Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix 'tests_scan_results' tests in 4.2 #1567

Closed
7 tasks
damarisg opened this issue Jul 6, 2021 · 6 comments
Closed
7 tasks

Fix 'tests_scan_results' tests in 4.2 #1567

damarisg opened this issue Jul 6, 2021 · 6 comments
Assignees
@damarisg @pereyra-m @mdengra
Labels
feature/vuln-detector

Comments

@damarisg
Copy link
Member

damarisg commented Jul 6, 2021
edited

Issue information

Related issue
Closes #1531

When it comes to starting with the test fix, there is some information that can help you:

Module: Vulnerability Detector
Support Team:  "binary beasts"
Target: Manager   
OS: Linux

I add some information obtained while researched the logs that failed.

This issue contains differents tests that are related to the same error.

In this case, there are 4 cases because the method affected is the same and the error too. We believe that when solving one of the cases, the same fix could be applied to the other cases.

Case 1:

Type Description
Test Path test_scan_results/test_macos_inventory
Consistent yes
Test Execution 3/3 executions failed
Cases macos_scan_configuration-MAC0
macos_scan_configuration-MAC1
Cases Fails 2
Summary On test_macos_vulnerabilities_report when check_vulnerability_scan_event is called. it requires research to know if there is a problem with parser error or if we don't detect log.
Error message "Could not find the report which says that the package {package} is vulnerable with {cve}"

Case 2:

Type Description
Test Path test_scan_results/test_scan_different_cves
Consistent yes
Test Execution 3/3 executions failed
Cases Fails 9
Summary On test_vulnerabilities_report when check_vulnerability_scan_event is called. it requires research to know if there is a problem with parser error or if we don't detect log.
Error message "Could not find the report which says that the package {package} is vulnerable with {cve}"

Case 3:

Type Description
Test Path test_scan_results/test_scan_nvd_feed
Consistent yes
Test Execution 3/3 executions failed
Cases Fails 13
Summary On test_vulnerabilities_report when check_vulnerability_scan_event is called. it requires research to know if there is a problem with parser error or if we don't detect log.
Error message "Could not find the report which says that the package {package} is vulnerable with {cve}"

Case 4:

Type Description
Test Path test_scan_results/test_scan_providers_and_nvd_feed
Consistent yes
Test Execution 3/3 executions failed
Cases Fails 9
Summary On test_vulnerabilities_report when check_vulnerability_scan_event is called. it requires research to know if there is a problem with parser error or if we don't detect log.
Error message "Could not find the report which says that the package {package} is vulnerable with {cve}"

In order to finish this issue the following tasks should be fulfilled:

  • Research of fails.
  • Apply Fix
  • Full Green/ Full Yellow in test_scan_results/test_macos_inventory for 3 times.
  • Full Green/ Full Yellow in test_scan_results/test_scan_different_cves for 3 times.
  • Full Green/ Full Yellow in test_scan_results/test_scan_nvd_feed for 3 times.
  • Full Green/ Full Yellow in test_scan_results/test_scan_providers_and_nvd_feed for 3 times.
  • Documentation of any important change done for these tests or the used tools.
@damarisg damarisg mentioned this issue Jul 6, 2021
Closed
34 tasks
@damarisg damarisg changed the title Fix 'tests_scan_results` tests in 4.2 Fix tests_scan_results tests in 4.2 Jul 6, 2021
@damarisg damarisg changed the title Fix tests_scan_results tests in 4.2 Fix 'tests_scan_results' tests in 4.2 Jul 6, 2021
@pereyra-m pereyra-m self-assigned this Jul 14, 2021
@pereyra-m
Copy link
Member

These are the results for the different cases, all of them with sca, syscollector and rootcheck disabled

Case 1

Results for test_scan_results/test_macos_inventory.py

Test Executions Date By Status
test_macos_inventory_modules_off_1.log 2021-07-14 Matias 🟢
test_macos_inventory_modules_off_2.log 2021-07-14 Matias 🟢
test_macos_inventory_modules_off_3.log 2021-07-14 Matias 🟢

