(plugin) cloud::aws::cloudtrail - new (#4449)
* plugin aws cloudtrail * update * update + add tests * update workflow * fix * update
This commit is contained in:
parent
aaa667e087
commit
9f31f702ab
|
@ -0,0 +1,61 @@
|
|||
name: Run mock API server
|
||||
on:
|
||||
workflow_dispatch:
|
||||
push:
|
||||
branches:
|
||||
- MON-**
|
||||
|
||||
jobs:
|
||||
test:
|
||||
runs-on: ubuntu-latest
|
||||
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- name: Use Node.js
|
||||
uses: actions/setup-node@v2
|
||||
with:
|
||||
node-version: "14.x"
|
||||
- name: Install Mockoon CLI
|
||||
run: npm install -D @mockoon/cli
|
||||
- name: Install perl dependencies
|
||||
uses: perl-actions/install-with-cpm@stable
|
||||
with:
|
||||
install: |
|
||||
DateTime
|
||||
Digest::MD5
|
||||
Encode
|
||||
HTTP::ProxyPAC
|
||||
IO::Socket::SSL
|
||||
JSON::XS
|
||||
LWP::Protocol::https
|
||||
LWP::UserAgent
|
||||
MIME::Base64
|
||||
Paws
|
||||
POSIX
|
||||
Storable
|
||||
URI
|
||||
URI::Encode
|
||||
- name: Run Mockoon CLI
|
||||
run: npx mockoon-cli start --data tests/resources/mockoon/cloud-aws-cloudtrail.json --port 3000
|
||||
- name: Run plugin
|
||||
run: |
|
||||
sudo chmod -R +x tests/functional/
|
||||
sudo mkdir -p /var/lib/centreon/centplugins/
|
||||
sudo chmod 777 /var/lib/centreon/centplugins/
|
||||
TESTS="$(tests/functional/cloud/aws/cloudtrail/checktrailstatus.sh)"
|
||||
echo "tests=$(echo $TESTS)" >> $GITHUB_OUTPUT
|
||||
if [[ $TESTS = "OK:"* ]]; then
|
||||
echo "OK"
|
||||
else
|
||||
echo $TESTS
|
||||
exit 1
|
||||
fi
|
||||
TESTS="$(tests/functional/cloud/aws/cloudtrail/countevents.sh)"
|
||||
echo "tests=$(echo $TESTS)" >> $GITHUB_OUTPUT
|
||||
if [[ $TESTS = "OK:"* ]]; then
|
||||
echo "OK"
|
||||
else
|
||||
echo $TESTS
|
||||
exit 1
|
||||
fi
|
||||
shell: bash
|
|
@ -0,0 +1,5 @@
|
|||
{
|
||||
"dependencies": [
|
||||
"libdatetime-perl"
|
||||
]
|
||||
}
|
|
@ -0,0 +1,10 @@
|
|||
{
|
||||
"pkg_name": "centreon-plugin-Cloud-Aws-Cloudtrail-Api",
|
||||
"pkg_summary": "Centreon Plugin to monitor Amazon AWS using Cloudtrail API",
|
||||
"plugin_name": "centreon_aws_cloudtrail_api.pl",
|
||||
"files": [
|
||||
"centreon/plugins/script_custom.pm",
|
||||
"cloud/aws/custom/",
|
||||
"cloud/aws/cloudtrail/"
|
||||
]
|
||||
}
|
|
@ -0,0 +1,5 @@
|
|||
{
|
||||
"dependencies": [
|
||||
"perl(DateTime)"
|
||||
]
|
||||
}
|
|
@ -0,0 +1,84 @@
|
|||
#
|
||||
# Copyright 2023 Centreon (http://www.centreon.com/)
|
||||
#
|
||||
# Centreon is a full-fledged industry-strength solution that meets
|
||||
# the needs in IT infrastructure and application monitoring for
|
||||
# service performance.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
package cloud::aws::cloudtrail::mode::checktrailstatus;
|
||||
|
||||
use strict;
|
||||
use warnings;
|
||||
|
||||
use base qw(centreon::plugins::mode);
|
||||
|
||||
sub new {
|
||||
my ($class, %options) = @_;
|
||||
my $self = $class->SUPER::new(package => __PACKAGE__, %options);
|
||||
bless $self, $class;
|
||||
|
||||
$options{options}->add_options(arguments => {
|
||||
'trail-name:s' => { name => 'trail_name' }
|
||||
});
|
||||
|
||||
return $self;
|
||||
}
|
||||
|
||||
sub check_options {
|
||||
my ($self, %options) = @_;
|
||||
$self->SUPER::init(%options);
|
||||
|
||||
if (!length($self->{option_results}->{trail_name})) {
|
||||
$self->{output}->add_option_msg(short_msg => "Need to specify --trail-name option.");
|
||||
$self->{output}->option_exit();
|
||||
}
|
||||
}
|
||||
|
||||
sub run {
|
||||
my ($self, %options) = @_;
|
||||
|
||||
my $status = $options{custom}->cloudtrail_trail_status(
|
||||
trail_name => $self->{option_results}->{trail_name}
|
||||
);
|
||||
|
||||
$self->{output}->output_add(severity => $status->{IsLogging} ? "ok" : "critical",
|
||||
short_msg => sprintf("Trail is logging: %s", $status->{IsLogging}));
|
||||
$self->{output}->perfdata_add(label => "trail_is_logging", unit => '',
|
||||
value => sprintf("%s", $status->{IsLogging} ),
|
||||
critical => $self->{perfdata}->get_perfdata_for_output(label => 'critical'),
|
||||
min => 0
|
||||
);
|
||||
|
||||
$self->{output}->display();
|
||||
$self->{output}->exit();
|
||||
}
|
||||
|
||||
|
||||
1;
|
||||
|
||||
=head1 MODE
|
||||
|
||||
Check cloudtrail trail status.
