mentat.reports.test_event module

Unit test module for testing the mentat.reports.event module.

class mentat.reports.test_event.TestMentatReportsEvent(methodName='runTest')[source]

Bases: TestCase

Unit test class for testing the mentat.reports.event module.

ideas_obj = [Idea({'Format': 'IDEA0', 'ID': 'msg01', 'DetectTime': datetime.datetime(2018, 1, 1, 12, 0), 'Category': EventTag(['Fraud.Phishing']), 'Description': 'Synthetic example 01', 'Source': SourceList([SourceTargetDict({'IP4': Net4([IP4Range('192.168.0.2-192.168.0.5'), IP4Net('192.168.0.0/25'), IP4('10.0.0.1')]), 'IP6': Net6([IP6Net('2001:db8::ff00:42:0/112')]), 'Proto': ProtocolName(['ssh'])})]), 'Target': TargetList([SourceTargetDict({'IP4': Net4([IP4Net('10.2.2.0/24')]), 'IP6': Net6([IP6Net('2001:ffff::ff00:42:0/112')]), 'Proto': ProtocolName(['https'])})]), 'Node': NodeList([NodeDict({'Name': 'org.example.kippo_honey', 'SW': String(['Kippo'])})]), '_Mentat': MentatDict({'ResolvedAbuses': ResolvedAbusesList(['abuse@cesnet.cz']), 'EventClass': 'class01', 'EventSeverity': 'low'})}), Idea({'Format': 'IDEA0', 'ID': 'msg02', 'DetectTime': datetime.datetime(2018, 1, 1, 13, 0), 'Category': EventTag(['Recon.Scanning']), 'Description': 'Synthetic example 02', 'Source': SourceList([SourceTargetDict({'IP4': Net4([IP4Range('10.0.1.2-10.0.1.5'), IP4Net('10.0.0.0/25'), IP4Net('10.0.0.0/22'), IP4('10.0.2.1')]), 'IP6': Net6([IP6Net('2002:db8::ff00:42:0/112')])})]), 'Target': TargetList([SourceTargetDict({'IP4': Net4([IP4Net('11.2.2.0/24')]), 'IP6': Net6([IP6Net('2004:ffff::ff00:42:0/112')])})]), 'Node': NodeList([NodeDict({'Name': 'org.example.dionaea', 'SW': String(['Dionaea'])})]), 'Note': 'Test note containing ; CSV delimiter.', '_Mentat': MentatDict({'ResolvedAbuses': ResolvedAbusesList(['abuse@cesnet.cz']), 'EventClass': 'anomaly-traffic', 'EventSeverity': 'low'})})]
ideas_raw = [{'Format': 'IDEA0', 'ID': 'msg01', 'DetectTime': '2018-01-01T12:00:00Z', 'Category': ['Fraud.Phishing'], 'Description': 'Synthetic example 01', 'Source': [{'IP4': ['192.168.0.2-192.168.0.5', '192.168.0.0/25', '10.0.0.1'], 'IP6': ['2001:db8::ff00:42:0/112'], 'Proto': ['ssh']}], 'Target': [{'IP4': ['10.2.2.0/24'], 'IP6': ['2001:ffff::ff00:42:0/112'], 'Proto': ['https']}], 'Node': [{'Name': 'org.example.kippo_honey', 'SW': ['Kippo']}], '_Mentat': {'ResolvedAbuses': ['abuse@cesnet.cz'], 'EventClass': 'class01', 'EventSeverity': 'low'}}, {'Format': 'IDEA0', 'ID': 'msg02', 'DetectTime': '2018-01-01T13:00:00Z', 'Category': ['Recon.Scanning'], 'Description': 'Synthetic example 02', 'Source': [{'IP4': ['10.0.1.2-10.0.1.5', '10.0.0.0/25', '10.0.0.0/22', '10.0.2.1'], 'IP6': ['2002:db8::ff00:42:0/112']}], 'Target': [{'IP4': ['11.2.2.0/24'], 'IP6': ['2004:ffff::ff00:42:0/112']}], 'Node': [{'Name': 'org.example.dionaea', 'SW': ['Dionaea']}], 'Note': 'Test note containing ; CSV delimiter.', '_Mentat': {'ResolvedAbuses': ['abuse@cesnet.cz'], 'EventClass': 'anomaly-traffic', 'EventSeverity': 'low'}}]
setUp()[source]

Perform test case setup.

tearDown()[source]

Hook method for deconstructing the test fixture after testing it.

template_vars = {'admin_email': 'EMAIL2', 'contact_email': 'EMAIL1', 'default_event_class': 'default', 'report_access_url': 'https://URL/view='}
test_01_save_to_json_files()[source]

Test mentat.reports.event.EventReporter._save_to_json_files() function.

test_02_save_to_files()[source]

Test mentat.reports.event.EventReporter._save_to_files() function.

test_03_filter_events()[source]

Test mentat.reports.event.EventReporter.filter_events function.

test_04_fetch_severity_events()[source]

Test mentat.reports.event.EventReporter.fetch_severity_events function.

test_05_j2t_idea_path_valueset()[source]

Test mentat.reports.event.EventReporter.j2t_idea_path_valueset function.

test_06_render_report_summary()[source]

Test mentat.reports.event.EventReporter.render_report_summary function.

test_07_render_report_extra()[source]

Test mentat.reports.event.EventReporter.render_report_extra function.

test_08_filter_events_by_credibility()[source]

Test mentat.reports.event.EventReporter.filter_events_by_credibility function.

verbose = False