Thanasis Naskos / CUREX - Knowledge Extraction Analytics - KEA

Download as
Browse Code ยป

Commit 3958306236de2e3c11e6ce05173a24af232fa355

Authored by George Vlahavas
1 parent 4bc5b88f0a
Exists in master and in 2 other branches new_mltd_model, new_model_rabbitmq_server

Add MLTD integration test for XLSIEM

Showing 4 changed files with 67 additions and 4 deletions

kea_integration.groovy View file @ 3958306
... ... @@ -33,13 +33,41 @@
33 33 String token = sh(label: "get_keycloak_token", script: "curl -s -X POST $KEYCLOAK_URL -H 'Content-Type: application/x-www-form-urlencoded' -d 'username=$USER' -d 'password=$PASSWORD' -d 'grant_type=password' -d 'client_id=$CLIENT_ID' | sed 's/.*access_token\":\"//g' | sed 's/\".*//g'", returnStdout: true)
34 34  
35 35 String testName = "KEA_TIE_I001"
36   - String url = "$APP_URL/api/v1/od/start"
  36 +
  37 + // MLTD
  38 + String url = "$APP_URL/api/v1/mltd/start"
37 39 String responseCode = sh(label: testName, script: "curl -m 10 -sL -w '%{http_code}' -H 'Authorization: Bearer $token' -H 'Accept: application/json, text/plain, */*' $url", returnStdout: true)
38 40 echo responseCode
39 41 if (!responseCode.endsWith('200')) {
40 42 error("$testName: Returned status code = $responseCode when calling $url")
41 43 }
42   - String processId = responseCode.split(",")[1].split(":")[1].split('"')[1];
  44 + String processId = responseCode.split(",")[1].split(":")[1];
  45 + url = "$APP_URL/api/v1/xlsiem"
  46 + responseCode = sh(label: testName, script: "curl -m 10 -sL -w '%{http_code}' -H 'Authorization: Bearer $token' -F file=@pcap-data/mltd1-unix.json $url -o /dev/null", returnStdout: true)
  47 + echo responseCode
  48 + if (responseCode != '200') {
  49 + error("$testName: Returned status code = $responseCode when calling $url")
  50 + }
  51 + responseCode = sh(label: testName, script: "curl -m 10 -sL -w '%{http_code}' -H 'Authorization: Bearer $token' -F file=@pcap-data/mltd2-unix.json $url -o /dev/null", returnStdout: true)
  52 + echo responseCode
  53 + if (responseCode != '200') {
  54 + error("$testName: Returned status code = $responseCode when calling $url")
  55 + }
  56 + url = "$APP_URL/api/v1/mltd/stop/$processId"
  57 + responseCode = sh(label: testName, script: "curl -m 10 -sLI -w '%{http_code}' -H 'Authorization: Bearer $token' -H 'Accept: application/json, text/plain, */*' $url -o /dev/null", returnStdout: true)
  58 + echo responseCode
  59 + if (responseCode != '200') {
  60 + error("$testName: Returned status code = $responseCode when calling $url")
  61 + }
  62 +
  63 + // OD
  64 + url = "$APP_URL/api/v1/od/start"
  65 + responseCode = sh(label: testName, script: "curl -m 10 -sL -w '%{http_code}' -H 'Authorization: Bearer $token' -H 'Accept: application/json, text/plain, */*' $url", returnStdout: true)
  66 + echo responseCode
  67 + if (!responseCode.endsWith('200')) {
  68 + error("$testName: Returned status code = $responseCode when calling $url")
  69 + }
  70 + processId = responseCode.split(",")[1].split(":")[1].split('"')[1];
43 71 url = "$APP_URL/api/v1/od/analyze/$processId"
44 72 responseCode = sh(label: testName, script: "curl -m 10 -sL -w '%{http_code}' -H 'Authorization: Bearer $token' -F file=@pcap-data/big.pcap $url -o /dev/null", returnStdout: true)
45 73 echo responseCode
pcap-data/README.md View file @ 3958306
1   -# PCAP data
  1 +# PCAP and JSON data files
2 2  
3 3 These are some PCAP files with network traffic that can be used to test
4   -KEA functionality.
  4 +KEA functionality, along with JSON files for submitting to the different
  5 +modules of KEA for testing.
pcap-data/mltd1-unix.json View file @ 3958306
  1 +{
  2 + "asset_id": "server",
  3 + "timestamp": "1622215320",
  4 + "event_alarm": [
  5 + {
  6 + "event_alarm_id": "danger",
  7 + "event_alarm_char": "danger",
  8 + "name": "danger",
  9 + "source_ip": "192.168.1.1",
  10 + "source_port": 1234,
  11 + "destination_ip": "192.168.1.50",
  12 + "destination_port": 1231,
  13 + "priority": 0,
  14 + "confidence": 0
  15 + }
  16 + ]
  17 +}
pcap-data/mltd2-unix.json View file @ 3958306
  1 +{
  2 + "asset_id": "server",
  3 + "timestamp": "1622215320",
  4 + "event_alarm": [
  5 + {
  6 + "event_alarm_id": "danger",
  7 + "event_alarm_char": "danger",
  8 + "name": "danger",
  9 + "source_ip": "192.168.1.1",
  10 + "source_port": 1234,
  11 + "destination_ip": "192.168.1.50",
  12 + "destination_port": 1231,
  13 + "priority": 0,
  14 + "confidence": 0
  15 + }
  16 + ]
  17 +}