test_utilities --- pyproject.toml | 1 - pytest_splunk_addon/tools/cim_field_report.py | 558 ------------------ .../test_cim_report.py | 0 .../test_data/sample_cim_report.md | 0 .../tests_tools/__init__.py | 0 .../tests_tools/test_cim_field_report.py | 344 ----------- 6 files changed, 903 deletions(-) delete mode 100644 pytest_splunk_addon/tools/cim_field_report.py rename tests/unit/tests_standard_lib/{tests_tools => test_utilities}/test_cim_report.py (100%) rename tests/unit/tests_standard_lib/{tests_tools => test_utilities}/test_data/sample_cim_report.md (100%) delete mode 100644 tests/unit/tests_standard_lib/tests_tools/__init__.py delete mode 100644 tests/unit/tests_standard_lib/tests_tools/test_cim_field_report.py diff --git a/pyproject.toml b/pyproject.toml index 9c2ab913..3482828a 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -60,7 +60,6 @@ pytest11 = { plugin = "pytest_splunk_addon.plugin", "splunk" = "pytest_splunk_ad [tool.poetry.scripts] cim-report = 'pytest_splunk_addon.utilities.junit_parser:main' -cim-field-report = 'pytest_splunk_addon.tools.cim_field_report:main' sample_splitter = 'pytest_splunk_addon.utilities.sample_splitter:main' [build-system] diff --git a/pytest_splunk_addon/tools/cim_field_report.py b/pytest_splunk_addon/tools/cim_field_report.py deleted file mode 100644 index b5a55a35..00000000 --- a/pytest_splunk_addon/tools/cim_field_report.py +++ /dev/null @@ -1,558 +0,0 @@ -# -# Copyright 2024 Splunk Inc. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -import os.path -import sys -import logging -import json -import argparse -import time -import traceback - -sys.path.insert(0, os.path.join(os.path.dirname(__file__), "..", "..")) - -from splunksplwrapper.manager.jobs import Jobs -from splunksplwrapper.splunk.cloud import CloudSplunk -from pytest_splunk_addon.addon_parser import AddonParser - -from splunklib import binding - -logging.basicConfig( - format="%(asctime)s.%(msecs)03d %(name)s %(levelname)s %(message)s", - datefmt="%Y-%m-%d %H:%M:%S", - level=logging.ERROR, -) - -LOGGER = logging.getLogger("cim-field-report") - - -def get_config(): - """Defines and collects and validates script command arguments - Additionally - set log level for script logging, - calls sys.exit if --splunk-app folder does not exist - - Returns - ------- - argparse.Namespace - the populated namespace. - """ - - parser = argparse.ArgumentParser( - description="Python Script to test Splunk functionality" - ) - - parser.add_argument( - "--splunk-index", - dest="splunk_index", - default="*", - type=str, - help="Splunk index to be used as a source for the report. Default is *", - ) - parser.add_argument( - "--splunk-web-scheme", - dest="splunk_web_scheme", - default="https", - type=str, - choices=["http", "https"], - help="Splunk connection schema https or http, default is https.", - ) - parser.add_argument( - "--splunk-host", - dest="splunk_host", - default="127.0.0.1", - type=str, - help="Address of the " - "Splunk REST API server host to connect. Default is 127.0.0.1", - ) - parser.add_argument( - "--splunk-port", - dest="splunk_port", - default="8089", - type=int, - help="Splunk Management port. default is 8089.", - ) - parser.add_argument( - "--splunk-user", - dest="splunk_user", - default="admin", - type=str, - help="Splunk login user. The user should have search capabilities.", - ) - parser.add_argument( - "--splunk-password", - dest="splunk_password", - type=str, - required=True, - help="Password of the Splunk user", - ) - parser.add_argument( - "--splunk-app", - dest="splunk_app", - type=str, - required=True, - help="Path to Splunk app package. The package " - "should have the configuration files in the default folder.", - ) - parser.add_argument( - "--splunk-report-file", - dest="splunk_report_file", - default="cim_field_report.json", - type=str, - help="Output file for cim field report. Default is: cim_field_report.json", - ) - parser.add_argument( - "--splunk-max-time", - dest="splunk_max_time", - default="120", - type=int, - help="Search query execution time out in seconds. Default is: 120", - ) - parser.add_argument( - "--log-level", - dest="log_level", - default="ERROR", - type=str, - choices=["CRITICAL", "ERROR", "WARNING", "INFO", "DEBUG"], - help="Logging level used by the tool", - ) - - args = parser.parse_args() - LOGGER.setLevel(args.log_level) - - if not os.path.exists(args.splunk_app) or not os.path.isdir(args.splunk_app): - msg = "There is no such directory: {}".format(args.splunk_app) - LOGGER.error(msg) - sys.exit(msg) - - return args - - -def collect_job_results(job, acc, fn): - """Collects all job results by requesting pages of 1000 items - - Parameters - ---------- - job : splunksplwrapper.manager.jobs.job - Finished job ready to collect results - acc : any - An accumulator object that collects job results - fn : function - External function that receives accumulator object and job results one by one. - This function controls how results are transformed and accumulated - - Returns - ------- - any - The accumulator object passes as argument acc - """ - - offset, count = 0, 1000 - while True: - records = job.get_results(offset=offset, count=count).as_list - LOGGER.debug( - f"Read fields: offset: {offset}, count: {count}, found: {len(records)}" - ) - fn(acc, records) - offset += count - if len(records) < count: - break - - return acc - - -def collect_punct_and_eventtype(data, records): - """Accumulator function to be used with collect_job_results. - - Accumulates punct and eventtype values, used in get_punct_by_eventtype - - Parameters - ---------- - data : [set(), {}] - Accumulator object to be updated (see collect_job_results acc argument) - records : list - SPL job result entries (result of job.get_results(...).as_list) - """ - - for record in records: - eventtype = record["eventtype"] - punct = record["punct"] - if isinstance(eventtype, list): - for entry in eventtype: - new_val = (entry, punct) - if new_val not in data: - data.append(new_val) - else: - new_val = (eventtype, punct) - if new_val not in data: - data.append(new_val) - - -def get_punct_by_eventtype(jobs, eventtypes, config): - """Runs SPL request to collect all unique eventtype+punct pairs from splunk instance - - Parameters - ---------- - jobs : splunksplwrapper.manager.jobs.Jobs - Jobs object capable to create a new splunk search job - eventtypes : list - List of splunk eventtypes names taken from TA configurations - config : dict - configuration settings mainly collected from command arguments - - Returns - ------- - list - list of tuples of 2 elements, representing collected unique pairs of eventtype+punct - None - if exception taks places during splunk search request - """ - - start = time.time() - eventtypes_str = ",".join(['"{}"'.format(et) for et in eventtypes]) - query = 'search (index="{}") eventtype IN ({}) | dedup punct,eventtype | table punct,eventtype'.format( - config.splunk_index, eventtypes_str - ) - LOGGER.debug(query) - try: - job = jobs.create(query, auto_finalize_ec=120, max_time=config.splunk_max_time) - job.wait(config.splunk_max_time) - result = collect_job_results(job, [], collect_punct_and_eventtype) - LOGGER.info( - "Time taken to collect eventtype & punct combinations: {} s".format( - time.time() - start - ) - ) - return result - except Exception as e: - LOGGER.error("Errors when executing search!!! Error: {}".format(e)) - LOGGER.debug(traceback.format_exc()) - - -def get_field_names(jobs, eventtypes, config): - """Runs SPL request to collect all field names from events with specific eventtypes - - Parameters - ---------- - jobs : splunksplwrapper.manager.jobs.Jobs - Jobs object capable to create a new splunk search job - eventtypes : list - List of splunk eventtypes names taken from TA configurations - config : dict - configuration settings mainly collected from command arguments - - Returns - ------- - list - collected field names - None - if exception taks places during splunk search request - """ - - start = time.time() - eventtypes_str = ",".join(['"{}"'.format(et) for et in eventtypes]) - query = 'search (index="{}") eventtype IN ({}) | fieldsummary'.format( - config.splunk_index, eventtypes_str - ) - LOGGER.debug(query) - try: - job = jobs.create(query, auto_finalize_ec=120, max_time=config.splunk_max_time) - job.wait(config.splunk_max_time) - result = collect_job_results( - job, [], lambda acc, recs: acc.extend([v["field"] for v in recs]) - ) - LOGGER.info( - "Time taken to collect field names: {} s".format(time.time() - start) - ) - return result - except Exception as e: - LOGGER.error("Errors when executing search!!! Error: {}".format(e)) - LOGGER.debug(traceback.format_exc()) - - -def update_summary(data, records): - """Accumulator function to be used with collect_job_results. - - Parameters - ---------- - data : [set(), {}] - Accumulator object to be updated (see collect_job_results acc argument) - records : list - SPL job result entries (result of job.get_results(...).as_list) - """ - - sourcetypes, summary = data - for entry in records: - if "sourcetype" in entry: - sourcetypes.add(entry.pop("sourcetype")) - - field_set = frozenset(entry.keys()) - if field_set in summary: - summary[field_set] += 1 - else: - summary[field_set] = 1 - - -def get_fieldsummary(jobs, punct_by_eventtype, config): - """Runs SPL request to extract events for specific punct+eventtype values combinations. - Builds fieldsummary information for each collected event group - - Parameters - ---------- - jobs : splunksplwrapper.manager.jobs.Jobs - Jobs object capable to create a new splunk search job - punct_by_eventtype : list - List of tuples of 2 elements, representing collected unique pairs of eventtype+punct - config : dict - configuration settings mainly collected from command arguments - - Returns - ------- - dict - dict key - eventtype, dict value - a list of fields summaries per punct - """ - start = time.time() - - result = {} - for eventtype, punct in punct_by_eventtype: - result[eventtype] = [] - query_templ = 'search (index="{}") eventtype="{}" punct="{}" | fieldsummary' - query = query_templ.format( - config.splunk_index, - eventtype, - punct.replace("\\", "\\\\").replace('"', '\\"'), - ) - LOGGER.debug(query) - try: - job = jobs.create( - query, auto_finalize_ec=120, max_time=config.splunk_max_time - ) - job.wait(config.splunk_max_time) - summary = collect_job_results(job, [], lambda acc, recs: acc.extend(recs)) - except Exception as e: - LOGGER.error("Errors executing search: {}".format(e)) - LOGGER.debug(traceback.format_exc()) - - try: - for f in summary: - f["values"] = json.loads(f["values"]) - result[eventtype].append(summary) - except Exception as e: - LOGGER.warn('Parameter "values" is not a json object: {}'.format(e)) - LOGGER.debug(traceback.format_exc()) - - LOGGER.info("Time taken to build fieldsummary: {}".format(time.time() - start)) - return result - - -def get_fieldsreport(jobs, eventtypes, fields, config): - """Runs SPL requests to prepare unique lists of extracted fields for each eventtype - - Parameters - ---------- - jobs : splunksplwrapper.manager.jobs.Jobs - Jobs object capable to create a new splunk search job - eventtypes : list - List of splunk eventtypes names taken from TA configurations - fields : list - List of expected field names - config : dict - configuration settings mainly collected from command arguments - - Returns - ------- - (dict, set) - Returns 2 values - extracted field lists per eventtype and set of unique sourcetypes collected in SPL requests - """ - - start = time.time() - report, sourcetypes = {}, set() - field_list = ",".join(['"{}"'.format(f) for f in fields]) - for eventtype, tags in eventtypes.items(): - query = 'search (index="{}") eventtype="{}" | table sourcetype,{}'.format( - config.splunk_index, eventtype, field_list - ) - try: - job = jobs.create( - query, auto_finalize_ec=120, max_time=config.splunk_max_time - ) - job.wait(config.splunk_max_time) - et_sourcetypes, et_summary = collect_job_results( - job, [set(), {}], update_summary - ) - sourcetypes = sourcetypes.union(et_sourcetypes) - report[eventtype] = { - "tags": tags, - "sourcetypes": list(et_sourcetypes), - "summary": [ - {"fields": sorted(list(k)), "count": v} - for k, v in et_summary.items() - ], - } - except Exception as e: - LOGGER.error("Errors when executing search!!! Error: {}".format(e)) - LOGGER.debug(traceback.format_exc()) - - LOGGER.info( - "Time taken to build fields extractions section: {} s".format( - time.time() - start - ) - ) - return report, sourcetypes - - -def read_ta_meta(config): - """Extracts TA's name and version from TA app.manifest file - - Parameters - ---------- - config : dict - configuration settings mainly collected from command arguments, - required to locate TA configuration files - - Returns - ------- - dict - { - "name": "", - "version": "" - } - """ - - app_manifest = os.path.join(config.splunk_app, "app.manifest") - with open(app_manifest) as f: - manifest = json.load(f) - - ta_id_info = manifest.get("info", {}).get("id", {}) - return {k: v for k, v in ta_id_info.items() if k in ["name", "version"]} - - -def build_report(jobs, eventtypes, config): - """Puts together all report sections (ta_name (meta), sourcetypes, - fieldsreport, fieldsummary), saves report to file - - Parameters - ---------- - jobs : splunksplwrapper.manager.jobs.Jobs - Jobs object capable to create a new splunk search job - eventtypes : list - List of splunk eventtypes names taken from TA configurations - config : dict - configuration settings mainly collected from command arguments - """ - - start = time.time() - - fields = get_field_names(jobs, eventtypes, config) - if fields: - fieldsreport, sourcetypes = get_fieldsreport(jobs, eventtypes, fields, config) - else: - fieldsreport, sourcetypes = "No field extractions discovered", [] - - punct_by_eventtype = get_punct_by_eventtype(jobs, eventtypes, config) - if