(plugin) cloud::aws::cloudtrail - new (#4449)

* plugin aws cloudtrail * update * update + add tests * update workflow * fix * update
2023-06-07 12:10:04 +02:00 · 2023-06-07 12:10:04 +02:00 · 9f31f702ab
parent aaa667e087
commit 9f31f702ab
12 changed files with 750 additions and 1 deletions
--- a/.github/workflows/tests-functional.yml
+++ b/.github/workflows/tests-functional.yml
@ -0,0 +1,61 @@
+name: Run mock API server
+on:
+  workflow_dispatch:
+  push:
+    branches:
+      - MON-**
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/checkout@v2
+      - name: Use Node.js
+        uses: actions/setup-node@v2
+        with:
+          node-version: "14.x"
+      - name: Install Mockoon CLI
+        run: npm install -D @mockoon/cli
+      - name: Install perl dependencies
+        uses: perl-actions/install-with-cpm@stable
+        with:
+          install: |
+            DateTime
+            Digest::MD5
+            Encode
+            HTTP::ProxyPAC
+            IO::Socket::SSL
+            JSON::XS
+            LWP::Protocol::https
+            LWP::UserAgent
+            MIME::Base64
+            Paws
+            POSIX
+            Storable
+            URI
+            URI::Encode
+      - name: Run Mockoon CLI
+        run: npx mockoon-cli start --data tests/resources/mockoon/cloud-aws-cloudtrail.json --port 3000
+      - name: Run plugin
+        run: |
+          sudo chmod -R +x tests/functional/
+          sudo mkdir -p /var/lib/centreon/centplugins/
+          sudo chmod 777 /var/lib/centreon/centplugins/
+          TESTS="$(tests/functional/cloud/aws/cloudtrail/checktrailstatus.sh)"
+          echo "tests=$(echo $TESTS)" >> $GITHUB_OUTPUT
+          if [[ $TESTS = "OK:"* ]]; then
+            echo "OK"
+          else
+            echo $TESTS
+            exit 1
+          fi
+          TESTS="$(tests/functional/cloud/aws/cloudtrail/countevents.sh)"
+          echo "tests=$(echo $TESTS)" >> $GITHUB_OUTPUT
+          if [[ $TESTS = "OK:"* ]]; then
+            echo "OK"
+          else
+            echo $TESTS
+            exit 1
+          fi
+        shell: bash
--- a/packaging/centreon-plugin-Cloud-Aws-Cloudtrail-Api/deb.json
+++ b/packaging/centreon-plugin-Cloud-Aws-Cloudtrail-Api/deb.json
@ -0,0 +1,5 @@
+{
+    "dependencies": [
+        "libdatetime-perl"
+    ]
+}
--- a/packaging/centreon-plugin-Cloud-Aws-Cloudtrail-Api/pkg.json
+++ b/packaging/centreon-plugin-Cloud-Aws-Cloudtrail-Api/pkg.json
@ -0,0 +1,10 @@
+{
+    "pkg_name": "centreon-plugin-Cloud-Aws-Cloudtrail-Api",
+    "pkg_summary": "Centreon Plugin to monitor Amazon AWS using Cloudtrail API",
+    "plugin_name": "centreon_aws_cloudtrail_api.pl",
+    "files": [
+        "centreon/plugins/script_custom.pm",
+        "cloud/aws/custom/",
+        "cloud/aws/cloudtrail/"
+    ]
+}
--- a/packaging/centreon-plugin-Cloud-Aws-Cloudtrail-Api/rpm.json
+++ b/packaging/centreon-plugin-Cloud-Aws-Cloudtrail-Api/rpm.json
@ -0,0 +1,5 @@
+{
+    "dependencies": [
+        "perl(DateTime)"
+    ]
+}
--- a/src/cloud/aws/cloudtrail/mode/checktrailstatus.pm
+++ b/src/cloud/aws/cloudtrail/mode/checktrailstatus.pm
@ -0,0 +1,84 @@
+#
+# Copyright 2023 Centreon (http://www.centreon.com/)
+#
+# Centreon is a full-fledged industry-strength solution that meets
+# the needs in IT infrastructure and application monitoring for
+# service performance.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+package cloud::aws::cloudtrail::mode::checktrailstatus;
+
+use strict;
+use warnings;
+
+use base qw(centreon::plugins::mode);
+
+sub new {
+    my ($class, %options) = @_;
+    my $self = $class->SUPER::new(package => __PACKAGE__, %options);
+    bless $self, $class;
+
+    $options{options}->add_options(arguments => {
+        'trail-name:s' => { name => 'trail_name' }
+    });
+
+    return $self;
+}
+
+sub check_options {
+    my ($self, %options) = @_;
+    $self->SUPER::init(%options);
+
+    if (!length($self->{option_results}->{trail_name})) {
+        $self->{output}->add_option_msg(short_msg => "Need to specify --trail-name option.");
+        $self->{output}->option_exit();
+    }
+}
+
+sub run {
+    my ($self, %options) = @_;
+
+    my $status = $options{custom}->cloudtrail_trail_status(
+        trail_name => $self->{option_results}->{trail_name}
+    );
+
+    $self->{output}->output_add(severity => $status->{IsLogging} ? "ok" : "critical",
+                                short_msg => sprintf("Trail is logging: %s", $status->{IsLogging}));
+    $self->{output}->perfdata_add(label => "trail_is_logging", unit => '',
+                                  value => sprintf("%s", $status->{IsLogging} ),
+                                  critical => $self->{perfdata}->get_perfdata_for_output(label => 'critical'),
+                                  min => 0
+                                  );
+
+    $self->{output}->display();
+    $self->{output}->exit();
+}
+
+
+1;
+
+=head1 MODE
+
+Check cloudtrail trail status.
