crowdsec/test/bats/50_simulation.bats

71 lines
2.1 KiB
Bash

#!/usr/bin/env bats
# vim: ft=bats:list:ts=8:sts=4:sw=4:et:ai:si:
set -u
fake_log() {
for _ in $(seq 1 10); do
echo "$(LC_ALL=C date '+%b %d %H:%M:%S ')"'sd-126005 sshd[12422]: Invalid user netflix from 1.1.1.174 port 35424'
done
}
setup_file() {
load "../lib/setup_file.sh"
./instance-data load
cscli collections install crowdsecurity/sshd --error
cscli parsers install crowdsecurity/syslog-logs --error
cscli parsers install crowdsecurity/dateparse-enrich --error
./instance-crowdsec start
}
teardown_file() {
load "../lib/teardown_file.sh"
}
setup() {
load "../lib/setup.sh"
cscli decisions delete --all
}
#----------
@test "we have one decision" {
rune -0 cscli simulation disable --global
fake_log | "${CROWDSEC}" -dsn file:///dev/fd/0 -type syslog -no-api
rune -0 cscli decisions list -o json
rune -0 jq '. | length' <(output)
assert_output 1
}
@test "1.1.1.174 has been banned (exact)" {
rune -0 cscli simulation disable --global
fake_log | "${CROWDSEC}" -dsn file:///dev/fd/0 -type syslog -no-api
rune -0 cscli decisions list -o json
rune -0 jq -r '.[].decisions[0].value' <(output)
assert_output '1.1.1.174'
}
@test "decision has simulated == false (exact)" {
rune -0 cscli simulation disable --global
fake_log | "${CROWDSEC}" -dsn file:///dev/fd/0 -type syslog -no-api
rune -0 cscli decisions list -o json
rune -0 jq '.[].decisions[0].simulated' <(output)
assert_output 'false'
}
@test "simulated scenario, listing non-simulated: expect no decision" {
rune -0 cscli simulation enable crowdsecurity/ssh-bf
fake_log | "${CROWDSEC}" -dsn file:///dev/fd/0 -type syslog -no-api
rune -0 cscli decisions list --no-simu -o json
assert_json '[]'
}
@test "global simulation, listing non-simulated: expect no decision" {
rune -0 cscli simulation disable crowdsecurity/ssh-bf
rune -0 cscli simulation enable --global
fake_log | "${CROWDSEC}" -dsn file:///dev/fd/0 -type syslog -no-api
rune -0 cscli decisions list --no-simu -o json
assert_json '[]'
}