Skip to content

Commit

Permalink
Merge branch '4.8.0' into fix/5403-include-expected-warnings
Browse files Browse the repository at this point in the history
  • Loading branch information
Rebits committed May 23, 2024
2 parents 2282d29 + 266ce16 commit b969701
Show file tree
Hide file tree
Showing 9 changed files with 166 additions and 65 deletions.
3 changes: 3 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@ All notable changes to this project will be documented in this file.
### Changed

- Include "Agent key already in use" in the E2E Vulnerability Detection expected error list. ([#5409](https://github.com/wazuh/wazuh-qa/pull/5409)) \- (Tests)
- Update vulnerability state index name ([#5402](https://github.com/wazuh/wazuh-qa/pull/5402)) \- (Framework)
- Include new package information from wdb ([#5350](https://github.com/wazuh/wazuh-qa/pull/5350)) \- (Tests)
- Disable debug evidences for Vulnerability Detector E2E tests by default ([#5331](https://github.com/wazuh/wazuh-qa/pull/5331)) \- (Tests)
- Include CVE-2023-4822 vulnerability to grafana packages ([#5332](https://github.com/wazuh/wazuh-qa/pull/5332)) \- (Framework)
Expand Down Expand Up @@ -63,6 +64,7 @@ All notable changes to this project will be documented in this file.

### Fixed

- Remove false positive from E2E Vulnerability Detection tests ([#5369](https://github.com/wazuh/wazuh-qa/pull/5369)) \- (Framework)
- Fix multigroups guess system test ([#5396](https://github.com/wazuh/wazuh-qa/pull/5396)) \- (Tests)
- Fix hotfixes syscollector agent simulator messages ([#5379](https://github.com/wazuh/wazuh-qa/pull/5379)) \- (Framework)
- Fix restart agent in change manager Vulnerability Detector E2E test case ([#5355](https://github.com/wazuh/wazuh-qa/pull/5355)) \- (Tests)
Expand Down Expand Up @@ -108,6 +110,7 @@ All notable changes to this project will be documented in this file.
- Fix test cluster performance. ([#4780](https://github.com/wazuh/wazuh-qa/pull/4780)) \- (Framework)
- Fixed the graphic generation for the logcollectord statistics files. ([#5021](https://github.com/wazuh/wazuh-qa/pull/5021)) \- (Framework)

## [4.7.5] - TBD

## [4.7.4] - 29/04/2024

Expand Down
37 changes: 35 additions & 2 deletions deps/wazuh_testing/wazuh_testing/end_to_end/indexer_api.py
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,19 @@
This module provides functions to interact with the Wazuh Indexer API.
Functions:
- get_indexer_values: Retrieves values from the Indexer API.
- get_wazuh_states_vulnerabilities_indexname(cluster_name: str) -> str:
Generate the Wazuh states vulnerabilities index name for a given cluster.
- create_vulnerability_states_indexer_filter(target_agent: str = None,
greater_than_timestamp: str = None) -> dict
Create a filter for the Indexer API for the vulnerability state index.
- create_alerts_filter(target_agent: str = None, greater_than_timestamp: str = None) -> dict
Create a filter for the Indexer API for the alerts index.
- get_indexer_values(host_manager: HostManager, credentials: dict = {'user': 'admin', 'password': 'changeme'},
index: str = 'wazuh-alerts*', filter: dict = None, size: int = 10000) -> Dict
Get values from the Wazuh Indexer API.
- delete_index(host_manager: HostManager, credentials: dict = {'user': 'admin', 'password': 'changeme'},
index: str = 'wazuh-alerts*')
Delete index from the Wazuh Indexer API.
Copyright (C) 2015, Wazuh Inc.
Created by Wazuh, Inc. <info@wazuh.com>.
Expand All @@ -18,7 +30,28 @@
from wazuh_testing.tools.system import HostManager


