@SuppressWarnings("unchecked") @Test public void testParseInvalidVersionMessage() throws ParseException { final String invalidLengthMessage = "1,2017/08/11 12:37:58,008900008659,CONFIG,0,1,2017/08/11 11:37:58,192.168.14.162,vsys1,edit,admin,Web,Succeeded, config shared log-settings config"; JSONObject actual = parser.parse(invalidLengthMessage.getBytes()).get(0); String expectedParserVersion = actual.get(BasicPaloAltoFirewallParser.ParserVersion).toString(); assertEquals(expectedParserVersion, "0"); } }
@SuppressWarnings("rawtypes") @Test public void testTimestampParsing() throws ParseException { JSONObject parsed = parser.parse(fireeyeMessage.getBytes()).get(0); JSONParser parser = new JSONParser(); Map json = (Map) parser.parse(parsed.toJSONString()); long expectedTimestamp = ZonedDateTime.of(Year.now(ZoneOffset.UTC).getValue(), 3, 19, 5, 24, 39, 0, ZoneOffset.UTC).toInstant().toEpochMilli(); Assert.assertEquals(expectedTimestamp, json.get("timestamp")); } }
@SuppressWarnings("unchecked") @Test public void testParseInvalidLogTypeMessage() throws ParseException { final String unsupportedLogTypeMessage = "1,2017/08/11 12:37:58,008900008659,INVALIDlogType,0,1,2017/08/11 11:37:58,192.168.14.162,vsys1,edit,admin,Web,Succeeded, config shared log-settings config,1354,0x0"; List<JSONObject> actual = parser.parse(unsupportedLogTypeMessage.getBytes()); assertNull(actual); }
@SuppressWarnings("unchecked") @Test public void testParseConfig61NoCustomFields() throws ParseException { final String CONFIG_61_customFields = "1,2017/08/11 12:37:58,008900008659,CONFIG,0,1,2017/08/11 11:37:58,192.168.14.162,vsys1,edit,admin,Web,Succeeded, config shared log-settings config,1354,0x0"; JSONObject actual = parser.parse(CONFIG_61_customFields.getBytes()).get(0); JSONObject expected = new JSONObject(); expected.put(BasicPaloAltoFirewallParser.PaloAltoDomain, "1"); expected.put(BasicPaloAltoFirewallParser.ReceiveTime, "2017/08/11 12:37:58"); expected.put(BasicPaloAltoFirewallParser.SerialNum, "008900008659"); expected.put(BasicPaloAltoFirewallParser.Type, "CONFIG"); expected.put(BasicPaloAltoFirewallParser.ThreatContentType, "0"); expected.put(BasicPaloAltoFirewallParser.ConfigVersion, "1"); expected.put(BasicPaloAltoFirewallParser.GenerateTime, "2017/08/11 11:37:58"); expected.put(BasicPaloAltoFirewallParser.HOST, "192.168.14.162"); expected.put(BasicPaloAltoFirewallParser.VirtualSystem, "vsys1"); expected.put(BasicPaloAltoFirewallParser.Command, "edit"); expected.put(BasicPaloAltoFirewallParser.Admin, "admin"); expected.put(BasicPaloAltoFirewallParser.Client, "Web"); expected.put(BasicPaloAltoFirewallParser.Result, "Succeeded"); expected.put(BasicPaloAltoFirewallParser.ConfigurationPath, "config shared log-settings config"); expected.put(BasicPaloAltoFirewallParser.Seqno, "1354"); expected.put(BasicPaloAltoFirewallParser.ActionFlags, "0x0"); expected.put(BasicPaloAltoFirewallParser.ParserVersion, 61); expected.put("original_string", CONFIG_61_customFields); expected.put("timestamp", actual.get("timestamp")); assertEquals(expected, actual); }