punct_by_eventtype: - fieldsummary = get_fieldsummary(jobs, punct_by_eventtype, config) - else: - fieldsummary = "No punct by eventtype combinations discovered" - - summary = { - "ta_name": read_ta_meta(config), - "sourcetypes": list(sourcetypes), - "fieldsreport": fieldsreport, - "fieldsummary": fieldsummary, - } - - with open(config.splunk_report_file, "w") as f: - json.dump(summary, f, indent=4) - - LOGGER.info("Total time taken to generate report: {} s".format(time.time() - start)) - - -def get_addon_eventtypes(addon_path): - """Extracts TA specific eventtypes from the TA's conf files - - Parameters - ---------- - addon_path : str - path to TA package folder - - Returns - ------- - list - Eventtypes defined in the TA conf - """ - - parser = AddonParser(addon_path) - - eventtypes = { - eventtype["stanza"]: [] - for eventtype in parser.eventtype_parser.get_eventtypes() - } - - for item in parser.tags_parser.get_tags(): - stanza, tag, enabled = item["stanza"], item["tag"], item["enabled"] - parts = [s.strip().strip('"') for s in stanza.split("=", 1)] - if len(parts) > 1 and parts[0] == "eventtype": - eventtype = parts[1] - if enabled and eventtype in eventtypes and tag not in eventtypes[eventtype]: - eventtypes[eventtype].append(tag) - - LOGGER.debug(eventtypes) - return eventtypes - - -def main(): - """Main script method and entry point""" - - config = get_config() - - splunk_cfg = { - "splunkd_scheme": config.splunk_web_scheme, - "splunkd_host": config.splunk_host, - "splunkd_port": config.splunk_port, - "username": config.splunk_user, - "password": config.splunk_password, - } - - try: - eventtypes = get_addon_eventtypes(config.splunk_app) - - cloud_splunk = CloudSplunk(**splunk_cfg) - conn = cloud_splunk.create_logged_in_connector() - jobs = Jobs(conn) - - build_report(jobs, eventtypes, config) - - except (TimeoutError, ConnectionRefusedError) as error: - msg = "Failed to connect Splunk instance {}://{}:{}, make sure you provided correct connection information. {}".format( - config.splunk_web_scheme, config.splunk_host, config.splunk_port, error - ) - LOGGER.error(msg) - sys.exit(msg) - except binding.AuthenticationError as error: - msg = "Authentication to Splunk instance has failed, make sure you provided correct Splunk credentials. {}".format( - error - ) - LOGGER.error(msg) - sys.exit(msg) - except Exception as error: - msg = "Unexpected exception: {}".format(error) - LOGGER.error(msg) - LOGGER.debug(traceback.format_exc()) - sys.exit(msg) - - -if __name__ == "__main__": - main() diff --git a/tests/unit/tests_standard_lib/tests_tools/test_cim_report.py b/tests/unit/tests_standard_lib/test_utilities/test_cim_report.py similarity index 100% rename from tests/unit/tests_standard_lib/tests_tools/test_cim_report.py rename to tests/unit/tests_standard_lib/test_utilities/test_cim_report.py diff --git a/tests/unit/tests_standard_lib/tests_tools/test_data/sample_cim_report.md b/tests/unit/tests_standard_lib/test_utilities/test_data/sample_cim_report.md similarity index 100% rename from tests/unit/tests_standard_lib/tests_tools/test_data/sample_cim_report.md rename to tests/unit/tests_standard_lib/test_utilities/test_data/sample_cim_report.md diff --git a/tests/unit/tests_standard_lib/tests_tools/__init__.py b/tests/unit/tests_standard_lib/tests_tools/__init__.py deleted file mode 100644 index e69de29b..00000000 diff --git a/tests/unit/tests_standard_lib/tests_tools/test_cim_field_report.py b/tests/unit/tests_standard_lib/tests_tools/test_cim_field_report.py deleted file mode 100644 index e3c50b63..00000000 --- a/tests/unit/tests_standard_lib/tests_tools/test_cim_field_report.py +++ /dev/null @@ -1,344 +0,0 @@ -import pytest -from pytest_splunk_addon.tools import cim_field_report - - -@pytest.mark.parametrize( - "data, records, expected", - [ - ( - [], - [ - { - "punct": '="";_="";_="";_="";_="";_="";_="";_="";_="";_="...', - "eventtype": "citrix_netscaler_ipfix_lb", - }, - { - "punct": '="";_="";_="";_="";_="";_="";_="";_="";_="";_="...', - "eventtype": [ - "citrix_netscaler_ipfix_Web", - "citrix_netscaler_ipfix_lb", - "citrix_netscaler_ipfix_lb_web", - ], - }, - { - "punct": '="",="",="/",="",="",="",="",="",="",="",="--",=""', - "eventtype": [ - "citrix_netscaler_nitro_stat_lb", - "citrix_netscaler_nitro_stat_service", - ], - }, - { - "punct": '="",="",="",="",="",="",="",="",="",="",="",="",="', - "eventtype": "citrix_netscaler_nitro_stat_protocolip", - }, - ], - [ - ( - "citrix_netscaler_ipfix_lb", - '="";_="";_="";_="";_="";_="";_="";_="";_="";_="...', - ), - ( - "citrix_netscaler_ipfix_Web", - '="";_="";_="";_="";_="";_="";_="";_="";_="";_="...', - ), - ( - "citrix_netscaler_ipfix_lb_web", - '="";_="";_="";_="";_="";_="";_="";_="";_="";_="...', - ), - ( - "citrix_netscaler_nitro_stat_lb", - '="",="",="/",="",="",="",="",="",="",="",="--",=""', - ), - ( - "citrix_netscaler_nitro_stat_service", - '="",="",="/",="",="",="",="",="",="",="",="--",=""', - ), - ( - "citrix_netscaler_nitro_stat_protocolip", - '="",="",="",="",="",="",="",="",="",="",="",="",="', - ), - ], - ) - ], -) -def test_collect_punct_and_eventtype(data, records, expected): - cim_field_report.collect_punct_and_eventtype(data, records) - assert expected == data - - -@pytest.mark.parametrize( - "data, records, expected", - [ - ( - (set(), {}), - [ - { - "sourcetype": "citrix:netscaler:ipfix", - "bytes_in": "57016", - "dest": "174.145.122.167", - "dest_ip": "174.145.122.167", - "dest_port": "39888", - "destinationIPv4Address": "174.145.122.167", - "destinationTransportPort": "39888", - "duration": "3346795.701375083", - "eventtype": [ - "citrix_netscaler_ipfix_Web", - "citrix_netscaler_ipfix_lb", - "citrix_netscaler_ipfix_lb_web", - ], - "flowEndMicroseconds": "8171933464.406442", - "flowStartMicroseconds": "4825137763.031359", - "host": "itgdi_citrix_netscaler_ipfix_unknown.samples_11", - "http_content_type": "text/html; charset=utf-8", - "index": "main", - "ipVersion": "4", - "linecount": "1", - "netscalerHttpContentType": "text/html; charset=utf-8", - "netscalerHttpRspLen": "57016", - "netscalerHttpRspStatus": "403", - "protocol_version": "4", - "punct": '="";_="";_="";_="";_="";_="";_="";_="";_="";_="...', - "response_code": "403", - "source": "itgdi_citrix_netscaler_ipfix_unknown.samples", - "sourceIPv4Address": "120.109.26.123", - "sourceTransportPort": "504118", - "splunk_server": "splunk", - "src": "120.109.26.123", - "src_ip": "120.109.26.123", - "src_port": "504118", - "status": "403", - "tag": [ - "inventory", - "loadbalancer", - "loadbalancer_web", - "network", - "performance", - "web", - ], - "tag::eventtype": [ - "inventory", - "loadbalancer", - "loadbalancer_web", - "network", - "performance", - "web", - ], - "vendor": "Citrix Systems", - "vendor_product": "Citrix ADC", - }, - { - "sourcetype": "citrix:netscaler:ipfix", - "bytes_in": "23508", - "dest": "163.17.99.238", - "dest_ip": "163.17.99.238", - "dest_port": "49983", - "destinationIPv4Address": "163.17.99.238", - "destinationTransportPort": "49983", - "duration": "1188715.359898319", - "eventtype": [ - "citrix_netscaler_ipfix_Web", - "citrix_netscaler_ipfix_lb", - "citrix_netscaler_ipfix_lb_web", - ], - "flowEndMicroseconds": "8589329539.304007", - "flowStartMicroseconds": "7400614179.405687", - "host": "itgdi_citrix_netscaler_ipfix_unknown.samples_10", - "http_content_type": "image/png", - "index": "main", - "ipVersion": "4", - "linecount": "1", - "netscalerHttpContentType": "image/png", - "netscalerHttpRspLen": "23508", - "netscalerHttpRspStatus": "200", - "protocol_version": "4", - "punct": '="";_="";_="";_="";_="";_="";_="";_="";_="";_="...', - "response_code": "200", - "source": "itgdi_citrix_netscaler_ipfix_unknown.samples", - "sourceIPv4Address": "115.79.46.87", - "sourceTransportPort": "992044", - "splunk_server": "splunk", - "src": "115.79.46.87", - "src_ip": "115.79.46.87", - "src_port": "992044", - "status": "200", - "tag": [ - "inventory", - "loadbalancer", - "loadbalancer_web", - "network", - "performance", - "web", - ], - "tag::eventtype": [ - "inventory", - "loadbalancer", - "loadbalancer_web", - "network", - "performance", - "web", - ], - "vendor": "Citrix Systems", - "vendor_product": "Citrix ADC", - }, - { - "sourcetype": "citrix:netscaler:ipfix", - "client_type": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36", - "dest": "199.33.23.11", - "dest_ip": "199.33.23.11", - "dest_port": "7234", - "destinationIPv4Address": "199.33.23.11", - "destinationTransportPort": "7234", - "duration": "-5248395.997224312", - "eventtype": [ - "citrix_netscaler_ipfix_Web", - "citrix_netscaler_ipfix_lb", - "citrix_netscaler_ipfix_lb_web", - ], - "flowEndMicroseconds": "2443005355.4003525", - "flowStartMicroseconds": "7691401352.624664", - "host": "itgdi_citrix_netscaler_ipfix_unknown.samples_9", - "http_content_type": "text/html; charset=UTF-8", - "http_method": "GET", - "http_referrer": "https://aaaaa/bbbbb/ccccc", - "http_user_agent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36", - "http_user_agent_length": "109", - "index": "main", - "ipVersion": "4", - "linecount": "1", - "netscalerAaaUsername": "anonymous", - "netscalerHttpContentType": "text/html; charset=UTF-8", - "netscalerHttpReqMethod": "GET", - "netscalerHttpReqReferer": "https://aaaaa/bbbbb/ccccc", - "netscalerHttpReqUrl": "aaaaa/bbbbb/ccccc", - "netscalerHttpReqUserAgent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36", - "protocol_version": "4", - "punct": '="";_="";_="";_="";_="";_="";_="";_="";_="";_="...', - "source": "itgdi_citrix_netscaler_ipfix_unknown.samples", - "sourceIPv4Address": "126.200.174.140", - "sourceTransportPort": "615762", - "splunk_server": "splunk", - "src": "126.200.174.140", - "src_ip": "126.200.174.140", - "src_port": "615762", - "tag": [ - "inventory", - "loadbalancer", - "loadbalancer_web", - "network", - "performance", - "web", - ], - "tag::eventtype": [ - "inventory", - "loadbalancer", - "loadbalancer_web", - "network", - "performance", - "web", - ], - "url": "aaaaa/bbbbb/ccccc", - "url_length": "17", - "user": "anonymous", - "vendor": "Citrix Systems", - "vendor_product": "Citrix ADC", - }, - ], - ( - {"citrix:netscaler:ipfix"}, - { - frozenset( - { - "dest_ip", - "linecount", - "netscalerHttpRspLen", - "src_ip", - "flowStartMicroseconds", - "dest", - "host", - "destinationTransportPort", - "tag", - "sourceIPv4Address", - "protocol_version", - "status", - "duration", - "vendor", - "flowEndMicroseconds", - "ipVersion", - "src", - "sourceTransportPort", - "destinationIPv4Address", - "bytes_in", - "source", - "splunk_server", - "tag::eventtype", - "vendor_product", - "dest_port", - "netscalerHttpRspStatus", - "index", - "response_code", - "punct", - "http_content_type", - "src_port", - "eventtype", - "netscalerHttpContentType", - } - ): 2, - frozenset( - { - "dest_ip", - "linecount", - "src_ip", - "netscalerHttpReqUrl", - "netscalerHttpReqUserAgent", - "netscalerAaaUsername", - "url", - "http_method", - "flowStartMicroseconds", - "dest", - "host", - "url_length", - "destinationTransportPort", - "tag", - "http_referrer", - "sourceIPv4Address", - "protocol_version", - "duration", - "vendor", - "http_user_agent", - "flowEndMicroseconds", - "ipVersion", - "src", - "sourceTransportPort", - "destinationIPv4Address", - "source", - "tag::eventtype", - "splunk_server", - "vendor_product", - "dest_port", - "client_type", - "index", - "http_user_agent_length", - "user", - "punct", - "http_content_type", - "netscalerHttpReqMethod", - "src_port", - "eventtype", - "netscalerHttpReqReferer", - "netscalerHttpContentType", - } - ): 1, - }, - ), - ) - ], -) -def test_update_summary(data, records, expected): - cim_field_report.update_summary(data, records) - real_sourcetypes, real_summary = data - expected_sourcetypes, expected_summary = expected - - assert real_sourcetypes == expected_sourcetypes - for k, v in expected_summary.items(): - assert real_summary.get(k) - assert real_summary[k] == v From 19f396724846c424a087e2b3f45cda392c9aaedf Mon Sep 17 00:00:00 2001 From: kdoroszko-splunk Date: Wed, 28 Aug 2024 12:45:44 +0200 Subject: [PATCH 28/29] fix: remove-pytest_exception_interact hook (#881) This PR reverts partially changes introduced in this PR: https://github.com/splunk/pytest-splunk-addon/commit/7cc8880926113b2c0ce255b8793be1788fa52da0#diff-2699a131e5dfd55b20327a39ec213c806ee847e17b6666faf0a01fe850448f47L558 This change is necessary, since exiting pytest while getting `Exception` disturbed other tests (fr example UI test https://splunk.atlassian.net/browse/ADDON-72764). Instead of that HEC token is validated by ingesting simple event with it (implemented in this PR: https://github.com/splunk/pytest-splunk-addon/pull/877). --- .github/workflows/build-test-release.yml | 2 +- pytest_splunk_addon/plugin.py | 14 -------------- pytest_splunk_addon/splunk.py | 5 +++-- tests/e2e/test_splunk_addon.py | 11 +++++++---- 4 files changed, 11 insertions(+), 21 deletions(-) diff --git a/.github/workflows/build-test-release.yml b/.github/workflows/build-test-release.yml index 7dcd4280..0e372de3 100644 --- a/.github/workflows/build-test-release.yml +++ b/.github/workflows/build-test-release.yml @@ -129,6 +129,7 @@ jobs: path: | test-results-${{ matrix.splunk.version }} + test-splunk-matrix: needs: - meta @@ -149,7 +150,6 @@ jobs: "splunk_app_cim_broken", "splunk_fiction_indextime", "splunk_fiction_indextime_broken", - "splunk_fiction_indextime_wrong_hec_token", "splunk_setup_fixture", "splunk_app_req", "splunk_app_req_broken", diff --git a/pytest_splunk_addon/plugin.py b/pytest_splunk_addon/plugin.py index 5b136c27..3926774d 100644 --- a/pytest_splunk_addon/plugin.py +++ b/pytest_splunk_addon/plugin.py @@ -26,8 +26,6 @@ test_generator = None -EXC_MAP = [Exception] - def pytest_configure(config): """ @@ -122,7 +120,6 @@ def pytest_sessionstart(session): SampleXdistGenerator.tokenized_event_source = session.config.getoption( "tokenized_event_source" ).lower() - session.