|
||||
|
||||
=over 8
|
||||
|
||||
=item B<--trail-name>
|
||||
|
||||
Filter by trail name.
|
||||
|
||||
=back
|
||||
|
||||
=cut
|
|
@ -0,0 +1,126 @@
|
|||
#
|
||||
# Copyright 2023 Centreon (http://www.centreon.com/)
|
||||
#
|
||||
# Centreon is a full-fledged industry-strength solution that meets
|
||||
# the needs in IT infrastructure and application monitoring for
|
||||
# service performance.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
package cloud::aws::cloudtrail::mode::countevents;
|
||||
|
||||
use strict;
|
||||
use warnings;
|
||||
|
||||
use base qw(centreon::plugins::mode);
|
||||
|
||||
sub new {
|
||||
my ($class, %options) = @_;
|
||||
my $self = $class->SUPER::new(package => __PACKAGE__, %options);
|
||||
bless $self, $class;
|
||||
|
||||
$options{options}->add_options(arguments => {
|
||||
'event-type:s' => { name => 'event_type' },
|
||||
'error-message:s' => { name => 'error_message' },
|
||||
'delta:s' => { name => 'delta' },
|
||||
'warning-count:s' => { name => 'warning_count' },
|
||||
'critical-count:s' => { name => 'critical_count' }
|
||||
});
|
||||
|
||||
return $self;
|
||||
}
|
||||
|
||||
sub check_options {
|
||||
my ($self, %options) = @_;
|
||||
$self->SUPER::init(%options);
|
||||
|
||||
if (($self->{perfdata}->threshold_validate(label => 'warning-count', value => $self->{option_results}->{warning_count})) == 0) {
|
||||
$self->{output}->add_option_msg(short_msg => "Wrong warning-count threshold '" . $self->{option_results}->{warning_count} . "'.");
|
||||
$self->{output}->option_exit();
|
||||
}
|
||||
if (($self->{perfdata}->threshold_validate(label => 'critical-count', value => $self->{option_results}->{critical_count})) == 0) {
|
||||
$self->{output}->add_option_msg(short_msg => "Wrong critical-count threshold '" . $self->{option_results}->{critical_count} . "'.");
|
||||
$self->{output}->option_exit();
|
||||
}
|
||||
}
|
||||
|
||||
sub run {
|
||||
my ($self, %options) = @_;
|
||||
|
||||
$self->{events} = $options{custom}->cloudtrail_events(
|
||||
event_type => $self->{option_results}->{event_type},
|
||||
error_message => $self->{option_results}->{error_message},
|
||||
delta => $self->{option_results}->{delta}
|
||||
);
|
||||
|
||||
my $count;
|
||||
if (length($self->{option_results}->{event_type}) || length($self->{option_results}->{error_message})) {
|
||||
$count = 0;
|
||||
foreach my $event (@{$self->{events}}) {
|
||||
if ((defined($self->{option_results}->{event_type}) && length($self->{option_results}->{event_type}) && ($event->{eventType} eq $self->{option_results}->{event_type}))
|
||||
|| (defined($self->{option_results}->{error_message}) && length($self->{option_results}->{error_message}) && ($event->{errorMessage} =~ $self->{option_results}->{error_message}))) {
|
||||
$count++;
|
||||
}
|
||||
}
|
||||
} else {
|
||||
$count = scalar @{$self->{events}};
|
||||
}
|
||||
|
||||
my $exit = $self->{perfdata}->threshold_check(value => $count, threshold => [ { label => 'critical-count', exit_litteral => 'critical' }, { label => 'warning-count', exit_litteral => 'warning' } ]);
|
||||
$self->{output}->output_add(severity => $exit,
|
||||
short_msg => sprintf("Number of events: %.2f", $count));
|
||||
$self->{output}->perfdata_add(label => "events_count", unit => '',
|
||||
value => sprintf("%.2f", $count),
|
||||
warning => $self->{perfdata}->get_perfdata_for_output(label => 'warning'),
|
||||
critical => $self->{perfdata}->get_perfdata_for_output(label => 'critical'),
|
||||
min => 0
|
||||
);
|
||||
|
||||
$self->{output}->display();
|
||||
$self->{output}->exit();
|
||||
}
|
||||
|
||||
1;
|
||||
|
||||
__END__
|
||||
|
||||
=head1 MODE
|
||||
|
||||
Check cloudtrail events.