WAZUH_STATES_VULNERABILITIES_INDEXNAME = 'wazuh-states-vulnerabilities'
WAZUH_STATES_VULNERABILITIES_INDEXNAME_TEMPLATE = 'wazuh-states-vulnerabilities-{cluster_name}'


def get_wazuh_states_vulnerabilities_indexname(cluster_name: str = 'wazuh') -> str:
"""
Generate the Wazuh states vulnerabilities index name for a given cluster.
This function takes a cluster name as input and returns the corresponding
Wazuh states vulnerabilities index name by inserting the cluster name into
a predefined template.
Args:
cluster_name (str): The name of the cluster to be included in the index name.
Returns:
str: The formatted Wazuh states vulnerabilities index name.
Example:
>>> get_wazuh_states_vulnerabilities_indexname('cluster1')
'wazuh-states-vulnerabilities-cluster1'
"""
return WAZUH_STATES_VULNERABILITIES_INDEXNAME_TEMPLATE.format(cluster_name=cluster_name)


def create_vulnerability_states_indexer_filter(target_agent: str = None,
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@

from wazuh_testing.tools.system import HostManager
from wazuh_testing.end_to_end.indexer_api import get_indexer_values, create_vulnerability_states_indexer_filter, \
create_alerts_filter, WAZUH_STATES_VULNERABILITIES_INDEXNAME
create_alerts_filter, get_wazuh_states_vulnerabilities_indexname
from wazuh_testing.end_to_end.regex import REGEX_PATTERNS
from collections import namedtuple

Expand Down Expand Up @@ -275,7 +275,7 @@ def parse_vulnerability_from_state(state):