__exc_limits = EXC_MAP if ( SampleXdistGenerator.tokenized_event_source == "store_new" and session.config.getoption("ingest_events").lower() @@ -212,14 +209,3 @@ def init_pytest_splunk_addon_logger(): init_pytest_splunk_addon_logger() LOGGER = logging.getLogger("pytest-splunk-addon") - - -def pytest_exception_interact(node, call, report): - """ - Hook called when an exception is raised during a test. - If the number of occurrences for a specific exception exceeds the limit in session.__exc_limits, pytest exits - https://docs.pytest.org/en/stable/reference/reference.html#pytest.hookspec.pytest_exception_interact - """ - if call.excinfo.type in node.session.__exc_limits: - # pytest exits only for exceptions defined in EXC_MAP - pytest.exit(f"Exiting pytest due to: {call.excinfo.type}") diff --git a/pytest_splunk_addon/splunk.py b/pytest_splunk_addon/splunk.py index 1e77ad0e..d81c03d3 100644 --- a/pytest_splunk_addon/splunk.py +++ b/pytest_splunk_addon/splunk.py @@ -979,7 +979,7 @@ def is_responsive_hec(request, splunk): f'{request.config.getoption("splunk_hec_scheme")}://{splunk["forwarder_host"]}:{splunk["port_hec"]}/services/collector/health/1.0', verify=False, ) - LOGGER.debug("Status code: {}".format(response.status_code)) + LOGGER.debug("Status code: %d", response.status_code) if response.status_code in (200, 201): LOGGER.info("Splunk HEC is responsive.") return True @@ -1040,7 +1040,8 @@ def is_valid_hec(request, splunk): data={"event": "test_hec", "sourcetype": "hec_token_test"}, verify=False, ) - LOGGER.debug("Status code: {}".format(response.status_code)) + LOGGER.debug("Status code: %d", response.status_code) + if response.status_code == 200: LOGGER.info("Splunk HEC is valid.") else: diff --git a/tests/e2e/test_splunk_addon.py b/tests/e2e/test_splunk_addon.py index a9582041..006e329f 100644 --- a/tests/e2e/test_splunk_addon.py +++ b/tests/e2e/test_splunk_addon.py @@ -169,8 +169,8 @@ def empty_method(): assert result.ret == 0 -@pytest.mark.docker @pytest.mark.splunk_fiction_indextime_wrong_hec_token +@pytest.mark.external def test_splunk_fiction_indextime_wrong_hec_token(testdir, request): """Make sure that pytest accepts our fixture.""" @@ -205,7 +205,11 @@ def empty_method(): # run pytest with the following cmd args result = testdir.runpytest( f"--splunk-version={request.config.getoption('splunk_version')}", - "--splunk-type=docker", + "--splunk-type=external", + "--splunk-host=splunk", + "--splunk-port=8089", + "--splunk-forwarder-host=splunk", + "--splunk-hec-token=8b741d03-43e9-4164-908b-e09102327d22", "-v", "--search-interval=0", "--search-retry=0", @@ -213,9 +217,8 @@ def empty_method(): "--search-index=*,_internal", ) - result.assert_outcomes(errors=1, passed=0, failed=0, xfailed=0) result.stdout.fnmatch_lines( - "!!!!!! _pytest.outcomes.Exit: Exiting pytest due to: !!!!!!!" + "*_pytest.outcomes.Exit: Exiting pytest due to invalid HEC token value." ) assert result.ret != 0 From 9c2012ddc2211b5c7c3fafdcdeb86b2a992d04ae Mon Sep 17 00:00:00 2001 From: srv-rr-github-token <94607705+srv-rr-github-token@users.noreply.github.com> Date: Wed, 28 Aug 2024 11:13:16 +0000 Subject: [PATCH 29/29] chore(release): 5.4.0-beta.2 # [5.4.0-beta.2](https://github.com/splunk/pytest-splunk-addon/compare/v5.4.0-beta.1...v5.4.0-beta.2) (2024-08-28) ### Bug Fixes * remove-pytest_exception_interact hook ([#881](https://github.com/splunk/pytest-splunk-addon/issues/881)) ([19f3967](https://github.com/splunk/pytest-splunk-addon/commit/19f396724846c424a087e2b3f45cda392c9aaedf)), closes [/github.com/splunk/pytest-splunk-addon/commit/7cc8880926113b2c0ce255b8793be1788fa52da0#diff-2699a131e5dfd55b20327a39ec213c806ee847e17b6666faf0a01fe850448f47L558](https://github.com//github.com/splunk/pytest-splunk-addon/commit/7cc8880926113b2c0ce255b8793be1788fa52da0/issues/diff-2699a131e5dfd55b20327a39ec213c806ee847e17b6666faf0a01fe850448f47L558) --- NOTICE | 96 ++++++++++++++++----------------- pyproject.toml | 2 +- pytest_splunk_addon/__init__.py | 2 +- 3 files changed, 50 insertions(+), 50 deletions(-) diff --git a/NOTICE b/NOTICE index 3ba44af0..67641e1b 100644 --- a/NOTICE +++ b/NOTICE @@ -7,9 +7,9 @@ The following 3rd-party software packages may be used by or distributed with pytest-splunk-addon. Any information relevant to third-party vendors listed below are collected using common, reasonable means. -Date generated: 2024-8-14 +Date generated: 2024-8-28 -Revision ID: c8510f34eaf0c68fb99423dcbb71df64628937c9 +Revision ID: 19f396724846c424a087e2b3f45cda392c9aaedf ================================================================================ ================================================================================ @@ -1794,7 +1794,20 @@ Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * -MIT, PSF-2.0 +PSF-2.0, MIT + +* PSF-2.0 * + +PYTHON SOFTWARE FOUNDATION LICENSE VERSION 2 + + 1. This LICENSE AGREEMENT is between the Python Software Foundation ("PSF"), and the Individual or Organization ("Licensee") accessing and otherwise using this software ("Python") in source or binary form and its associated documentation. + 2. Subject to the terms and conditions of this License Agreement, PSF hereby grants Licensee a nonexclusive, royalty-free, world-wide license to reproduce, analyze, test, perform and/or display publicly, prepare derivative works, distribute, and otherwise use Python alone or in any derivative version, provided, however, that PSF's License Agreement and PSF's notice of copyright, i.e., "Copyright (c) 2001, 2002, 2003, 2004, 2005, 2006 Python Software Foundation; All Rights Reserved" are retained in Python alone or in any derivative version prepared by Licensee. + 3. In the event Licensee prepares a derivative work that is based on or incorporates Python or any part thereof, and wants to make the derivative work available to others as provided herein, then Licensee hereby agrees to include in any such work a brief summary of the changes made to Python. + 4. PSF is making Python available to Licensee on an "AS IS" basis. PSF MAKES NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED. BY WAY OF EXAMPLE, BUT NOT LIMITATION, PSF MAKES NO AND DISCLAIMS ANY REPRESENTATION OR WARRANTY OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF PYTHON WILL NOT INFRINGE ANY THIRD PARTY RIGHTS. + 5. PSF SHALL NOT BE LIABLE TO LICENSEE OR ANY OTHER USERS OF PYTHON FOR ANY INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES OR LOSS AS A RESULT OF MODIFYING, DISTRIBUTING, OR OTHERWISE USING PYTHON, OR ANY DERIVATIVE THEREOF, EVEN IF ADVISED OF THE POSSIBILITY THEREOF. + 6. This License Agreement will automatically terminate upon a material breach of its terms and conditions. + 7. Nothing in this License Agreement shall be deemed to create any relationship of agency, partnership, or joint venture between PSF and Licensee. This License Agreement does not grant permission to use PSF trademarks or trade name in a trademark