|
||||
|
||||
=over 8
|
||||
|
||||
=item B<--event-type>
|
||||
|
||||
Filter by event type.
|
||||
|
||||
=item B<--error-message>
|
||||
|
||||
Filter on an error message pattern
|
||||
|
||||
=item B<--delta>
|
||||
|
||||
Time depth for search (minutes).
|
||||
|
||||
=item B<--warning-count>
|
||||
|
||||
Set warning threshold for the number of events.
|
||||
|
||||
=item B<--critical-count>
|
||||
|
||||
Set critical threshold for the number of events.
|
||||
|
||||
=back
|
||||
|
||||
=cut
|
|
@ -0,0 +1,51 @@
|
|||
#
|
||||
# Copyright 2023 Centreon (http://www.centreon.com/)
|
||||
#
|
||||
# Centreon is a full-fledged industry-strength solution that meets
|
||||
# the needs in IT infrastructure and application monitoring for
|
||||
# service performance.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License");
|
||||
# you may not use this file except in compliance with the License.
|
||||
# You may obtain a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
# See the License for the specific language governing permissions and
|
||||
# limitations under the License.
|
||||
#
|
||||
|
||||
package cloud::aws::cloudtrail::plugin;
|
||||
|
||||
use strict;
|
||||
use warnings;
|
||||
use base qw(centreon::plugins::script_custom);
|
||||
|
||||
sub new {
|
||||
my ( $class, %options ) = @_;
|
||||
my $self = $class->SUPER::new( package => __PACKAGE__, %options );
|
||||
bless $self, $class;
|
||||
|
||||
$self->{version} = '0.1';
|
||||
%{ $self->{modes} } = (
|
||||
'checktrailstatus' => 'cloud::aws::cloudtrail::mode::checktrailstatus',
|
||||
'countevents' => 'cloud::aws::cloudtrail::mode::countevents'
|
||||
);
|
||||
|
||||
$self->{custom_modes}{paws} = 'cloud::aws::custom::paws';
|
||||
$self->{custom_modes}{awscli} = 'cloud::aws::custom::awscli';
|
||||
return $self;
|
||||
}
|
||||
|
||||
1;
|
||||
|
||||
__END__
|
||||
|
||||
=head1 PLUGIN DESCRIPTION
|
||||
|
||||
Check Amazon CloudTrail.
|
||||
|
||||
=cut
|
|
@ -976,6 +976,80 @@ sub directconnect_describe_virtual_interfaces {
|
|||
return $results;
|
||||
}
|
||||
|
||||
sub cloudtrail_events_set_cmd {
|
||||
my ($self, %options) = @_;
|
||||
|
||||
return if (defined($self->{option_results}->{command_options}) && $self->{option_results}->{command_options} ne '');
|
||||
|
||||
my $cmd_options = "lookup-events --region $self->{option_results}->{region} --output json";
|
||||
if (defined($options{delta})) {
|
||||
my $endtime = time();
|
||||
my $starttime = $endtime - ($options{delta} * 60);
|
||||
$cmd_options .= " --start-time $starttime";
|
||||
$cmd_options .= " --end-time $endtime";
|
||||
}
|
||||
$cmd_options .= " --starting-token $options{next_token}" if (length($options{next_token}));
|
||||
$cmd_options .= " --endpoint-url $self->{endpoint_url}" if (length($self->{endpoint_url}));
|
||||
$cmd_options .= " --no-verify-ssl 2>/dev/null" if (length($self->{option_results}->{skip_ssl_check}));
|
||||
|
||||
return $cmd_options;
|
||||
}
|
||||
|
||||
sub cloudtrail_events {
|
||||
my ($self, %options) = @_;
|
||||
|
||||
my $cmd_options = $self->cloudtrail_events_set_cmd(%options);
|
||||
|
||||
my $events_results = [];
|
||||
eval {
|
||||
while (my $list_events = $self->execute(cmd_options => $cmd_options)) {
|
||||
foreach (@{$list_events->{Events}}) {
|
||||
my $event = JSON::XS->new->utf8->decode($_->{CloudTrailEvent});
|
||||
push @{$events_results}, {
|
||||
eventID => $event->{eventID},
|
||||
eventType => $event->{eventType},
