From 76e0d16e4cd316502313c8b5f15c6dc8ca4d54c8 Mon Sep 17 00:00:00 2001 From: "opensearch-trigger-bot[bot]" <98922864+opensearch-trigger-bot[bot]@users.noreply.github.com> Date: Mon, 26 Feb 2024 17:47:11 +0800 Subject: [PATCH] [2.12] Update security analytics tests (#1085) (#1086) * updated tests Signed-off-by: Amardeepsingh Siglani * updated tests Signed-off-by: Amardeepsingh Siglani * updated tests Signed-off-by: Amardeepsingh Siglani * updated intercepts Signed-off-by: Amardeepsingh Siglani * fixed lint errors Signed-off-by: Amardeepsingh Siglani * updated tests Signed-off-by: Amardeepsingh Siglani * fixed incorrect intercept setup Signed-off-by: Amardeepsingh Siglani * updated rules test Signed-off-by: Amardeepsingh Siglani --------- Signed-off-by: Amardeepsingh Siglani (cherry picked from commit 14400ed76ca9a064bb75090ce2292b2688a37a05) Co-authored-by: Amardeepsingh Siglani --- .../1_detectors.spec.js | 88 +++++++++---------- .../2_rules.spec.js | 85 +++++++----------- .../3_alerts.spec.js | 59 +++---------- .../4_findings.spec.js | 2 +- .../constants.js | 18 ++++ .../helpers.js | 16 ++++ 6 files changed, 127 insertions(+), 141 deletions(-) create mode 100644 cypress/utils/plugins/security-analytics-dashboards-plugin/helpers.js diff --git a/cypress/integration/plugins/security-analytics-dashboards-plugin/1_detectors.spec.js b/cypress/integration/plugins/security-analytics-dashboards-plugin/1_detectors.spec.js index 823d2f84e..bb2244e46 100644 --- a/cypress/integration/plugins/security-analytics-dashboards-plugin/1_detectors.spec.js +++ b/cypress/integration/plugins/security-analytics-dashboards-plugin/1_detectors.spec.js @@ -7,6 +7,10 @@ import { NODE_API, OPENSEARCH_DASHBOARDS_URL, } from '../../../utils/plugins/security-analytics-dashboards-plugin/constants'; +import { + getLogTypeLabel, + setupIntercept, +} from '../../../utils/plugins/security-analytics-dashboards-plugin/helpers'; import sample_windows_index_settings from '../../../fixtures/plugins/security-analytics-dashboards-plugin/sample_windows_index_settings.json'; import sample_dns_index_settings from '../../../fixtures/plugins/security-analytics-dashboards-plugin/sample_dns_index_settings.json'; import dns_name_rule_data from '../../../fixtures/plugins/security-analytics-dashboards-plugin/integration_tests/rule/create_dns_rule_with_name_selection.json'; @@ -18,6 +22,7 @@ const cypressIndexDns = 'cypress-index-dns'; const cypressIndexWindows = 'cypress-index-windows'; const detectorName = 'test detector'; const cypressLogTypeDns = 'dns'; +const creationFailedMessage = 'Create detector failed.'; const cypressDNSRule = dns_name_rule_data.title; @@ -39,7 +44,7 @@ const dataSourceLabel = 'Select or input source indexes or index patterns'; const getDataSourceField = () => cy.sa_getFieldByLabel(dataSourceLabel); -const logTypeLabel = 'Select a log type you would like to detect'; +const logTypeLabel = 'Log type'; const getLogTypeField = () => cy.sa_getFieldByLabel(logTypeLabel); @@ -133,25 +138,39 @@ const validatePendingFieldMappingsPanel = (mappings) => { }); }; -const fillDetailsForm = (detectorName, dataSource) => { +const fillDetailsForm = ( + detectorName, + dataSource, + isCustomDataSource = false +) => { getNameField().type(detectorName); - getDataSourceField().sa_selectComboboxItem(dataSource); + + if (isCustomDataSource) { + getDataSourceField() + .focus() + .type(dataSource + '{enter}'); + } else { + getDataSourceField().sa_selectComboboxItem(dataSource); + } + getDataSourceField().focus().blur(); - getLogTypeField().sa_selectComboboxItem(cypressLogTypeDns); + getLogTypeField().sa_selectComboboxItem(getLogTypeLabel(cypressLogTypeDns)); getLogTypeField().focus().blur(); }; const createDetector = (detectorName, dataSource, expectFailure) => { getCreateDetectorButton().click({ force: true }); - fillDetailsForm(detectorName, dataSource); + fillDetailsForm(detectorName, dataSource, expectFailure); cy.sa_getElementByText( '.euiAccordion .euiTitle', - 'Detection rules (14 selected)' + 'Selected detection rules (14)' ) .click({ force: true, timeout: 5000 }) - .then(() => cy.contains('.euiTable .euiTableRow', 'Dns')); + .then(() => + cy.contains('.euiTable .euiTableRow', getLogTypeLabel(cypressLogTypeDns)) + ); cy.sa_getElementByText('.euiAccordion .euiTitle', 'Field mapping - optional'); cy.get('[aria-controls="mappedTitleFieldsAccordion"]').then(($btn) => { @@ -168,21 +187,14 @@ const createDetector = (detectorName, dataSource, expectFailure) => { // Open the trigger details accordion cy.get('[data-test-subj="trigger-details-btn"]').click({ force: true }); cy.sa_getElementByText('.euiTitle.euiTitle--medium', 'Set up alert triggers'); - cy.sa_getInputByPlaceholder( - 'Enter a name to describe the alert condition' - ).type('test_trigger'); cy.sa_getElementByTestSubject('alert-tags-combo-box') .type(`attack.defense_evasion{enter}`) .find('input') .focus() .blur(); - cy.sa_getFieldByLabel('Specify alert severity').sa_selectComboboxItem( - '1 (Highest)' - ); - - cy.intercept('POST', NODE_API.MAPPINGS_BASE).as('createMappingsRequest'); - cy.intercept('POST', NODE_API.DETECTORS_BASE).as('createDetectorRequest'); + setupIntercept(cy, NODE_API.MAPPINGS_BASE, 'createMappingsRequest'); + setupIntercept(cy, NODE_API.DETECTORS_BASE, 'createDetectorRequest'); // create the detector cy.sa_getElementByText('button', 'Create').click({ force: true }); @@ -197,11 +209,6 @@ const createDetector = (detectorName, dataSource, expectFailure) => { cy.url() .should('contain', detectorId) .then(() => { - cy.sa_getElementByText( - '.euiCallOut', - `Detector created successfully: ${detectorName}` - ); - // Confirm detector state cy.sa_getElementByText('.euiTitle', detectorName); cy.sa_getElementByText('.euiHealth', 'Active').then(() => { @@ -217,7 +224,7 @@ const createDetector = (detectorName, dataSource, expectFailure) => { cy.wait(5000); // waiting for the page to be reloaded after pushing detector id into route cy.sa_getElementByText('button.euiTab', 'Alert triggers') .should('be.visible') - .click(); + .click({ force: true }); validateAlertPanel('Trigger 1'); }); }); @@ -265,7 +272,7 @@ describe('Detectors', () => { describe('...should validate form fields', () => { beforeEach(() => { - cy.intercept(NODE_API.SEARCH_DETECTORS).as('detectorsSearch'); + setupIntercept(cy, NODE_API.SEARCH_DETECTORS, 'detectorsSearch'); // Visit Detectors page before any test cy.visit(`${OPENSEARCH_DASHBOARDS_URL}/detectors`); @@ -414,9 +421,7 @@ describe('Detectors', () => { describe('...validate create detector flow', () => { beforeEach(() => { - cy.intercept(NODE_API.SEARCH_DETECTORS) - .as('detectorsSearch') - .as('detectorsSearch'); + setupIntercept(cy, NODE_API.SEARCH_DETECTORS, 