sense to endorse or promote products or services of Licensee, or any third party. + 8. By copying, installing or otherwise using Python, Licensee agrees to be bound by the terms and conditions of this License Agreement. * MIT * @@ -1875,19 +1888,6 @@ agrees to be bound by the terms and conditions of this License Agreement. -* PSF-2.0 * - -PYTHON SOFTWARE FOUNDATION LICENSE VERSION 2 - - 1. This LICENSE AGREEMENT is between the Python Software Foundation ("PSF"), and the Individual or Organization ("Licensee") accessing and otherwise using this software ("Python") in source or binary form and its associated documentation. - 2. Subject to the terms and conditions of this License Agreement, PSF hereby grants Licensee a nonexclusive, royalty-free, world-wide license to reproduce, analyze, test, perform and/or display publicly, prepare derivative works, distribute, and otherwise use Python alone or in any derivative version, provided, however, that PSF's License Agreement and PSF's notice of copyright, i.e., "Copyright (c) 2001, 2002, 2003, 2004, 2005, 2006 Python Software Foundation; All Rights Reserved" are retained in Python alone or in any derivative version prepared by Licensee. - 3. In the event Licensee prepares a derivative work that is based on or incorporates Python or any part thereof, and wants to make the derivative work available to others as provided herein, then Licensee hereby agrees to include in any such work a brief summary of the changes made to Python. - 4. PSF is making Python available to Licensee on an "AS IS" basis. PSF MAKES NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED. BY WAY OF EXAMPLE, BUT NOT LIMITATION, PSF MAKES NO AND DISCLAIMS ANY REPRESENTATION OR WARRANTY OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF PYTHON WILL NOT INFRINGE ANY THIRD PARTY RIGHTS. - 5. PSF SHALL NOT BE LIABLE TO LICENSEE OR ANY OTHER USERS OF PYTHON FOR ANY INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES OR LOSS AS A RESULT OF MODIFYING, DISTRIBUTING, OR OTHERWISE USING PYTHON, OR ANY DERIVATIVE THEREOF, EVEN IF ADVISED OF THE POSSIBILITY THEREOF. - 6. This License Agreement will automatically terminate upon a material breach of its terms and conditions. - 7. Nothing in this License Agreement shall be deemed to create any relationship of agency, partnership, or joint venture between PSF and Licensee. This License Agreement does not grant permission to use PSF trademarks or trade name in a trademark sense to endorse or promote products or services of Licensee, or any third party. - 8. By copying, installing or otherwise using Python, Licensee agrees to be bound by the terms and conditions of this License Agreement. - -------------------------------------------------------------------------------- Package Title: pluggy (1.2.0) @@ -2758,37 +2758,7 @@ Package Depth: Transitive -------------------------------------------------------------------------------- * Declared Licenses * -Python-2.0, 0BSD - -* Python-2.0 * - -1. This LICENSE AGREEMENT is between the Python Software Foundation ("PSF"), and the Individual or Organization ("Licensee") accessing and otherwise using this software ("Python") in source or binary form and its associated documentation. - 2. Subject to the terms and conditions of this License Agreement, PSF hereby grants Licensee a nonexclusive, royalty-free, world-wide license to reproduce, analyze, test, perform and/or display publicly, prepare derivative works, distribute, and otherwise use Python alone or in any derivative version, provided, however, that PSF's License Agreement and PSF's notice of copyright, i.e., "Copyright (c) 2001, 2002, 2003, 2004, 2005, 2006 Python Software Foundation; All Rights Reserved" are retained in Python alone or in any derivative version prepared by Licensee. - 3. In the event Licensee prepares a derivative work that is based on or incorporates Python or any part thereof, and wants to make the derivative work available to others as provided herein, then Licensee hereby agrees to include in any such work a brief summary of the changes made to Python. - 4. PSF is making Python available to Licensee on an "AS IS" basis. PSF MAKES NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED. BY WAY OF EXAMPLE, BUT NOT LIMITATION, PSF MAKES NO AND DISCLAIMS ANY REPRESENTATION OR WARRANTY OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF PYTHON WILL NOT INFRINGE ANY THIRD PARTY RIGHTS. - 5. PSF SHALL NOT BE LIABLE TO LICENSEE OR ANY OTHER USERS OF PYTHON FOR ANY INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES OR LOSS AS A RESULT OF MODIFYING, DISTRIBUTING, OR OTHERWISE USING PYTHON, OR ANY DERIVATIVE THEREOF, EVEN IF ADVISED OF THE POSSIBILITY THEREOF. - 6. This License Agreement will automatically terminate upon a material breach of its terms and conditions. - 7. Nothing in this License Agreement shall be deemed to create any relationship of agency, partnership, or joint venture between PSF and Licensee. This License Agreement does not grant permission to use PSF trademarks or trade name in a trademark sense to endorse or promote products or services of Licensee, or any third party. - 8. By copying, installing or otherwise using Python, Licensee agrees to be bound by the terms and conditions of this License Agreement. - 1. This LICENSE AGREEMENT is between BeOpen.com ("BeOpen"), having an office at 160 Saratoga Avenue, Santa Clara, CA 95051, and the Individual or Organization ("Licensee") accessing and otherwise using this software in source or binary form and its associated documentation ("the Software"). - 2. Subject to the terms and conditions of this BeOpen Python License Agreement, BeOpen hereby grants Licensee a non-exclusive, royalty-free, world-wide license to reproduce, analyze, test, perform and/or display publicly, prepare derivative works, distribute, and otherwise use the Software alone or in any derivative version, provided, however, that the BeOpen Python License is retained in the Software, alone or in any derivative version prepared by Licensee. - 3. BeOpen is making the Software available to Licensee on an "AS IS" basis. BEOPEN MAKES NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED. BY WAY OF EXAMPLE, BUT NOT LIMITATION, BEOPEN MAKES NO AND DISCLAIMS ANY REPRESENTATION OR WARRANTY OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF THE SOFTWARE WILL NOT INFRINGE ANY THIRD PARTY RIGHTS. - 4. BEOPEN SHALL NOT BE LIABLE TO LICENSEE OR ANY OTHER USERS OF THE SOFTWARE FOR ANY INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES OR LOSS AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THE SOFTWARE, OR ANY DERIVATIVE THEREOF, EVEN IF ADVISED OF THE POSSIBILITY THEREOF. - 5. This License Agreement will automatically terminate upon a material breach of its terms and conditions. - 6. This License Agreement shall be governed by and interpreted in all respects by the law of the State of California, excluding conflict