|
||||
errorMessage => $event->{errorMessage}
|
||||
};
|
||||
}
|
||||
|
||||
last if (!defined($list_events->{NextToken}));
|
||||
$options{next_token} = $list_events->{NextToken};
|
||||
}
|
||||
};
|
||||
|
||||
return $events_results;
|
||||
}
|
||||
|
||||
sub cloudtrail_trail_status_set_cmd {
|
||||
my ($self, %options) = @_;
|
||||
|
||||
return if (defined($self->{option_results}->{command_options}) && $self->{option_results}->{command_options} ne '');
|
||||
|
||||
my $cmd_options = "get-trail-status --region $self->{option_results}->{region} --output json";
|
||||
$cmd_options .= " --name $options{trail_name}";
|
||||
$cmd_options .= " --endpoint-url $self->{endpoint_url}" if (length($self->{endpoint_url}));
|
||||
$cmd_options .= " --no-verify-ssl 2>/dev/null" if (length($self->{option_results}->{skip_ssl_check}));
|
||||
|
||||
return $cmd_options;
|
||||
}
|
||||
|
||||
sub cloudtrail_trail_status {
|
||||
my ($self, %options) = @_;
|
||||
|
||||
my $cmd_options = $self->cloudtrail_trail_status_set_cmd(%options);
|
||||
|
||||
my $trail_status;
|
||||
eval {
|
||||
$trail_status = $self->execute(cmd_options => $cmd_options);
|
||||
};
|
||||
if ($@) {
|
||||
$self->{output}->add_option_msg(short_msg => "error: $@");
|
||||
$self->{output}->option_exit();
|
||||
}
|
||||
|
||||
return $trail_status;
|
||||
}
|
||||
|
||||
1;
|
||||
|
||||
__END__
|
||||
|
|
|
@ -50,7 +50,8 @@ sub new {
|
|||
'period:s' => { name => 'period' },
|
||||
'statistic:s@' => { name => 'statistic' },
|
||||
'zeroed' => { name => 'zeroed' },
|
||||
'proxyurl:s' => { name => 'proxyurl' }
|
||||
'proxyurl:s' => { name => 'proxyurl' },
|
||||
'endpoint:s' => { name => 'endpoint' }
|
||||
});
|
||||
}
|
||||
$options{options}->add_help(package => __PACKAGE__, sections => 'PAWS OPTIONS', once => 1);
|
||||
|
@ -839,6 +840,68 @@ sub directconnect_describe_virtual_interfaces {
|
|||
return $results;
|
||||
}
|
||||
|
||||
sub cloudtrail_events {
|
||||
my ($self, %options) = @_;
|
||||
|
||||
my $events_results = [];
|
||||
eval {
|
||||
my $ct;
|
||||
if (defined($self->{option_results}->{endpoint}) && length $self->{option_results}->{endpoint}) {
|
||||
$ct = $self->{paws}->service('CloudTrail', region => $self->{option_results}->{region} , endpoint => $self->{option_results}->{endpoint});
|
||||
} else {
|
||||
$ct = $self->{paws}->service('CloudTrail', region => $self->{option_results}->{region});
|
||||
}
|
||||
my %ct_options = ();
|
||||
if (defined($options{delta})) {
|
||||
$ct_options{EndTime} = time();
|
||||
$ct_options{StartTime} = $ct_options{EndTime} - ($options{delta} * 60);
|
||||
}
|
||||
|
||||
while (my $list_events = $ct->LookupEvents(%ct_options)) {
|
||||
foreach (@{$list_events->{Events}}) {
|
||||
my $event = JSON::XS->new->utf8->decode($_->{CloudTrailEvent});
|
||||
push @{$events_results}, {
|
||||
eventID => $event->{eventID},
|
||||
eventType => $event->{eventType},
|
||||
errorMessage => $event->{errorMessage}
|
||||
};
|
||||
}
|
||||
|
||||
last if (!defined($list_events->{NextToken}));
|
||||
$ct_options{NextToken} = $list_events->{NextToken};
|
||||
}
|
||||
};
|
||||
if ($@) {
|
||||
$self->{output}->add_option_msg(short_msg => "error: $@");
|
||||
$self->{output}->option_exit();
|
||||
}
|
||||
|
||||
return $events_results;
|
||||
}
|
||||
|
||||
sub cloudtrail_trail_status {
|
||||
my ($self, %options) = @_;
|
||||
|
||||
my $trail_status;
|
||||
eval {
|
||||
my $ct;
|
||||
