mentat.reports.test_event module

Unit test module for testing the mentat.reports.event module.

class mentat.reports.test_event.TestMentatReportsEvent(methodName='runTest')[source]

Bases: unittest.case.TestCase

Unit test class for testing the mentat.reports.event module.

ideas_obj = [Idea({'Description': 'Synthetic example 01', 'ID': 'msg01', '_CESNET': CESNETDict({'ResolvedAbuses': ResolvedAbusesList(['abuse@cesnet.cz']), 'EventSeverity': 'low', 'EventClass': 'class01'}), 'Format': 'IDEA0', 'DetectTime': datetime.datetime(2018, 1, 1, 12, 0), 'Target': TargetList([SourceTargetDict({'Proto': ProtocolName(['https']), 'IP6': Net6([IP6Net('2001:ffff::ff00:42:0/112')]), 'IP4': Net4([IP4Net('10.2.2.0/24')])})]), 'Source': SourceList([SourceTargetDict({'Proto': ProtocolName(['ssh']), 'IP6': Net6([IP6Net('2001:db8::ff00:42:0/112')]), 'IP4': Net4([IP4Range('192.168.0.2-192.168.0.5'), IP4Net('192.168.0.0/25'), IP4('10.0.0.1')])})]), 'Category': EventTag(['Fraud.Phishing']), 'Node': NodeList([NodeDict({'Name': 'org.example.kippo_honey', 'SW': String(['Kippo'])})])}), Idea({'Description': 'Synthetic example 02', 'ID': 'msg02', 'Note': 'Test note containing ; CSV delimiter.', '_CESNET': CESNETDict({'ResolvedAbuses': ResolvedAbusesList(['abuse@cesnet.cz']), 'EventSeverity': 'low', 'EventClass': 'anomaly-traffic'}), 'Format': 'IDEA0', 'DetectTime': datetime.datetime(2018, 1, 1, 13, 0), 'Target': TargetList([SourceTargetDict({'IP6': Net6([IP6Net('2004:ffff::ff00:42:0/112')]), 'IP4': Net4([IP4Net('11.2.2.0/24')])})]), 'Source': SourceList([SourceTargetDict({'IP6': Net6([IP6Net('2002:db8::ff00:42:0/112')]), 'IP4': Net4([IP4Range('192.168.1.2-192.168.1.5'), IP4Net('192.169.0.0/25'), IP4('10.0.0.1')])})]), 'Category': EventTag(['Recon.Scanning']), 'Node': NodeList([NodeDict({'Name': 'org.example.dionaea', 'SW': String(['Dionaea'])})])})]
ideas_raw = [{'Description': 'Synthetic example 01', 'ID': 'msg01', '_CESNET': {'ResolvedAbuses': ['abuse@cesnet.cz'], 'EventSeverity': 'low', 'EventClass': 'class01'}, 'Format': 'IDEA0', 'DetectTime': '2018-01-01T12:00:00Z', 'Target': [{'Proto': ['https'], 'IP6': ['2001:ffff::ff00:42:0/112'], 'IP4': ['10.2.2.0/24']}], 'Source': [{'Proto': ['ssh'], 'IP6': ['2001:db8::ff00:42:0/112'], 'IP4': ['192.168.0.2-192.168.0.5', '192.168.0.0/25', '10.0.0.1']}], 'Category': ['Fraud.Phishing'], 'Node': [{'Name': 'org.example.kippo_honey', 'SW': ['Kippo']}]}, {'Description': 'Synthetic example 02', 'ID': 'msg02', 'Note': 'Test note containing ; CSV delimiter.', '_CESNET': {'ResolvedAbuses': ['abuse@cesnet.cz'], 'EventSeverity': 'low', 'EventClass': 'anomaly-traffic'}, 'Format': 'IDEA0', 'DetectTime': '2018-01-01T13:00:00Z', 'Target': [{'IP6': ['2004:ffff::ff00:42:0/112'], 'IP4': ['11.2.2.0/24']}], 'Source': [{'IP6': ['2002:db8::ff00:42:0/112'], 'IP4': ['192.168.1.2-192.168.1.5', '192.169.0.0/25', '10.0.0.1']}], 'Category': ['Recon.Scanning'], 'Node': [{'Name': 'org.example.dionaea', 'SW': ['Dionaea']}]}]
setUp()[source]

Perform test case setup.

tearDown()[source]

Hook method for deconstructing the test fixture after testing it.

test_01_csv_dict()[source]

Test mentat.reports.event.csv_dict() function.

test_02_save_to_json_files()[source]

Test mentat.reports.event.EventReporter._save_to_json_files() function.

test_03_save_to_csv_files()[source]

Test mentat.reports.event.EventReporter._save_to_csv_files() function.

test_04_save_to_files()[source]

Test mentat.reports.event.EventReporter._save_to_files() function.

test_05_aggr_events_by_source()[source]

Test mentat.reports.event.EventReporter.aggregate_events_by_source() function.

test_06_aggr_events_for_summary()[source]

Test mentat.reports.event.EventReporter.aggregate_events_for_summary() function.

test_07_aggr_events_for_extra()[source]

Test mentat.reports.event.EventReporter.aggregate_events_for_extra() function.

test_08_filter_events()[source]

Test mentat.reports.event.EventReporter.filter_events function.

test_09_fetch_severity_events()[source]

Test mentat.reports.event.EventReporter.fetch_severity_events function.

test_10_j2t_idea_path_valueset()[source]

Test mentat.reports.event.EventReporter.j2t_idea_path_valueset function.

test_11_render_report_summary()[source]

Test mentat.reports.event.EventReporter.render_report_summary function.

test_12_render_report_extra()[source]

Test mentat.reports.event.EventReporter.render_report_extra function.

verbose = True