of law provisions. Nothing in this License Agreement shall be deemed to create any relationship of agency, partnership, or joint venture between BeOpen and Licensee. This License Agreement does not grant permission to use BeOpen trademarks or trade names in a trademark sense to endorse or promote products or services of Licensee, or any third party. As an exception, the "BeOpen Python" logos available at http://www.pythonlabs.com/logos.html may be used according to the permissions granted on that web page. - 7. By copying, installing or otherwise using the software, Licensee agrees to be bound by the terms and conditions of this License Agreement. - 1. This LICENSE AGREEMENT is between the Corporation for National Research Initiatives, having an office at 1895 Preston White Drive, Reston, VA 20191 ("CNRI"), and the Individual or Organization ("Licensee") accessing and otherwise using Python 1.6, beta 1 software in source or binary form and its associated documentation, as released at the www.python.org Internet site on August 4, 2000 ("Python 1.6b1"). - 2. Subject to the terms and conditions of this License Agreement, CNRI hereby grants Licensee a non-exclusive, royalty-free, world-wide license to reproduce, analyze, test, perform and/or display publicly, prepare derivative works, distribute, and otherwise use Python 1.6b1 alone or in any derivative version, provided, however, that CNRIs License Agreement is retained in Python 1.6b1, alone or in any derivative version prepared by Licensee. - Alternately, in lieu of CNRIs License Agreement, Licensee may substitute the following text (omitting the quotes): "Python 1.6, beta 1, is made available subject to the terms and conditions in CNRIs License Agreement. This Agreement may be located on the Internet using the following unique, persistent identifier (known as a handle): 1895.22/1011. This Agreement may also be obtained from a proxy server on the Internet using the URL:http://hdl.handle.net/1895.22/1011". - 3. In the event Licensee prepares a derivative work that is based on or incorporates Python 1.6b1 or any part thereof, and wants to make the derivative work available to the public as provided herein, then Licensee hereby agrees to indicate in any such work the nature of the modifications made to Python 1.6b1. - 4. CNRI is making Python 1.6b1 available to Licensee on an "AS IS" basis. CNRI MAKES NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED. BY WAY OF EXAMPLE, BUT NOT LIMITATION, CNRI MAKES NO AND DISCLAIMS ANY REPRESENTATION OR WARRANTY OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF PYTHON 1.6b1 WILL NOT INFRINGE ANY THIRD PARTY RIGHTS. - 5. CNRI SHALL NOT BE LIABLE TO LICENSEE OR ANY OTHER USERS OF THE SOFTWARE FOR ANY INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES OR LOSS AS A RESULT OF USING, MODIFYING OR DISTRIBUTING PYTHON 1.6b1, OR ANY DERIVATIVE THEREOF, EVEN IF ADVISED OF THE POSSIBILITY THEREOF. - 6. This License Agreement will automatically terminate upon a material breach of its terms and conditions. - 7. This License Agreement shall be governed by and interpreted in all respects by the law of the State of Virginia, excluding conflict of law provisions. Nothing in this License Agreement shall be deemed to create any relationship of agency, partnership, or joint venture between CNRI and Licensee. This License Agreement does not grant permission to use CNRI trademarks or trade name in a trademark sense to endorse or promote products or services of Licensee, or any third party. - 8. By clicking on the "ACCEPT" button where indicated, or by copying, installing or otherwise using Python 1.6b1, Licensee agrees to be bound by the terms and conditions of this License Agreement. -Copyright (c) 1991 - 1995, Stichting Mathematisch Centrum Amsterdam, The Netherlands. All rights reserved. -Permission to use, copy, modify, and distribute this software and its documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of Stichting Mathematisch Centrum or CWI not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. -STICHTING MATHEMATISCH CENTRUM DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL STICHTING MATHEMATISCH CENTRUM BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +0BSD, Python-2.0 * 0BSD * @@ -3073,6 +3043,36 @@ OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +* Python-2.0 * + +1. This LICENSE AGREEMENT is between the Python Software Foundation ("PSF"), and the Individual or Organization ("Licensee") accessing and otherwise using this software ("Python") in source or binary form and its associated documentation. + 2. Subject to the terms and conditions of this License Agreement, PSF hereby grants Licensee a nonexclusive, royalty-free, world-wide license to reproduce, analyze, test, perform and/or display publicly, prepare derivative works, distribute, and otherwise use Python alone or in any derivative version, provided, however, that PSF's License Agreement and PSF's notice of copyright, i.e., "Copyright (c) 2001, 2002, 2003, 2004, 2005, 2006 Python Software Foundation; All Rights Reserved" are retained in Python alone or in any derivative version prepared by Licensee. + 3. In the event Licensee prepares a derivative work that is based on or incorporates Python or any part thereof, and wants to make the derivative work available to others as provided herein, then Licensee hereby agrees to include in any such work a brief summary of the changes made to Python. + 4. PSF is making Python available to Licensee on an "AS IS" basis. PSF MAKES NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED. BY WAY OF EXAMPLE, BUT NOT LIMITATION, PSF MAKES NO AND DISCLAIMS ANY REPRESENTATION OR WARRANTY OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF PYTHON WILL NOT INFRINGE ANY THIRD PARTY RIGHTS. + 5. PSF SHALL NOT BE LIABLE TO LICENSEE OR ANY OTHER USERS OF PYTHON FOR ANY INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES OR LOSS AS A RESULT OF MODIFYING, DISTRIBUTING, OR OTHERWISE USING PYTHON, OR ANY DERIVATIVE THEREOF, EVEN IF ADVISED OF THE POSSIBILITY THEREOF. + 6. This License Agreement will automatically terminate upon a material breach of its terms and conditions. + 7. Nothing in this License Agreement shall be deemed to create any relationship of agency, partnership, or joint venture between PSF and Licensee. This License Agreement does not grant permission to use PSF trademarks or trade name in a trademark sense to endorse or promote products or services of Licensee, or any third party. + 8. By copying, installing or otherwise using Python, Licensee agrees to be bound by the terms and conditions of this License Agreement. + 1. This LICENSE AGREEMENT is between BeOpen.com ("BeOpen"), having an office at 160 Saratoga Avenue, Santa Clara, CA 95051, and the Individual or Organization ("Licensee") accessing and otherwise using this software in source or binary form and its associated documentation ("the Software"). + 