'detectorsSearch'); // Visit Detectors page before any test cy.visit(`${OPENSEARCH_DASHBOARDS_URL}/detectors`); @@ -425,16 +430,16 @@ describe('Detectors', () => { it('...can fail creation', () => { createDetector(`${detectorName}_fail`, '.kibana_1', true); - cy.sa_getElementByText('.euiCallOut', 'Create detector failed.'); + cy.sa_getElementByText('.euiCallOut', creationFailedMessage); }); it('...can be created', () => { createDetector(detectorName, cypressIndexDns, false); - cy.sa_getElementByText('.euiCallOut', 'Detector created successfully'); + cy.contains(creationFailedMessage).should('not.exist'); }); it('...basic details can be edited', () => { - cy.intercept('GET', NODE_API.INDICES_BASE).as('getIndices'); + setupIntercept(cy, NODE_API.INDICES_BASE, 'getIndices', 'GET'); openDetectorDetails(detectorName); editDetectorDetails(detectorName, 'Detector details'); @@ -494,10 +499,13 @@ describe('Detectors', () => { }); xit('...should update field mappings if data source is changed', () => { - cy.intercept( - `${NODE_API.MAPPINGS_VIEW}?indexName=cypress-index-dns&ruleTopic=dns` - ).as('getMappingsView'); - cy.intercept('GET', NODE_API.INDICES_BASE).as('getIndices'); + setupIntercept( + cy, + `${NODE_API.MAPPINGS_VIEW}?indexName=cypress-index-dns&ruleTopic=dns`, + 'getMappingsView', + 'GET' + ); + setupIntercept(cy, NODE_API.INDICES_BASE, 'getIndices', 'GET'); openDetectorDetails(detectorName); editDetectorDetails(detectorName, 'Detector details'); @@ -519,9 +527,7 @@ describe('Detectors', () => { }); xit('...should show field mappings if rule selection is changed', () => { - cy.intercept( - `${NODE_API.MAPPINGS_VIEW}?indexName=cypress-index-windows&ruleTopic=dns` - ).as('getMappingsView'); + setupIntercept(cy, `${NODE_API.MAPPINGS_VIEW}`, 'getMappingsView', 'GET'); openDetectorDetails(detectorName); @@ -544,22 +550,16 @@ describe('Detectors', () => { }); it('...can be deleted', () => { - cy.intercept(`${NODE_API.RULES_BASE}/_search?prePackaged=true`).as( - 'getSigmaRules' - ); - cy.intercept(`${NODE_API.RULES_BASE}/_search?prePackaged=false`).as( - 'getCustomRules' - ); + setupIntercept(cy, `${NODE_API.RULES_BASE}/_search`, 'getSigmaRules'); openDetectorDetails(detectorName); cy.wait('@detectorsSearch'); - cy.wait('@getCustomRules'); cy.wait('@getSigmaRules'); cy.sa_getButtonByText('Actions') .click({ force: true }) .then(() => { - cy.intercept(`${NODE_API.DETECTORS_BASE}/_search`).as('detectors'); + setupIntercept(cy, `${NODE_API.DETECTORS_BASE}/_search`, 'detectors'); cy.sa_getElementByText('.euiContextMenuItem', 'Delete').click({ force: true, }); diff --git a/cypress/integration/plugins/security-analytics-dashboards-plugin/2_rules.spec.js b/cypress/integration/plugins/security-analytics-dashboards-plugin/2_rules.spec.js index b1831cfc9..43f027a07 100644 --- a/cypress/integration/plugins/security-analytics-dashboards-plugin/2_rules.spec.js +++ b/cypress/integration/plugins/security-analytics-dashboards-plugin/2_rules.spec.js @@ -7,6 +7,10 @@ import { NODE_API, OPENSEARCH_DASHBOARDS_URL, } from '../../../utils/plugins/security-analytics-dashboards-plugin/constants'; +import { + getLogTypeLabel, + setupIntercept, +} from '../../../utils/plugins/security-analytics-dashboards-plugin/helpers'; const uniqueId = Cypress._.random(0, 1e6); const SAMPLE_RULE = { @@ -72,7 +76,7 @@ const checkRulesFlyout = () => { // Validate log type cy.get('[data-test-subj="rule_flyout_rule_log_type"]').contains( - SAMPLE_RULE.logType + getLogTypeLabel(SAMPLE_RULE.logType) ); // Validate description @@ -170,10 +174,6 @@ const getListRadioField = () => cy.get('[for="selection-map-list-0-0"]'); const getTextRadioField = () => cy.get('[for="selection-map-value-0-0"]'); const getConditionField = () => cy.get('[data-test-subj="rule_detection_field"]'); -const getConditionAddButton = () => - cy.get('[data-test-subj="condition-add-selection-btn"]'); -const getConditionRemoveButton = (index) => - cy.get(`[data-test-subj="selection-exp-field-item-remove-${index}"]`); const getRuleSubmitButton = () => cy.get('[data-test-subj="submit_rule_form_button"]'); const getTagField = (index) => @@ -196,7 +196,7 @@ const fillCreateForm = () => { getAuthorField().type(`${SAMPLE_RULE.author}`); // rule details - getLogTypeField().sa_selectComboboxItem(SAMPLE_RULE.logType); + getLogTypeField().sa_selectComboboxItem(getLogTypeLabel(SAMPLE_RULE.logType)); getRuleLevelField().sa_selectComboboxItem(SAMPLE_RULE.severity); // rule detection @@ -208,8 +208,6 @@ const fillCreateForm = () => { getMapValueField().type('FieldValue'); }); - getConditionAddButton().click({ force: true }); - // rule additional details SAMPLE_RULE.tags.forEach((tag, idx) => { getTagField(idx).type(tag); @@ -226,9 +224,7 @@ describe('Rules', () => { describe('...should validate form fields', () => { beforeEach(() => { - cy.intercept(`${NODE_API.RULES_BASE}/_search?prePackaged=true`).as( - 'rulesSearch' - ); + setupIntercept(cy, `${NODE_API.RULES_BASE}/_search`, 'rulesSearch'); // Visit Rules page cy.visit(`${OPENSEARCH_DASHBOARDS_URL}/rules`); cy.wait('@rulesSearch').should('have.property', 'state', 'Complete'); @@ -334,7 +330,9 @@ describe('Rules', () => { getLogTypeField().focus().blur(); getLogTypeField().sa_containsError('Log type is required'); - getLogTypeField().sa_selectComboboxItem(SAMPLE_RULE.logType); + getLogTypeField().sa_selectComboboxItem( + getLogTypeLabel(SAMPLE_RULE.logType) + ); getLogTypeField().focus().blur().sa_shouldNotHaveError(); }); @@ -379,13 +377,20 @@ describe('Rules', () => { it('...should validate selection map key field', () => { getSelectionPanelByIndex(0).within(() => { getMapKeyField().should('be.empty'); - getMapKeyField().focus().blur(); + getMapKeyField() + .focus() + .blur() + .parents('.euiFormRow__fieldWrapper') + .find('.euiFormErrorText') + .should('not.exist'); + + getMapKeyField().type('hello@'); getMapKeyField() .parentsUntil('.euiFormRow__fieldWrapper') .siblings() - .contains('Key name is required'); + .contains('Invalid key name'); - getMapKeyField().type('FieldKey'); + getMapKeyField().focus().type('{selectall}').type('FieldKey'); getMapKeyField() .focus() .blur() @@ -439,15 +444,8 @@ describe('Rules', () => { getRuleSubmitButton().click({ force: true }); getConditionField() .parents('.euiFormRow__fieldWrapper') - .contains('Condition is required'); - - getConditionAddButton().click({ force: true }); - getConditionField().find('.euiFormErrorText').should('not.exist'); - - getConditionRemoveButton(0).click({ force: true }); - getConditionField() - .parents('.euiFormRow__fieldWrapper') - .contains('Condition is required'); + .contains('Condition is