Case 2

Results for test_scan_results/test_scan_different_cves.py

Test Executions Date By Status
test_scan_different_cves_modules_off_1.log 2021-07-14 Matias 🟢
test_scan_different_cves_modules_off_2.log 2021-07-14 Matias 🟢
test_scan_different_cves_modules_off_3.log 2021-07-14 Matias 🟢

Case 3

Results for test_scan_results/test_scan_nvd_feed.py

Test Executions Date By Status
test_scan_nvd_feed_modules_off_1.log 2021-07-14 Matias 🟢
test_scan_nvd_feed_modules_off_2.log 2021-07-14 Matias 🟢
test_scan_nvd_feed_modules_off_3.log 2021-07-14 Matias 🟢

Case 4

Results for test_scan_results/test_scan_providers_and_nvd_feed.py

Test Executions Date By Status
test_scan_providers_and_nvd_feed_modules_off_1.log 2021-07-14 Matias 🟢
test_scan_providers_and_nvd_feed_modules_off_2.log 2021-07-14 Matias 🟢
test_scan_providers_and_nvd_feed_modules_off_3.log 2021-07-14 Matias 🟢

@damarisg
Copy link
Member Author

Results when disabling modules: sca, syscollector and rootcheck.

Case 1

Results for test_scan_results/test_macos_inventory.py

Test Executions Date By Status
Resul1.log 2021-07-15 Seyla 🟡
Resul2.log 2021-07-15 Seyla 🟢
Resul3.log 2021-07-15 Seyla 🟢

Case 2

Results for test_scan_results/test_scan_different_cves.py

Test Executions Date By Status
Resul1.log 2021-07-15 Seyla 🟢
Resul2.log 2021-07-15 Seyla 🟢
Resul3.log 2021-07-15 Seyla 🟢

Case 3

Results for test_scan_results/test_scan_nvd_feed.py

Test Executions Date By Status
ScanNVD.log 2021-07-15 Seyla 🟢
ScanNVD2.log 2021-07-15 Seyla 🟢
ScanNVD3.log 2021-07-15 Seyla 🟢

Case 4

Results for test_scan_results/test_scan_providers_and_nvd_feed.py

Test Executions Date By Status
ScanProvNVD1.log 2021-07-15 Seyla 🟢
ScanProvNVD2.log 2021-07-15 Seyla 🟢
ScanProvNVD3.log 2021-07-15 Seyla 🟢

@mdengra
Copy link
Contributor

mdengra commented Jul 15, 2021

2021-07-15

Test results with the modules sca, syscollector and rootcheck modules disabled in the ossec.conf:

Case 1

Test Executions Date By Status
test_macos_inventory_local_dm_r1.log 2021-07-15 Miguel 🟡
test_macos_inventory_local_dm_r2.log 2021-07-15 Miguel 🟡
test_macos_inventory_local_dm_r3.log 2021-07-15 Miguel 🟡

Case 2

Test Executions Date By Status
test_scan_different_cves_local_dm_r1.log 2021-07-15 Miguel 🟡
test_scan_different_cves_local_dm_r2.log 2021-07-15 Miguel 🟡
test_scan_different_cves_local_dm_r3.log 2021-07-15 Miguel 🟡

Case 3

Test Executions Date By Status
test_scan_nvd_feed_local_dm_r1.log 2021-07-15 Miguel 🟡
test_scan_nvd_feed_local_dm_r2.log 2021-07-15 Miguel 🟡
test_scan_nvd_feed_local_dm_r3.log 2021-07-15 Miguel 🟡