if (defined($self->{option_results}->{endpoint}) && length $self->{option_results}->{endpoint}) {
|
||||
$ct = $self->{paws}->service('CloudTrail', region => $self->{option_results}->{region} , endpoint => $self->{option_results}->{endpoint});
|
||||
} else {
|
||||
$ct = $self->{paws}->service('CloudTrail', region => $self->{option_results}->{region});
|
||||
}
|
||||
my %ct_options = ();
|
||||
$ct_options{Name} = $options{trail_name};
|
||||
$trail_status = $ct->GetTrailStatus(%ct_options);
|
||||
};
|
||||
if ($@) {
|
||||
$self->{output}->add_option_msg(short_msg => "error: $@");
|
||||
$self->{output}->option_exit();
|
||||
}
|
||||
|
||||
return $trail_status;
|
||||
}
|
||||
|
||||
1;
|
||||
|
||||
__END__
|
||||
|
|
|
@ -0,0 +1,34 @@
|
|||
#!/bin/bash
|
||||
|
||||
current_dir="$( cd "$(dirname "$0")/../../../../.." >/dev/null 2>&1 || exit ; pwd -P )"
|
||||
cmd="perl $current_dir/src/centreon_plugins.pl --plugin=cloud::aws::cloudtrail::plugin --custommode=paws --region=eu-west --aws-secret-key=secret --aws-access-key=key"
|
||||
|
||||
nb_tests=0
|
||||
nb_tests_ok=0
|
||||
|
||||
test_status_ok=$($cmd --mode=checktrailstatus --endpoint=http://localhost:3000/cloudtrail/gettrailstatus/true --trail-name=TrailName)
|
||||
((nb_tests++))
|
||||
if [[ $test_status_ok = "OK: Trail is logging: 1 | 'trail_is_logging'=1;;;0;" ]]
|
||||
then
|
||||
((nb_tests_ok++))
|
||||
else
|
||||
echo "test_status_ok ko"
|
||||
echo $test_status_ok
|
||||
fi
|
||||
|
||||
test_status_critical=$($cmd --mode=checktrailstatus --endpoint=http://localhost:3000/cloudtrail/gettrailstatus/false --trail-name=TrailName)
|
||||
((nb_tests++))
|
||||
if [[ $test_status_critical = "CRITICAL: Trail is logging: 0 | 'trail_is_logging'=0;;;0;" ]]
|
||||
then
|
||||
((nb_tests_ok++))
|
||||
else
|
||||
echo "test_status_critical ko"
|
||||
echo $test_status_critical
|
||||
fi
|
||||
|
||||
if [[ $nb_tests_ok = $nb_tests ]]
|
||||
then
|
||||
echo "OK: "$nb_tests_ok"/"$nb_tests" tests OK"
|
||||
else
|
||||
echo "NOK: "$nb_tests_ok"/"$nb_tests" tests OK"
|
||||
fi
|
|
@ -0,0 +1,106 @@
|
|||
#!/bin/bash
|
||||
|
||||
current_dir="$( cd "$(dirname "$0")/../../../../.." >/dev/null 2>&1 || exit ; pwd -P )"
|
||||
cmd="perl $current_dir/src/centreon_plugins.pl --plugin=cloud::aws::cloudtrail::plugin --custommode=paws --region=eu-west --aws-secret-key=secret --aws-access-key=key"
|
||||
|
||||
nb_tests=0
|
||||
nb_tests_ok=0
|
||||
|
||||
endpoint_url="http://localhost:3000/cloudtrail/events/AwsApiCall/4/AwsServiceEvent/2/AwsConsoleAction/1/AwsConsoleSignIn/3/NextToken/t"
|
||||
|
||||
test_ok=$($cmd --mode=countevents --endpoint=$endpoint_url)
|
||||
((nb_tests++))
|
||||
if [[ $test_ok = "OK: Number of events: 10.00 | 'events_count'=10.00;;;0;" ]]
|
||||
then
|
||||
((nb_tests_ok++))
|
||||
else
|
||||
echo "test_ok ko"
|
||||
echo $test_ok
|
||||
fi
|
||||
|
||||
test_oknexttoken=$($cmd --mode=countevents --endpoint=$endpoint_url"rue")
|
||||
((nb_tests++))
|
||||
if [[ $test_oknexttoken = "OK: Number of events: 20.00 | 'events_count'=20.00;;;0;" ]]
|
||||
then
|
||||
((nb_tests_ok++))
|
||||
else
|
||||
echo "$test_oknexttoken ko"
|
||||
echo $test_oknexttoken
|
||||
fi
|
||||
|
||||
test_okeventtype=$($cmd --mode=countevents --endpoint=$endpoint_url --event-type=AwsApiCall)
|
||||
((nb_tests++))
|
||||
if [[ $test_okeventtype = "OK: Number of events: 4.00 | 'events_count'=4.00;;;0;" ]]
|
||||
then
|
||||
((nb_tests_ok++))
|
||||
else
|
||||
echo "test_okeventtype ko"
|
