You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@metron.apache.org by ma...@apache.org on 2017/06/26 17:27:28 UTC
[07/18] metron git commit: METRON-962 Configuration Based Unit Tests
and Add integration tests (justinleet via leet) closes apache/metron#612
http://git-wip-us.apache.org/repos/asf/metron/blob/5b72da7b/metron-platform/metron-parsers/src/test/resources/logData/LancopeParserTest.txt
----------------------------------------------------------------------
diff --git a/metron-platform/metron-parsers/src/test/resources/logData/LancopeParserTest.txt b/metron-platform/metron-parsers/src/test/resources/logData/LancopeParserTest.txt
new file mode 100644
index 0000000..0e4bf74
--- /dev/null
+++ b/metron-platform/metron-parsers/src/test/resources/logData/LancopeParserTest.txt
@@ -0,0 +1 @@
+{"message":"<131>Jul 17 15:59:01 smc-01 StealthWatch[12365]: 2014-07-17T15:58:30Z 10.40.10.254 0.0.0.0 Minor High Concern Index The host's concern index has either exceeded the CI threshold or rapidly increased. Observed 36.55M points. Policy maximum allows up to 20M points.","@version":"1","@timestamp":"2014-07-17T15:56:05.992Z","type":"syslog","host":"10.122.196.201"}
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/metron/blob/5b72da7b/metron-platform/metron-parsers/src/test/resources/logData/PaloAltoFirewallParserTest.txt
----------------------------------------------------------------------
diff --git a/metron-platform/metron-parsers/src/test/resources/logData/PaloAltoFirewallParserTest.txt b/metron-platform/metron-parsers/src/test/resources/logData/PaloAltoFirewallParserTest.txt
new file mode 100644
index 0000000..c58bcc8
--- /dev/null
+++ b/metron-platform/metron-parsers/src/test/resources/logData/PaloAltoFirewallParserTest.txt
@@ -0,0 +1,2 @@
+<11>Jan 5 05:38:59 PAN1.exampleCustomer.com 1,2015/01/05 05:38:58,0006C110285,THREAT,vulnerability,1,2015/01/05 05:38:58,10.0.0.115,216.0.10.198,0.0.0.0,0.0.0.0,EX-Allow,example\\user.name,,web-browsing,vsys1,internal,external,ethernet1/2,ethernet1/1,LOG-Default,2015/01/05 05:38:58,12031,1,54180,80,0,0,0x80004000,tcp,reset-both,\"ad.aspx?f=300x250&id=12;tile=1;ord=67AF705D60B1119C0F18BEA336F9\",HTTP: IIS Denial Of Service Attempt(40019),any,high,client-to-server,347368099,0x0,10.0.0.0-10.255.255.255,US,0,,1200568889751109656,,
+<14>Jan 5 12:51:34 PAN1.exampleCustomer.com 1,2015/01/05 12:51:33,0011C103117,TRAFFIC,end,1,2015/01/05 12:51:33,10.0.0.39,10.1.0.163,0.0.0.0,0.0.0.0,EX-Allow,,example\\user.name,ms-ds-smb,vsys1,v_external,v_internal,ethernet1/2,ethernet1/1,LOG-Default,2015/01/05 12:51:33,33760927,1,52688,445,0,0,0x401a,tcp,allow,2229,1287,942,10,2015/01/05 12:51:01,30,any,0,17754932062,0x0,10.0.0.0-10.255.255.255,10.0.0.0-10.255.255.255,0,6,4
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/metron/blob/5b72da7b/metron-platform/metron-parsers/src/test/resources/logData/SourcefireParserTest.txt
----------------------------------------------------------------------
diff --git a/metron-platform/metron-parsers/src/test/resources/logData/SourcefireParserTest.txt b/metron-platform/metron-parsers/src/test/resources/logData/SourcefireParserTest.txt
new file mode 100644
index 0000000..af257aa
--- /dev/null
+++ b/metron-platform/metron-parsers/src/test/resources/logData/SourcefireParserTest.txt
@@ -0,0 +1,3 @@
+SFIMS: [Primary Detection Engine (a7213248-6423-11e3-8537-fac6a92b7d9d)][MTD Access Control] Connection Type: Start, User: Unknown, Client: Unknown, Application Protocol: Unknown, Web App: Unknown, Firewall Rule Name: MTD Access Control, Firewall Rule Action: Allow, Firewall Rule Reasons: Unknown, URL Category: Unknown, URL_Reputation: Risk unknown, URL: Unknown, Interface Ingress: s1p1, Interface Egress: N/A, Security Zone Ingress: Unknown, Security Zone Egress: N/A, Security Intelligence Matching IP: None, Security Intelligence Category: None, {TCP} 72.163.0.129:60517 -> 10.1.128.236:443
+snort: [1:3192:2] WEB-CLIENT Windows Media Player directory traversal via Content-Disposition attempt [Classification: Attempted User Privilege Gain] [Priority: 1] {TCP} 46.149.110.103:80 -> 192.168.56.102:1073
+SFIMS: Correlation Event: Open Soc Log Forwarding/Opensoc Log Forwarding at Thu Oct 23 04:55:39 2014 UTC: [1:19123:7] \"MALWARE-CNC Dropper Win.Trojan.Cefyns.A variant outbound connection\" [Impact: Unknown] From \"172.19.50.7\" at Thu Oct 23 04:55:38 2014 UTC [Classification: A Network Trojan was Detected] [Priority: 1] {tcp} 139.230.245.23:52078->72.52.4.91:80
\ No newline at end of file
http://git-wip-us.apache.org/repos/asf/metron/blob/5b72da7b/metron-platform/metron-pcap/src/test/java/org/apache/metron/pcap/utils/PcapUtilsTest.java
----------------------------------------------------------------------
diff --git a/metron-platform/metron-pcap/src/test/java/org/apache/metron/pcap/utils/PcapUtilsTest.java b/metron-platform/metron-pcap/src/test/java/org/apache/metron/pcap/utils/PcapUtilsTest.java
index 39fa5fd..5704d76 100644
--- a/metron-platform/metron-pcap/src/test/java/org/apache/metron/pcap/utils/PcapUtilsTest.java
+++ b/metron-platform/metron-pcap/src/test/java/org/apache/metron/pcap/utils/PcapUtilsTest.java
@@ -17,7 +17,7 @@
*/
package org.apache.metron.pcap.utils;
-import junit.framework.Assert;
+import org.junit.Assert;
import org.junit.Test;
public class PcapUtilsTest {