@SuppressWarnings("unchecked") @Test public void testParseConfig61CustomFields() throws ParseException { final String CONFIG_61_noCustomFields = "1,2017/08/11 12:37:58,008900008659,CONFIG,0,1,2017/08/11 11:37:58,192.168.14.162,vsys1,edit,admin,Web,Succeeded, config shared log-settings config,1354,0x0,/FatherNode/KidNode/GrandsonNode1,/FatherNode/KidNode/GrandsonNode2"; JSONObject actual = parser.parse(CONFIG_61_noCustomFields.getBytes()).get(0); JSONObject expected = new JSONObject(); expected.put(BasicPaloAltoFirewallParser.PaloAltoDomain, "1"); expected.put(BasicPaloAltoFirewallParser.ReceiveTime, "2017/08/11 12:37:58"); expected.put(BasicPaloAltoFirewallParser.SerialNum, "008900008659"); expected.put(BasicPaloAltoFirewallParser.Type, "CONFIG"); expected.put(BasicPaloAltoFirewallParser.ThreatContentType, "0"); expected.put(BasicPaloAltoFirewallParser.ConfigVersion, "1"); expected.put(BasicPaloAltoFirewallParser.GenerateTime, "2017/08/11 11:37:58"); expected.put(BasicPaloAltoFirewallParser.HOST, "192.168.14.162"); expected.put(BasicPaloAltoFirewallParser.VirtualSystem, "vsys1"); expected.put(BasicPaloAltoFirewallParser.Command, "edit"); expected.put(BasicPaloAltoFirewallParser.Admin, "admin"); expected.put(BasicPaloAltoFirewallParser.Client, "Web"); expected.put(BasicPaloAltoFirewallParser.Result, "Succeeded"); expected.put(BasicPaloAltoFirewallParser.ConfigurationPath, "config shared log-settings config"); expected.put(BasicPaloAltoFirewallParser.Seqno, "1354"); expected.put(BasicPaloAltoFirewallParser.ActionFlags, "0x0"); expected.put(BasicPaloAltoFirewallParser.BeforeChangeDetail, "/FatherNode/KidNode/GrandsonNode1"); expected.put(BasicPaloAltoFirewallParser.AfterChangeDetail, "/FatherNode/KidNode/GrandsonNode2"); expected.put(BasicPaloAltoFirewallParser.ParserVersion, 61); expected.put("original_string", CONFIG_61_noCustomFields); expected.put("timestamp", actual.get("timestamp")); assertEquals(expected, actual); }
@SuppressWarnings({"rawtypes", "unused"}) @Test public void testParse() throws ParseException { for (String inputString : inputStrings) { byte[] srcBytes = inputString.getBytes(); JSONObject parsed = parser.parse(inputString.getBytes()).get(0); Assert.assertNotNull(parsed); JSONParser parser = new JSONParser(); Map json = (Map) parser.parse(parsed.toJSONString()); for (Object o : json.entrySet()) { Entry entry = (Entry) o; String key = (String) entry.getKey(); String value = json.get("original_string").toString(); Assert.assertNotNull(value); } } } }
@Test public void testParse() throws ParseException, IOException, ProcessingException { for (String inputString : inputStrings) { JSONObject parsed = parser.parse(inputString.getBytes()).get(0); Assert.assertNotNull(parsed); JSONParser parser = new JSONParser(); Map<?, ?> json = (Map<?, ?>) parser.parse(parsed.toJSONString()); Assert.assertTrue(validateJsonData(getSchemaJsonString(), json.toString())); } } }
@SuppressWarnings("unchecked") @Test public void testParseSystem61() throws ParseException { final String SYSTEM_61 = "1,2017/08/11 12:37:58,008900008659,SYSTEM,general,1,2017/08/11 11:37:58,vsys1,eventId_test,object_test,Futureuse1_test,futureuse2_test,management,high,Description_test,1354,0x0"; JSONObject actual = parser.parse(SYSTEM_61.getBytes()).get(0); JSONObject expected = new JSONObject(); expected.put(BasicPaloAltoFirewallParser.PaloAltoDomain, "1"); expected.put(BasicPaloAltoFirewallParser.ReceiveTime, "2017/08/11 12:37:58"); expected.put(BasicPaloAltoFirewallParser.SerialNum, "008900008659"); expected.put(BasicPaloAltoFirewallParser.Type, "SYSTEM"); expected.put(BasicPaloAltoFirewallParser.ThreatContentType, "general"); expected.put(BasicPaloAltoFirewallParser.ConfigVersion, "1"); expected.put(BasicPaloAltoFirewallParser.GenerateTime, "2017/08/11 11:37:58"); expected.put(BasicPaloAltoFirewallParser.VirtualSystem, "vsys1"); expected.put(BasicPaloAltoFirewallParser.EventId, "eventId_test"); expected.put(BasicPaloAltoFirewallParser.Object, "object_test"); expected.put(BasicPaloAltoFirewallParser.Module, "management"); expected.put(BasicPaloAltoFirewallParser.Severity, "high"); expected.put(BasicPaloAltoFirewallParser.Description, "Description_test"); expected.put(BasicPaloAltoFirewallParser.Seqno, "1354"); expected.put(BasicPaloAltoFirewallParser.ActionFlags, "0x0"); expected.put(BasicPaloAltoFirewallParser.ParserVersion, 61); expected.put("original_string", SYSTEM_61); expected.put("timestamp", actual.get("timestamp")); assertEquals(expected, actual); }