||||
echo $test_okeventtype
|
||||
fi
|
||||
|
||||
test_okeventtypenexttoken=$($cmd --mode=countevents --endpoint=$endpoint_url"rue" --event-type=AwsServiceEvent)
|
||||
((nb_tests++))
|
||||
if [[ $test_okeventtypenexttoken = "OK: Number of events: 4.00 | 'events_count'=4.00;;;0;" ]]
|
||||
then
|
||||
((nb_tests_ok++))
|
||||
else
|
||||
echo "test_okeventtypenexttoken ko"
|
||||
echo $test_okeventtypenexttoken
|
||||
fi
|
||||
|
||||
test_okdelta=$($cmd --mode=countevents --endpoint=$endpoint_url --event-type=AwsApiCall --delta=10)
|
||||
((nb_tests++))
|
||||
if [[ $test_okdelta = "OK: Number of events: 4.00 | 'events_count'=4.00;;;0;" ]]
|
||||
then
|
||||
((nb_tests_ok++))
|
||||
else
|
||||
echo "test_okdelta ko"
|
||||
echo $test_okdelta
|
||||
fi
|
||||
|
||||
test_okerrormessage=$($cmd --mode=countevents --endpoint=$endpoint_url --error-message='Login error')
|
||||
((nb_tests++))
|
||||
if [[ $test_okerrormessage = "OK: Number of events: 3.00 | 'events_count'=3.00;;;0;" ]]
|
||||
then
|
||||
((nb_tests_ok++))
|
||||
else
|
||||
echo "test_okerrormessage ko"
|
||||
echo $test_okerrormessage
|
||||
fi
|
||||
|
||||
test_okerrormessagepartial=$($cmd --mode=countevents --endpoint=$endpoint_url --error-message='.*error')
|
||||
((nb_tests++))
|
||||
if [[ $test_okerrormessagepartial = "OK: Number of events: 4.00 | 'events_count'=4.00;;;0;" ]]
|
||||
then
|
||||
((nb_tests_ok++))
|
||||
else
|
||||
echo "test_okerrormessagepartial ko"
|
||||
echo $test_okerrormessagepartial
|
||||
fi
|
||||
|
||||
test_warning=$($cmd --mode=countevents --endpoint=$endpoint_url --warning-count=3)
|
||||
((nb_tests++))
|
||||
if [[ $test_warning = "WARNING: Number of events: 10.00 | 'events_count'=10.00;;;0;" ]]
|
||||
then
|
||||
((nb_tests_ok++))
|
||||
else
|
||||
echo "test_warning ko"
|
||||
echo $test_warning
|
||||
fi
|
||||
|
||||
test_critical=$($cmd --mode=countevents --endpoint=$endpoint_url --critical-count=5)
|
||||
((nb_tests++))
|
||||
if [[ $test_critical = "CRITICAL: Number of events: 10.00 | 'events_count'=10.00;;;0;" ]]
|
||||
then
|
||||
((nb_tests_ok++))
|
||||
else
|
||||
echo "test_critical ko"
|
||||
echo $test_critical
|
||||
fi
|
||||
|
||||
if [[ $nb_tests_ok = $nb_tests ]]
|
||||
then
|
||||
echo "OK: "$nb_tests_ok"/"$nb_tests" tests OK"
|
||||
else
|
||||
echo "NOK: "$nb_tests_ok"/"$nb_tests" tests OK"
|
||||
fi
|
|
@ -0,0 +1,130 @@
|
|||
{
|
||||
"uuid": "e59ad81e-2050-480d-bbae-0e71c607c927",
|
||||
"lastMigration": 27,
|
||||
"name": "Aws cloudtrail",
|
||||
"endpointPrefix": "",
|
||||
"latency": 0,
|
||||
"port": 3000,
|
||||
"hostname": "",
|
||||
"folders": [],
|
||||
"routes": [
|
||||
{
|
||||
"uuid": "b5e25f3a-a8e3-4128-9e45-f2654c5a599d",
|
||||
"type": "http",
|
||||
"documentation": "",
|
||||
"method": "post",
|
||||
"endpoint": "cloudtrail/gettrailstatus/:islogging",
|
||||
"responses": [
|
||||
{
|
||||
"uuid": "76483999-2022-4610-8e8c-9c0bd535e4c5",
|
||||
"body": "{\r\n \"IsLogging\": {{ urlParam 'islogging' 'true' }},\r\n \"LatestCloudWatchLogsDeliveryError\": \"error\",\r\n \"LatestCloudWatchLogsDeliveryTime\": 1683298944.125,\r\n \"LatestDeliveryAttemptSucceeded\": \"2023-05-05T15:02:24Z\",\r\n \"LatestDeliveryAttemptTime\": \"2023-05-05T15:02:24Z\",\r\n \"LatestDeliveryError\": \"error\",\r\n \"LatestDeliveryTime\": 1683298944.125,\r\n \"LatestDigestDeliveryError\": \"error\",\r\n \"LatestDigestDeliveryTime\": 1683298944.125,\r\n \"LatestNotificationAttemptSucceeded\": \"2023-05-05T15:02:24Z\",\r\n \"LatestNotificationAttemptTime\": \"2023-05-05T15:02:24Z\",\r\n \"LatestNotificationError\": \"error\",\r\n \"LatestNotificationTime\": 1683298944.125,\r\n \"StartLoggingTime\": 1683298944.125,\r\n \"StopLoggingTime\": 1683298477.918,\r\n \"TimeLoggingStarted\": \"2023-05-05T15:02:24Z\",\r\n \"TimeLoggingStopped\": \"2023-05-05T14:54:37Z\"\r\n}",