Case 4

Test Executions Date By Status
test_scan_providers_and_nvd_feed_local_dm_r1.log 2021-07-15 Miguel 🟡
test_scan_providers_and_nvd_feed_local_dm_r2.log 2021-07-15 Miguel 🟡
test_scan_providers_and_nvd_feed_local_dm_r3.log 2021-07-15 Miguel 🟡

This was referenced Jul 19, 2021
Merged
Closed
@damarisg
Copy link
Member Author

damarisg commented Jul 21, 2021
edited

This issue is closed by #1605

Test Results from 1531-full-yellow-vuln-det

Test Executions Tests Date By Status
YellowResultsScanMacosInventory.log test_scan_results/test_macos_inventory 2021-07-21 Seyla 🟢
YellowResultsScanMacosInventory2.log test_scan_results/test_macos_inventory 2021-07-21 Seyla 🟡
YellowResultsScanMacosInventory3.log test_scan_results/test_macos_inventory 2021-07-21 Seyla 🟡
YellowResultsScanDifferentCve.log test_scan_results/test_scan_different_cves 2021-07-21 Seyla 🟡
YellowResultsScanDifferentCve2.log test_scan_results/test_scan_different_cves 2021-07-21 Seyla 🟡
YellowResultsScanDifferentCve3.log test_scan_results/test_scan_different_cves 2021-07-21 Seyla 🟡
YellowResultsScanNVDFeed2.log test_scan_results/test_scan_nvd_feed 2021-07-21 Seyla 🟡
YellowResultsScanNVDFeed.log test_scan_results/test_scan_nvd_feed 2021-07-21 Seyla 🟡
YellowResultsScanNVDFeed4.log test_scan_results/test_scan_nvd_feed 2021-07-21 Seyla 🟢
YellowResultsScanProvidersAndNVDFeed.log test_scan_results/test_scan_providers_and_nvd_feed 2021-07-21 Seyla 🟡
YellowResultsScanProvidersAndNVDFeed2.log test_scan_results/test_scan_providers_and_nvd_feed 2021-07-21 Seyla 🟡
YellowResultsScanProvidersAndNVDFeed3.log test_scan_results/test_scan_providers_and_nvd_feed 2021-07-21 Seyla 🟡
Reference Status
🟡 Pass with Warnings
🟢 Pass without Warning

Note

This issue fails sometimes by the bug #1602

@mdengra
Copy link
Contributor

mdengra commented Jul 22, 2021
edited

2021-07-22

Used Wazuh-QA branch: 1531-full-yellow-vuln-det
Test results with the default settings in the ossec.conf:

Case 1

Test Executions Date By Status
test_macos_inventory_local_r1.log 2021-07-22 Miguel 🟡
test_macos_inventory_local_r2.log 2021-07-22 Miguel 🟡
test_macos_inventory_local_r3.log 2021-07-22 Miguel 🟡

Case 2

Test Executions Date By Status
test_scan_different_cves_local_r1.log 2021-07-22 Miguel 🟡
test_scan_different_cves_local_r2.log 2021-07-22 Miguel 🟡
test_scan_different_cves_local_r3.log 2021-07-22 Miguel 🟡

Case 3

Test Executions Date By Status
test_scan_nvd_feed_local_r1.log 2021-07-22 Miguel 🟡
test_scan_nvd_feed_local_r2.log 2021-07-22 Miguel 🟡
test_scan_nvd_feed_local_r3.log 2021-07-22 Miguel 🟡

Case 4

Test Executions Date By Status
test_scan_providers_and_nvd_feed_local_r1.log 2021-07-22 Miguel 🟡
test_scan_providers_and_nvd_feed_local_r2.log 2021-07-22 Miguel 🟡
test_scan_providers_and_nvd_feed_local_r3.log 2021-07-22 Miguel 🟡

@damarisg
Copy link
Member Author

This issue is closed because the test was disabled by #1602.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@damarisg damarisg

@pereyra-m pereyra-m

@mdengra mdengra

Labels
feature/vuln-detector
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@damarisg @pereyra-m @mdengra