def get_vulnerabilities_from_states_by_agent(host_manager: HostManager, agents: List[str],
greater_than_timestamp: str = None) -> dict:
greater_than_timestamp: str = None, cluster_name='wazuh') -> dict:
"""Get vulnerabilities from the vulnerability state index by agent.
Args:
Expand All @@ -302,11 +302,12 @@ def get_vulnerabilities_from_states_by_agent(host_manager: HostManager, agents:
for agent in agents:
agent_all_vulnerabilities = []
try:
index = get_wazuh_states_vulnerabilities_indexname(cluster_name)
states_filter = create_vulnerability_states_indexer_filter(target_agent=agent,
greater_than_timestamp=greater_than_timestamp)
agent_all_vulnerabilities = get_indexer_values(host_manager,
filter=states_filter,
index=WAZUH_STATES_VULNERABILITIES_INDEXNAME,
index=index,
credentials={'user': indexer_user,
'password': indexer_password}
)['hits']['hits']
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,7 @@
"CVE-2022-31097",
"CVE-2022-23552",
"CVE-2022-23498",
"CVE-2023-3128",
"CVE-2023-4822"
"CVE-2023-3128"
],
"urls": {
"ubuntu": {
Expand Down Expand Up @@ -63,8 +62,7 @@
"CVE-2022-31097",
"CVE-2022-23552",
"CVE-2022-23498",
"CVE-2023-3128",
"CVE-2023-4822"
"CVE-2023-3128"
],
"urls": {
"centos": {
Expand Down Expand Up @@ -95,7 +93,7 @@
"CVE-2022-31097",
"CVE-2022-23552",
"CVE-2022-23498",
"CVE-2023-4822"
"CVE-2023-3128"
],
"urls": {
"ubuntu": {
Expand Down Expand Up @@ -126,7 +124,7 @@
"CVE-2022-31097",
"CVE-2022-23552",
"CVE-2022-23498",
"CVE-2023-4822"
"CVE-2023-3128"
],
"urls": {
"centos": {
Expand All @@ -136,6 +134,30 @@
},
"uninstall_name": "grafana*"
},
"grafana-8.5.27": {
"package_name": "grafana",
"package_version": "8.5.27",
"CVE": [],
"urls": {
"ubuntu": {
"amd64": "https://dl.grafana.com/oss/release/grafana_8.5.27_amd64.deb",
"arm64v8": "https://dl.grafana.com/oss/release/grafana_8.5.27_arm64.deb"
}
},
"uninstall_name": "grafana*"
},
"grafana-8.5.27-1": {
"package_name": "grafana",
"package_version": "8.5.27-1",
"CVE": [],
"urls": {
"centos": {
"amd64": "https://dl.grafana.com/oss/release/grafana-8.5.27-1.x86_64.rpm",
"arm64v8": "https://dl.grafana.com/oss/release/grafana-8.5.27-1.aarch64.rpm"
}
},
"uninstall_name": "grafana*"
},
"grafana-9.1.1": {
"package_name": "grafana",
"package_version": "9.1.1",
Expand All @@ -152,8 +174,7 @@
"CVE-2022-31130",
"CVE-2022-31123",
"CVE-2022-23552",
"CVE-2022-23498",
"CVE-2023-4822"
"CVE-2022-23498"
],
"urls": {
"ubuntu": {
Expand All @@ -179,8 +200,7 @@
"CVE-2022-31130",
"CVE-2022-31123",
"CVE-2022-23552",
"CVE-2022-23498",
"CVE-2023-4822"
"CVE-2022-23498"
],
"urls": {
"centos": {
Expand All @@ -206,8 +226,7 @@
"CVE-2022-39307",
"CVE-2022-39306",
"CVE-2022-23552",
"CVE-2022-23498",
"CVE-2023-4822"
"CVE-2022-23498"
],
"urls": {
"ubuntu": {
Expand All @@ -233,8 +252,7 @@
"CVE-2022-39307",
"CVE-2022-39306",
"CVE-2022-23552",
"CVE-2022-23498",
"CVE-2023-4822"
"CVE-2022-23498"
],
"urls": {
"centos": {
Expand Down Expand Up @@ -292,26 +310,26 @@
},
"uninstall_name": "grafana*"
},
"grafana-10.0.0": {
"grafana-9.5.17": {
"package_name": "grafana",
"package_version": "10.0.0",
"CVE": ["CVE-2023-4822", "CVE-2023-4399", "CVE-2023-4822"],
"package_version": "9.5.17",
"CVE": [],
"urls": {
"ubuntu": {
"amd64": "https://dl.grafana.com/oss/release/grafana_10.0.0_amd64.deb",
"arm64v8": "https://dl.grafana.com/oss/release/grafana_10.0.0_arm64.deb"
"amd64": "https://dl.grafana.com/oss/release/grafana_9.5.17_amd64.deb",
"arm64v8": "https://dl.grafana.com/oss/release/grafana_9.5.17_arm64.deb"
}
},
"uninstall_name": "grafana*"
},
"grafana-10.0.0-1": {
"grafana-9.5.17-1": {
"package_name": "grafana",
"package_version": "10.0.0-1",
"CVE": ["CVE-2023-4822", "CVE-2023-4399", "CVE-2023-4822"],
"package_version": "9.5.17-1",
"CVE": [],
"urls": {
"centos": {
"amd64": "https://dl.grafana.com/oss/release/grafana-10.0.0-1.x86_64.rpm",
"arm64v8": "https://dl.grafana.com/oss/release/grafana-10.0.0-1.aarch64.rpm"
"amd64": "https://dl.grafana.com/oss/release/grafana-9.5.17-1.x86_64.rpm",
"arm64v8": "https://dl.grafana.com/oss/release/grafana-9.5.17-1.aarch64.rpm"
}
},
"uninstall_name": "grafana*"
Expand Down
2 changes: 1 addition & 1 deletion deps/wazuh_testing/wazuh_testing/qa_docs/schema.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -200,8 +200,8 @@ predefined_values:
- 4.7.2
- 4.7.3
- 4.7.4
- 4.7.5
- 4.8.0

tags:
- active_response
- agentd
Expand Down
19 changes: 10 additions & 9 deletions deps/wazuh_testing/wazuh_testing/tools/performance/statistic.py
Original file line number Diff line number Diff line change
Expand Up @@ -154,8 +154,9 @@ def _parse_api_data(self):
"""Read the data generated by Wazuh API."""