required') + .should('not.exist'); }); it('...should validate tag field', () => { @@ -481,7 +479,9 @@ describe('Rules', () => { // log field getLogTypeField().sa_clearCombobox(); toastShouldExist(); - getLogTypeField().sa_selectComboboxItem(SAMPLE_RULE.logType); + getLogTypeField().sa_selectComboboxItem( + getLogTypeLabel(SAMPLE_RULE.logType) + ); // severity field getRuleLevelField().sa_clearCombobox(); @@ -506,7 +506,6 @@ describe('Rules', () => { getSelectionPanelByIndex(0).within(() => getMapKeyField().type('{selectall}').type('{backspace}') ); - toastShouldExist(); getSelectionPanelByIndex(0).within(() => getMapKeyField().type('FieldKey') ); @@ -531,11 +530,6 @@ describe('Rules', () => { getMapListField().type('FieldValue', { force: true }); }); - // condition field - getConditionRemoveButton(0).click({ force: true }); - toastShouldExist(); - getConditionAddButton().click({ force: true }); - // tags field getTagField(0).sa_clearValue().type('wrong.tag'); toastShouldExist(); @@ -545,9 +539,7 @@ describe('Rules', () => { describe('...should validate create rule flow', () => { beforeEach(() => { - cy.intercept(`${NODE_API.RULES_BASE}/_search?prePackaged=false`).as( - 'rulesSearch' - ); + setupIntercept(cy, `${NODE_API.RULES_BASE}/_search`, 'rulesSearch'); // Visit Rules page cy.visit(`${OPENSEARCH_DASHBOARDS_URL}/rules`); cy.wait('@rulesSearch').should('have.property', 'state', 'Complete'); @@ -572,9 +564,7 @@ describe('Rules', () => { cy.get('[data-test-subj="rule_yaml_editor"]').contains(line) ); - cy.intercept({ - url: `${NODE_API.RULES_BASE}/_search?prePackaged=false`, - }).as('getRules'); + setupIntercept(cy, `${NODE_API.RULES_BASE}/_search`, 'getRules'); submitRule(); @@ -618,10 +608,12 @@ describe('Rules', () => { SAMPLE_RULE.logType = 'dns'; YAML_RULE_LINES[2] = `product: ${SAMPLE_RULE.logType}`; YAML_RULE_LINES[3] = `title: ${SAMPLE_RULE.name}`; - getLogTypeField().sa_selectComboboxItem(SAMPLE_RULE.logType); + getLogTypeField().sa_selectComboboxItem( + getLogTypeLabel(SAMPLE_RULE.logType) + ); getLogTypeField() .sa_containsValue(SAMPLE_RULE.logType) - .contains(SAMPLE_RULE.logType); + .contains(getLogTypeLabel(SAMPLE_RULE.logType)); SAMPLE_RULE.description += ' edited'; YAML_RULE_LINES[4] = `description: ${SAMPLE_RULE.description}`; @@ -629,9 +621,7 @@ describe('Rules', () => { getDescriptionField().type(SAMPLE_RULE.description); getDescriptionField().should('have.value', SAMPLE_RULE.description); - cy.intercept({ - url: `${NODE_API.RULES_BASE}/_search?prePackaged=false`, - }).as('getRules'); + setupIntercept(cy, `${NODE_API.RULES_BASE}/_search`, 'getRules'); submitRule(); @@ -645,13 +635,7 @@ describe('Rules', () => { }); it('...can be deleted', () => { - cy.intercept('POST', `${NODE_API.RULES_BASE}/_search?prePackaged=true`, { - delay: 5000, - }).as('getPrePackagedRules'); - - cy.intercept('POST', `${NODE_API.RULES_BASE}/_search?prePackaged=false`, { - delay: 5000, - }).as('getCustomRules'); + setupIntercept(cy, `${NODE_API.RULES_BASE}/_search`, 'getRules', 'POST'); cy.get(`input[placeholder="Search rules"]`).sa_ospSearch( SAMPLE_RULE.name @@ -677,8 +661,7 @@ describe('Rules', () => { ); cy.wait(5000); - cy.wait('@getCustomRules'); - cy.wait('@getPrePackagedRules'); + cy.wait('@getRules'); // Search for sample_detector, presumably deleted cy.wait(3000); diff --git