|
||||
"latency": 0,
|
||||
"statusCode": 200,
|
||||
"label": "",
|
||||
"headers": [
|
||||
{
|
||||
"key": "Content-Type",
|
||||
"value": "application/json"
|
||||
}
|
||||
],
|
||||
"bodyType": "INLINE",
|
||||
"filePath": "",
|
||||
"databucketID": "",
|
||||
"sendFileAsBody": false,
|
||||
"rules": [],
|
||||
"rulesOperator": "OR",
|
||||
"disableTemplating": false,
|
||||
"fallbackTo404": false,
|
||||
"default": true
|
||||
}
|
||||
],
|
||||
"enabled": true,
|
||||
"responseMode": null
|
||||
},
|
||||
{
|
||||
"uuid": "77f82f1c-b06e-478a-8366-ab325830f00e",
|
||||
"type": "http",
|
||||
"documentation": "",
|
||||
"method": "post",
|
||||
"endpoint": "cloudtrail/events/AwsApiCall/:AwsApiCall/AwsServiceEvent/:AwsServiceEvent/AwsConsoleAction/:AwsConsoleAction/AwsConsoleSignIn/:AwsConsoleSignIn/NextToken/:NextToken",
|
||||
"responses": [
|
||||
{
|
||||
"uuid": "7dd41177-8d63-458a-abcc-b3af3ea8c9cd",
|
||||
"body": "{\r\n\t\"Events\": [\r\n\t\t{{#each (dataRaw 'Events')}}\r\n\t\t {{#if (gt @index 0)}}\r\n\t\t ,\r\n\t\t {{/if}}\r\n \t\t{\r\n \t\t\t\"AccessKeyId\": \"{{AccessKeyId}}\",\r\n \t\t\t\"CloudTrailEvent\": \"{\\\"awsRegion\\\": \\\"eu-west-1\\\", {{#if Error}}\\\"errorCode\\\": \\\"{{ErrorCode}}\\\", \\\"errorMessage\\\": \\\"{{ErrorMessage}}\\\",{{/if}} \\\"eventCategory\\\": \\\"Management\\\", \\\"eventID\\\": \\\"{{EventId}}\\\", \\\"eventName\\\": \\\"{{EventName}}\\\", \\\"eventSource\\\": \\\"{{EventSource}}\\\", \\\"eventTime\\\": \\\"{{EventTime}}\\\", \\\"eventType\\\": \\\"{{EventType}}\\\", \\\"eventVersion\\\": \\\"1.08\\\", \\\"managementEvent\\\": true, \\\"readOnly\\\": true, \\\"recipientAccountId\\\": \\\"{{AccountId}}\\\", \\\"requestID\\\": \\\"{{ faker 'datatype.uuid' }}\\\", \\\"requestParameters\\\": null, \\\"responseElements\\\": null, \\\"sourceIPAddress\\\": \\\"{{ faker 'internet.ip' }}\\\", \\\"tlsDetails\\\": {\\\"cipherSuite\\\": \\\"ECDHE-RSA-AES128-GCM-SHA256\\\", \\\"clientProvidedHostHeader\\\": \\\"cloudtrail.eu-west-1.amazonaws.com\\\", \\\"tlsVersion\\\": \\\"TLSv1.2\\\"}, \\\"userAgent\\\": \\\"aws-cli/2.11.0 Python/3.11.2 Darwin/22.2.0 source/x86_64 prompt/off command/cloudtrail.lookup-events\\\", \\\"userIdentity\\\": {\\\"accessKeyId\\\": \\\"{{AccessKeyId}}\\\", \\\"accountId\\\": \\\"{{AccountId}}\\\", \\\"arn\\\": \\\"arn:aws:sts::{{AccountId}}:assumed-role/{{UserRole}}/{{UserName}}\\\", \\\"principalId\\\": \\\"{{PrincipalId}}:{{UserName}}\\\", \\\"sessionContext\\\": {\\\"attributes\\\": {\\\"creationDate\\\": \\\"{{ faker 'date.past' EventTime }}\\\", \\\"mfaAuthenticated\\\": \\\"false\\\"}, \\\"sessionIssuer\\\": {\\\"accountId\\\": \\\"{{AccountId}}\\\", \\\"arn\\\": \\\"arn:aws:iam::{{AccountId}}:role/{{UserRole}}\\\", \\\"principalId\\\": \\\"{{PrincipalId}}\\\", \\\"type\\\": \\\"Role\\\", \\\"userName\\\": \\\"{{UserRole}}\\\"}, \\\"webIdFederationData\\\": {}}, \\\"type\\\": \\\"{{ faker 'name.jobArea' }}\\\"}}\",\r\n \t\t\t\"EventId\": \"{{EventId}}\",\r\n \t\t\t\"EventName\": \"{{EventName}}\",\r\n \t\t\t\"EventSource\": \"{{EventSource}}\",\r\n \t\t\t\"EventTime\": \"{{EventTime}}\",\r\n \t\t\t\"ReadOnly\": \"true\",\r\n \t\t\t\"Resources\": [\r\n \t\t\t],\r\n \t\t\t\"Username\": \"{{UserName}}\"\r\n \t\t}\r\n\t\t{{/each}}\r\n\t]\r\n\t{{#if (gte (indexOf (urlParam 'NextToken') 'true' 0) 0)}}\r\n\t {{#unless (includes (stringify (body)) 'NextToken')}}\r\n\t\t ,\"NextToken\": \"{{ faker 'random.alphaNumeric' 64 casing='upper' }}\"\r\n\t\t{{/unless}}\r\n\t{{/if}}\r\n}",