API_URL = f"https://{self.ip}:{self.port}"
CLUSTER_NAME = 'wazuh'
DAEMONS_ENDPOINT= f"/manager/daemons/stats?daemons_list={self.daemon}&wait_for_complete=true"
VULNS_ENDOPOINT= f"/wazuh-states-vulnerabilities/_count"
VULNS_ENDOPOINT= f"/wazuh-states-vulnerabilities-{CLUSTER_NAME}/_count"
ALERTS_ENDPOINT= f"/wazuh-alerts-4.x-*/_count"
TOKEN_ENDPOINT="/security/user/authenticate"

Expand All @@ -164,7 +165,7 @@ def _parse_api_data(self):
max_retries = 3
token_response = None
daemon_response = None
data = None
data = None

if(self.target == "vulnerabilities"):
for _ in range(max_retries):
Expand Down Expand Up @@ -244,22 +245,22 @@ def _write_csv(self, data, target, csv_file):
csv_header = headers.agentd_header

header = not isfile(csv_file)

with open(csv_file, 'a+') as log:

if header:
log.write(f'{",".join(csv_header)}\n')

timestamp = datetime.fromtimestamp(time()).strftime('%Y-%m-%d %H:%M:%S')

if self.use_state_file == False:
if target not in ["vulnerabilities", "alerts"]:
format = r"%Y-%m-%dT%H:%M:%S+%f:00"
datetime_timestamp = datetime.strptime(data['timestamp'], format)
datetime_uptime = datetime.strptime(data['uptime'], format)
interval = (datetime_timestamp - datetime_uptime).total_seconds()

if target == "analysis":
if target == "analysis":
metrics = data['metrics']
decoded = metrics['events']['received_breakdown']['decoded_breakdown']
decoded_modules = decoded['modules_breakdown']
Expand Down Expand Up @@ -425,11 +426,11 @@ def _write_csv(self, data, target, csv_file):
ag_bd['tables']['syscheck']['fim_file'], # 17
ag_bd['tables']['syscheck']['fim_registry'], # 18
ag_bd['tables']['syscheck']['fim_registry_key'], # 19
ag_bd['tables']['syscheck']['fim_registry_value'], # 20
ag_bd['tables']['syscheck']['fim_registry_value'], # 20
ag_bd['tables']['syscollector']['syscollector_hotfixes'], # 21
ag_bd['tables']['syscollector']['syscollector_hwinfo'], # 22
ag_bd['tables']['syscollector']['syscollector_hwinfo'], # 22
ag_bd['tables']['syscollector']['syscollector_network_address'], # 23
ag_bd['tables']['syscollector']['syscollector_network_iface'], # 24
ag_bd['tables']['syscollector']['syscollector_network_iface'], # 24
ag_bd['tables']['syscollector']['syscollector_network_protocol'], # 25
ag_bd['tables']['syscollector']['syscollector_osinfo'], # 26
ag_bd['tables']['syscollector']['syscollector_packages'], # 27
Expand All @@ -438,7 +439,7 @@ def _write_csv(self, data, target, csv_file):
vulnerability_data, # 30
received_breakdown['global'], # 31
glob_bd['db']['backup'], # 32
glob_bd['db']['sql'], # 33
glob_bd['db']['sql'], # 33
glob_bd['db']['vacuum'], # 34
glob_bd['db']['get_fragmentation'], # 35
glob_bd['tables']['agent']['delete-agent'], # 36
Expand Down
10 changes: 10 additions & 0 deletions deps/wazuh_testing/wazuh_testing/tools/system.py
Original file line number Diff line number Diff line change
Expand Up @@ -884,6 +884,16 @@ def get_api_credentials(self):

return user, password

def get_cluster_name(self):
manager_list = self.get_group_hosts('manager')
if not manager_list:
raise ValueError("No manager is defined in the environment")

first_manager_vars = self.inventory_manager.get_host(manager_list[0])
cluster_name = first_manager_vars.vars.get('cluster_name', 'wazuh')

return cluster_name

def get_indexer_credentials(self):
default_user = 'admin'
default_password = 'changeme'
Expand Down
Loading

0 comments on commit b969701

Please sign in to comment.