final String SYSTEM_80 = "1,2017/08/11 12:37:58,008900008659,SYSTEM,general,1,2017/08/11 11:37:58,vsys1,eventId_test,object_test,Futureuse1_test,futureuse2_test,management,high,Description_test,1354,0x0,12,34,45,0,virSys1,dev-something200-01"; JSONObject actual = parser.parse(SYSTEM_80.getBytes()).get(0);
@Test public void testParse() throws org.json.simple.parser.ParseException, IOException, ProcessingException { for (String inputString : inputStrings) { JSONObject parsed = parser.parse(inputString.getBytes()).get(0); Assert.assertNotNull(parsed); JSONParser parser = new JSONParser(); Map<?, ?> json = (Map<?, ?>) parser.parse(parsed.toJSONString()); Assert.assertTrue(validateJsonData(getSchemaJsonString(), json.toString())); } } }
final String CONFIG_70_80_noCustomFields = "1,2017/08/11 12:37:58,008900008659,CONFIG,0,1,2017/08/11 11:37:58,192.168.14.162,vsys1,edit,admin,Web,Succeeded, config shared log-settings config,1354,0x0,12,34,45,0,virSys1,dev-something200-01"; JSONObject actual = parser.parse(CONFIG_70_80_noCustomFields.getBytes()).get(0);
@SuppressWarnings({"rawtypes"}) @Test public void testParse() throws ParseException { for (String inputString : inputStrings) { JSONObject parsed = parser.parse(inputString.getBytes()).get(0); Assert.assertNotNull(parsed); JSONParser parser = new JSONParser(); Map json = (Map) parser.parse(parsed.toJSONString()); Assert.assertNotNull(json); Assert.assertFalse(json.isEmpty()); for (Object o : json.entrySet()) { Entry entry = (Entry) o; String key = (String) entry.getKey(); String value = json.get(key).toString(); Assert.assertNotNull(value); } } }
final String CONFIG_70_80_customFields = "1,2017/08/11 12:37:58,008900008659,CONFIG,0,1,2017/08/11 11:37:58,192.168.14.162,vsys1,edit,admin,Web,Succeeded,config shared log-settings config,/FatherNode/KidNode/GrandsonNode1,/FatherNode/KidNode/GrandsonNode2,1354,0x0,12,34,45,0,virSys1,dev-something200-01"; JSONObject actual = parser.parse(CONFIG_70_80_customFields.getBytes()).get(0);
@SuppressWarnings("unchecked") @Test public void testParseThreat60() throws ParseException { JSONObject actual = parser.parse(THREAT_60.getBytes()).get(0);
@SuppressWarnings("unchecked") @Test public void testParseTraffic60() throws ParseException { JSONObject actual = parser.parse(TRAFFIC_60.getBytes()).get(0);
@SuppressWarnings("unchecked") @Test public void testParseThreat71() throws ParseException { JSONObject actual = parser.parse(THREAT_71.getBytes()).get(0);
@SuppressWarnings("unchecked") @Test public void testParseTraffic71() throws ParseException { JSONObject actual = parser.parse(TRAFFIC_71.getBytes()).get(0);
@SuppressWarnings("unchecked") @Test public void testParseThreat70() throws ParseException { JSONObject actual = parser.parse(THREAT_70.getBytes()).get(0);
@SuppressWarnings("unchecked") @Test public void testParseTraffic70() throws ParseException { JSONObject actual = parser.parse(TRAFFIC_70.getBytes()).get(0);
@SuppressWarnings("unchecked") @Test public void testParseTraffic80() throws ParseException { JSONObject actual = parser.parse(TRAFFIC_80.getBytes()).get(0);