2. Subject to the terms and conditions of this BeOpen Python License Agreement, BeOpen hereby grants Licensee a non-exclusive, royalty-free, world-wide license to reproduce, analyze, test, perform and/or display publicly, prepare derivative works, distribute, and otherwise use the Software alone or in any derivative version, provided, however, that the BeOpen Python License is retained in the Software, alone or in any derivative version prepared by Licensee. + 3. BeOpen is making the Software available to Licensee on an "AS IS" basis. BEOPEN MAKES NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED. BY WAY OF EXAMPLE, BUT NOT LIMITATION, BEOPEN MAKES NO AND DISCLAIMS ANY REPRESENTATION OR WARRANTY OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF THE SOFTWARE WILL NOT INFRINGE ANY THIRD PARTY RIGHTS. + 4. BEOPEN SHALL NOT BE LIABLE TO LICENSEE OR ANY OTHER USERS OF THE SOFTWARE FOR ANY INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES OR LOSS AS A RESULT OF USING, MODIFYING OR DISTRIBUTING THE SOFTWARE, OR ANY DERIVATIVE THEREOF, EVEN IF ADVISED OF THE POSSIBILITY THEREOF. + 5. This License Agreement will automatically terminate upon a material breach of its terms and conditions. + 6. This License Agreement shall be governed by and interpreted in all respects by the law of the State of California, excluding conflict of law provisions. Nothing in this License Agreement shall be deemed to create any relationship of agency, partnership, or joint venture between BeOpen and Licensee. This License Agreement does not grant permission to use BeOpen trademarks or trade names in a trademark sense to endorse or promote products or services of Licensee, or any third party. As an exception, the "BeOpen Python" logos available at http://www.pythonlabs.com/logos.html may be used according to the permissions granted on that web page. + 7. By copying, installing or otherwise using the software, Licensee agrees to be bound by the terms and conditions of this License Agreement. + 1. This LICENSE AGREEMENT is between the Corporation for National Research Initiatives, having an office at 1895 Preston White Drive, Reston, VA 20191 ("CNRI"), and the Individual or Organization ("Licensee") accessing and otherwise using Python 1.6, beta 1 software in source or binary form and its associated documentation, as released at the www.python.org Internet site on August 4, 2000 ("Python 1.6b1"). + 2. Subject to the terms and conditions of this License Agreement, CNRI hereby grants Licensee a non-exclusive, royalty-free, world-wide license to reproduce, analyze, test, perform and/or display publicly, prepare derivative works, distribute, and otherwise use Python 1.6b1 alone or in any derivative version, provided, however, that CNRIs License Agreement is retained in Python 1.6b1, alone or in any derivative version prepared by Licensee. + Alternately, in lieu of CNRIs License Agreement, Licensee may substitute the following text (omitting the quotes): "Python 1.6, beta 1, is made available subject to the terms and conditions in CNRIs License Agreement. This Agreement may be located on the Internet using the following unique, persistent identifier (known as a handle): 1895.22/1011. This Agreement may also be obtained from a proxy server on the Internet using the URL:http://hdl.handle.net/1895.22/1011". + 3. In the event Licensee prepares a derivative work that is based on or incorporates Python 1.6b1 or any part thereof, and wants to make the derivative work available to the public as provided herein, then Licensee hereby agrees to indicate in any such work the nature of the modifications made to Python 1.6b1. + 4. CNRI is making Python 1.6b1 available to Licensee on an "AS IS" basis. CNRI MAKES NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED. BY WAY OF EXAMPLE, BUT NOT LIMITATION, CNRI MAKES NO AND DISCLAIMS ANY REPRESENTATION OR WARRANTY OF MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR PURPOSE OR THAT THE USE OF PYTHON 1.6b1 WILL NOT INFRINGE ANY THIRD PARTY RIGHTS. + 5. CNRI SHALL NOT BE LIABLE TO LICENSEE OR ANY OTHER USERS OF THE SOFTWARE FOR ANY INCIDENTAL, SPECIAL, OR CONSEQUENTIAL DAMAGES OR LOSS AS A RESULT OF USING, MODIFYING OR DISTRIBUTING PYTHON 1.6b1, OR ANY DERIVATIVE THEREOF, EVEN IF ADVISED OF THE POSSIBILITY THEREOF. + 6. This License Agreement will automatically terminate upon a material breach of its terms and conditions. + 7. This License Agreement shall be governed by and interpreted in all respects by the law of the State of Virginia, excluding conflict of law provisions. Nothing in this License Agreement shall be deemed to create any relationship of agency, partnership, or joint venture between CNRI and Licensee. This License Agreement does not grant permission to use CNRI trademarks or trade name in a trademark sense to endorse or promote products or services of Licensee, or any third party. + 8. By clicking on the "ACCEPT" button where indicated, or by copying, installing or otherwise using Python 1.6b1, Licensee agrees to be bound by the terms and conditions of this License Agreement. +Copyright (c) 1991 - 1995, Stichting Mathematisch Centrum Amsterdam, The Netherlands. All rights reserved. +Permission to use, copy, modify, and distribute this software and its documentation for any purpose and without fee is hereby granted, provided that the above copyright notice appear in all copies and that both that copyright notice and this permission notice appear in supporting documentation, and that the name of Stichting Mathematisch Centrum or CWI not be used in advertising or publicity pertaining to distribution of the software without specific, written prior permission. +STICHTING MATHEMATISCH CENTRUM DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS, IN NO EVENT SHALL STICHTING MATHEMATISCH CENTRUM BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + -------------------------------------------------------------------------------- Package Title: urllib3 (1.26.19) @@ -6405,4 +6405,4 @@ Public Domain -------------------------------------------------------------------------------- -------------------------------------------------------------------------------- -Report Generated by FOSSA on 2024-8-14 +Report Generated by FOSSA on 2024-8-28 diff --git a/pyproject.toml b/pyproject.toml index 3482828a..00a09fda 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -16,7 +16,7 @@ [tool.poetry] name = "pytest-splunk-addon" -version = "5.4.0-beta.1" +version = "5.4.0-beta.2" description = "A Dynamic test tool for Splunk Apps and Add-ons" authors = ["Splunk "] license = "APACHE-2.0" diff --git a/pytest_splunk_addon/__init__.py b/pytest_splunk_addon/__init__.py index ef3c5d55..f5d629da 100644 --- a/pytest_splunk_addon/__init__.py +++ b/pytest_splunk_addon/__init__.py @@ -18,4 +18,4 @@ __author__ = """Splunk Inc.""" __email__ = "addonfactory@splunk.com" -__version__ = "5.4.0-beta.1" +__version__ = "5.4.0-beta.2"