a/cypress/integration/plugins/security-analytics-dashboards-plugin/3_alerts.spec.js b/cypress/integration/plugins/security-analytics-dashboards-plugin/3_alerts.spec.js index 8812d5c28..0f7de238e 100644 --- a/cypress/integration/plugins/security-analytics-dashboards-plugin/3_alerts.spec.js +++ b/cypress/integration/plugins/security-analytics-dashboards-plugin/3_alerts.spec.js @@ -13,6 +13,7 @@ import indexSettings from '../../../fixtures/plugins/security-analytics-dashboar import aliasMappings from '../../../fixtures/plugins/security-analytics-dashboards-plugin/sample_alias_mappings.json'; import indexDoc from '../../../fixtures/plugins/security-analytics-dashboards-plugin/sample_document.json'; import ruleSettings from '../../../fixtures/plugins/security-analytics-dashboards-plugin/integration_tests/rule/create_windows_usb_rule.json'; +import { setupIntercept } from '../../../utils/plugins/security-analytics-dashboards-plugin/helpers'; const indexName = 'test-index'; const detectorName = 'test-detector'; @@ -49,7 +50,7 @@ describe('Alerts', () => { beforeEach(() => { // Visit Alerts table page - cy.intercept(`${NODE_API.DETECTORS_BASE}/_search`).as('detectorsSearch'); + setupIntercept(cy, `${NODE_API.DETECTORS_BASE}/_search`, 'detectorsSearch'); // Visit Detectors page cy.visit(`${OPENSEARCH_DASHBOARDS_URL}/alerts`); cy.wait('@detectorsSearch').should('have.property', 'state', 'Complete'); @@ -103,6 +104,7 @@ describe('Alerts', () => { // Click the "View details" button for the first alert cy.get('[aria-label="View details"]').click({ force: true }); }); + cy.wait(3000); // Get the details flyout, and validate its content cy.get('[data-test-subj="alert-details-flyout"]').within(() => { @@ -138,14 +140,16 @@ describe('Alerts', () => { // Wait for the findings table to finish loading cy.contains('Findings (1)'); - cy.contains('Cypress USB Rule'); + cy.contains('Detection rules'); // Confirm alert findings contain expected values cy.get('tbody > tr').should(($tr) => { expect($tr, `timestamp`).to.contain(date); - expect($tr, `rule name`).to.contain('Cypress USB Rule'); + expect($tr, `detection type`).to.contain('Detection rules'); expect($tr, `detector name`).to.contain(testDetectorCfg.name); - expect($tr, `log type`).to.contain('System Activity: Windows'); + expect($tr, `log type`).to.contain( + 'System Activity: Microsoft Windows' + ); }); // Close the flyout @@ -167,9 +171,11 @@ describe('Alerts', () => { cy.get('[aria-label="View details"]').click({ force: true }); }); + cy.wait(3000); + cy.get('[data-test-subj="alert-details-flyout"]').within(() => { // Wait for findings table to finish loading - cy.contains('Cypress USB Rule'); + cy.contains('Detection rules'); // Click the details button for the first finding cy.get('tbody > tr') @@ -193,10 +199,10 @@ describe('Alerts', () => { date ); - // Confirm finding detector name + // Confirm finding detection type cy.get( - '[data-test-subj="finding-details-flyout-detector-link"]' - ).contains(testDetectorCfg.name); + '[data-test-subj="finding-details-flyout-detection-type"]' + ).contains('Detection rules'); // Confirm there's only 1 rule details accordion cy.get( @@ -429,42 +435,5 @@ describe('Alerts', () => { }); }); - it('detector name hyperlink on finding details flyout redirects to the detector details page', () => { - // Open first alert details flyout - cy.get('tbody > tr') - .first() - .within(() => { - // Click the "View details" button for the first alert - cy.get('[aria-label="View details"]').click({ force: true }); - }); - - cy.get('[data-test-subj="alert-details-flyout"]').within(() => { - // Wait for findings table to finish loading - cy.contains('Cypress USB Rule'); - - // Click the details button for the first finding - cy.get('tbody > tr') - .first() - .within(() => { - cy.get('[data-test-subj="finding-details-flyout-button"]').click({ - force: true, - }); - }); - }); - - cy.get('[data-test-subj="finding-details-flyout"]').within(() => { - // Click the detector name hyperlink - cy.get('[data-test-subj="finding-details-flyout-detector-link"]') - // Removing the "target" attribute so the link won't open a new tab. Cypress wouldn't test the new tab. - .invoke('removeAttr', 'target') - .click({ force: true }); - }); - - // Confirm the detector details page is for the expected detector - cy.get('[data-test-subj="detector-details-detector-name"]').contains( - testDetectorCfg.name - ); - }); - after(() => cy.sa_cleanUpTests()); }); diff --git a/cypress/integration/plugins/security-analytics-dashboards-plugin/4_findings.spec.js b/cypress/integration/plugins/security-analytics-dashboards-plugin/4_findings.spec.js index f692a6b52..c8d458992 100644 --- a/cypress/integration/plugins/security-analytics-dashboards-plugin/4_findings.spec.js +++ b/cypress/integration/plugins/security-analytics-dashboards-plugin/4_findings.spec.js @@ -55,7 +55,7 @@ describe('Findings', () => { cy.contains('No items found').should('not.exist'); // Check for expected findings - cy.contains('System Activity: Windows'); + cy.contains('System Activity: Microsoft Windows'); cy.contains('High'); }); diff --git a/cypress/utils/plugins/security-analytics-dashboards-plugin/constants.js b/cypress/utils/plugins/security-analytics-dashboards-plugin/constants.js index 79c637364..b9c853fbf 100644 --- a/cypress/utils/plugins/security-analytics-dashboards-plugin/constants.js +++ b/cypress/utils/plugins/security-analytics-dashboards-plugin/constants.js @@ -126,3 +126,21 @@ export const createDetector = ( return detectorConfig; }; + +export const logTypeLabels = { + cloudtrail: 'AWS Cloudtrail', + dns: 'DNS', + vpcflow: 'VPC Flow', + ad_ldap: 'AD/LDAP', + apache_access: 'Apache Access', + m365: 'Microsoft 365', + okta: 'Okta', + waf: 'WAF', + s3: 'AWS S3', + github: 'Github', + gworkspace: 'Google Workspace', + windows: 'Microsoft Windows', + network: 'Network', + linux: 'Linux System Logs', + azure: 'Microsoft Azure', +}; diff --git a/cypress/utils/plugins/security-analytics-dashboards-plugin/helpers.js b/cypress/utils/plugins/security-analytics-dashboards-plugin/helpers.js new file mode 100644 index 000000000..edc7cd4af --- /dev/null +++ b/cypress/utils/plugins/security-analytics-dashboards-plugin/helpers.js @@ -0,0 +1,16 @@ +/* + * Copyright OpenSearch Contributors + * SPDX-License-Identifier: Apache-2.0 + */ + +import { logTypeLabels } from './constants'; +import { startCase } from 'lodash'; + +export function getLogTypeLabel(name) { + return !name ? '-' : logTypeLabels[name.toLowerCase()] || startCase(name); +} + +export function setupIntercept(cy, url, interceptName, method = 'POST') { + const urlRegex = new RegExp(`.*${url}.*`); + cy.intercept(method, urlRegex).as(interceptName); +}