|
||||
"latency": 0,
|
||||
"statusCode": 200,
|
||||
"label": "",
|
||||
"headers": [],
|
||||
"bodyType": "INLINE",
|
||||
"filePath": "",
|
||||
"databucketID": "c5kh",
|
||||
"sendFileAsBody": false,
|
||||
"rules": [],
|
||||
"rulesOperator": "OR",
|
||||
"disableTemplating": false,
|
||||
"fallbackTo404": false,
|
||||
"default": true
|
||||
}
|
||||
],
|
||||
"enabled": true,
|
||||
"responseMode": null
|
||||
}
|
||||
],
|
||||
"rootChildren": [
|
||||
{
|
||||
"type": "route",
|
||||
"uuid": "b5e25f3a-a8e3-4128-9e45-f2654c5a599d"
|
||||
},
|
||||
{
|
||||
"type": "route",
|
||||
"uuid": "77f82f1c-b06e-478a-8366-ab325830f00e"
|
||||
}
|
||||
],
|
||||
"proxyMode": false,
|
||||
"proxyHost": "",
|
||||
"proxyRemovePrefix": false,
|
||||
"tlsOptions": {
|
||||
"enabled": false,
|
||||
"type": "CERT",
|
||||
"pfxPath": "",
|
||||
"certPath": "",
|
||||
"keyPath": "",
|
||||
"caPath": "",
|
||||
"passphrase": ""
|
||||
},
|
||||
"cors": true,
|
||||
"headers": [
|
||||
{
|
||||
"key": "Content-Type",
|
||||
"value": "application/json"
|
||||
}
|
||||
],
|
||||
"proxyReqHeaders": [
|
||||
{
|
||||
"key": "",
|
||||
"value": ""
|
||||
}
|
||||
],
|
||||
"proxyResHeaders": [
|
||||
{
|
||||
"key": "",
|
||||
"value": ""
|
||||
}
|
||||
],
|
||||
"data": [
|
||||
{
|
||||
"uuid": "76dec2a5-ff63-4e81-9611-94b900ab16e1",
|
||||
"id": "c5kh",
|
||||
"name": "EventsData",
|
||||
"documentation": "",
|
||||
"value": "[\n {{#each (dataRaw 'EventsTypeData')}}\n {{#if (gte @isEvent 1)}}\n ,\n {{/if}}\n {{setVar 'isEvent' (add (urlParam name) @isEvent)}}\n {{#repeat (urlParam name comma=true)}}\n {\n \"AccessKeyId\": \"{{ faker 'random.alphaNumeric' 20 casing='upper' }}\",\n \"AccountId\": \"{{ faker 'random.numeric' 12 }}\",\n \"Error\": {{error}},\n {{#if error}}\n \"ErrorCode\": \"{{errorCode}}\",\n\t \"ErrorMessage\": \"{{errorMessage}}\",\n {{/if}}\n \"EventId\": \"{{ faker 'datatype.uuid' }}\",\n \"EventName\": \"{{oneOf (array 'LookupEvents' 'ListInstanceAssociations' 'AssumeRoleWithWebIdentity')}}\",\n \"EventSource\": \"{{oneOf (array 'cloudtrail.amazonaws.com' 'ssm.amazonaws.com' 'sts.amazonaws.com')}}\",\n \"EventTime\": \"{{ faker 'date.recent' }}\",\n \"EventType\": \"{{name}}\",\n \"PrincipalId\": \"{{ faker 'random.alphaNumeric' 20 casing='upper' }}\",\n \"UserName\": \"{{ faker 'internet.userName' }}\",\n \"UserRole\": \"{{ faker 'name.jobType' }}\"\n }\n {{/repeat}}\n {{/each}}\n]"
|
||||
},
|
||||
{
|
||||
"uuid": "5dce6340-bade-4336-8041-50fd22570055",
|
||||
"id": "nu28",
|
||||
"name": "EventsTypeData",
|
||||
"documentation": "",
|
||||
"value": "[\n {\n \"name\": \"AwsApiCall\",\n \"error\": false\n },\n {\n \"name\": \"AwsServiceEvent\",\n \"error\": false\n },\n {\n \"name\": \"AwsConsoleAction\",\n \"error\": true,\n \t\"errorCode\": \"ThrottlingException\",\n \t\"errorMessage\": \"Rate exceeded error\"\n },\n {\n \"name\": \"AwsConsoleSignIn\",\n \"error\": true,\n \"errorCode\": \"LoginErrorException\",\n \"errorMessage\": \"Login error\"\n }\n]"
|
||||
}
|
||||
]
|
||||
}
|
Loading…
Reference in New Issue