Package org.jwall.web.audit

Source Code of org.jwall.web.audit.RuleIDParseTest

/*
*  Copyright (C) 2007-2014 Christian Bockermann <chris@jwall.org>
*
*  This file is part of the  web-audit  library.
*
*  web-audit library is free software; you can redistribute it and/or modify
*  it under the terms of the GNU General Public License as published by
*  the Free Software Foundation; either version 3 of the License, or
*  (at your option) any later version.
*
*  The  web-audit  library is distributed in the hope that it will be useful,
*  but WITHOUT ANY WARRANTY; without even the implied warranty of
*  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
*  GNU General Public License for more details.
*
*  You should have received a copy of the GNU General Public License
*  along with this program.  If not, see <http://www.gnu.org/licenses/>.
*
*/
package org.jwall.web.audit;


import java.io.File;
import java.net.URL;

import junit.framework.Assert;

import org.junit.Before;
import org.junit.Test;
import org.jwall.web.audit.io.AuditEventReader;
import org.jwall.web.audit.io.ModSecurity2AuditReader;
import org.jwall.web.audit.rules.AuditEventRule;
import org.jwall.web.audit.rules.MockAction;
import org.jwall.web.audit.rules.operators.ConditionEQ;
import org.jwall.web.audit.test.ParserBugConsole8Test;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class RuleIDParseTest {
 
  static Logger log = LoggerFactory.getLogger( RuleIDParseTest.class );
  AuditEvent event;
 
  @Before
  public void setUp() throws Exception {
    URL url = ParserBugConsole8Test.class.getResource( "/CONSOLE-58-audit.log" );
        log.info( "Audit-ScriptEvent-Log: {}", url );
    AuditEventReader reader = new ModSecurity2AuditReader( url.openStream() );
    event = reader.readNext();
    Assert.assertNotNull( event );
  }

 
  @Test
  public void testRuleID() throws Exception {
    AuditEventRule rule = new AuditEventRule();
    rule.add( new ConditionEQ( "RULE_ID", "960015" ) );
    rule.add( new MockAction() );
    Assert.assertTrue( rule.matches( event, null ) );
  }
 
  @Test
  public void testRuleID2() throws Exception {
   
    File test = new File( "/Users/chris/audit/larry-bugs/rule-id-audit.log" );
    if( test.canRead() ){
      AuditEventReader reader = new ModSecurity2AuditReader( test );
      event = reader.readNext();
      log.info( "ScriptEvent is: {}", event.getEventId() );
      AuditEventRule rule = new AuditEventRule();
      rule.add( new ConditionEQ( "RULE_ID", "113" ) );
      rule.add( new MockAction() );
      Assert.assertTrue( rule.matches( event, null ) );
    }   
  }
}
TOP

Related Classes of org.jwall.web.audit.RuleIDParseTest

TOP
Copyright © 2018 www.massapi.com. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.