+
+=over 8
+
+=item B<--trail-name>
+
+Filter by trail name.
+
+=back
+
+=cut
--- a/src/cloud/aws/cloudtrail/mode/countevents.pm
+++ b/src/cloud/aws/cloudtrail/mode/countevents.pm
@ -0,0 +1,126 @@
+#
+# Copyright 2023 Centreon (http://www.centreon.com/)
+#
+# Centreon is a full-fledged industry-strength solution that meets
+# the needs in IT infrastructure and application monitoring for
+# service performance.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+package cloud::aws::cloudtrail::mode::countevents;
+
+use strict;
+use warnings;
+
+use base qw(centreon::plugins::mode);
+
+sub new {
+    my ($class, %options) = @_;
+    my $self = $class->SUPER::new(package => __PACKAGE__, %options);
+    bless $self, $class;
+
+    $options{options}->add_options(arguments => {
+        'event-type:s' => { name => 'event_type' },
+        'error-message:s' => { name => 'error_message' },
+        'delta:s' => { name => 'delta' },
+        'warning-count:s'    => { name => 'warning_count' },
+        'critical-count:s'   => { name => 'critical_count' }
+    });
+
+    return $self;
+}
+
+sub check_options {
+    my ($self, %options) = @_;
+    $self->SUPER::init(%options);
+
+    if (($self->{perfdata}->threshold_validate(label => 'warning-count', value => $self->{option_results}->{warning_count})) == 0) {
+       $self->{output}->add_option_msg(short_msg => "Wrong warning-count threshold '" . $self->{option_results}->{warning_count} . "'.");
+       $self->{output}->option_exit();
+    }
+    if (($self->{perfdata}->threshold_validate(label => 'critical-count', value => $self->{option_results}->{critical_count})) == 0) {
+       $self->{output}->add_option_msg(short_msg => "Wrong critical-count threshold '" . $self->{option_results}->{critical_count} . "'.");
+       $self->{output}->option_exit();
+    }
+}
+
+sub run {
+    my ($self, %options) = @_;
+
+    $self->{events} = $options{custom}->cloudtrail_events(
+        event_type => $self->{option_results}->{event_type},
+        error_message => $self->{option_results}->{error_message},
+        delta => $self->{option_results}->{delta}
+    );
+
+    my $count;
+    if (length($self->{option_results}->{event_type}) || length($self->{option_results}->{error_message})) {
+        $count = 0;
+        foreach my $event (@{$self->{events}}) {
+            if ((defined($self->{option_results}->{event_type}) && length($self->{option_results}->{event_type}) && ($event->{eventType} eq $self->{option_results}->{event_type}))
+                || (defined($self->{option_results}->{error_message}) && length($self->{option_results}->{error_message}) && ($event->{errorMessage} =~ $self->{option_results}->{error_message}))) {
+                $count++;
+            }
+        }
+    } else {
+        $count = scalar @{$self->{events}};
+    }
+
+    my $exit = $self->{perfdata}->threshold_check(value => $count, threshold => [ { label => 'critical-count', exit_litteral => 'critical' }, { label => 'warning-count', exit_litteral => 'warning' } ]);
+    $self->{output}->output_add(severity => $exit,
+                                short_msg => sprintf("Number of events: %.2f", $count));
+    $self->{output}->perfdata_add(label => "events_count", unit => '',
+                                  value => sprintf("%.2f", $count),
+                                  warning => $self->{perfdata}->get_perfdata_for_output(label => 'warning'),
+                                  critical => $self->{perfdata}->get_perfdata_for_output(label => 'critical'),
+                                  min => 0
+                                  );
+
+    $self->{output}->display();
+    $self->{output}->exit();
+}
+
+1;
+
+__END__
+
+=head1 MODE
+
+Check cloudtrail events.
+
+=over 8
+
+=item B<--event-type>
+
+Filter by event type.
+
+=item B<--error-message>
+
+Filter on an error message pattern
+
+=item B<--delta>
+
+Time depth for search (minutes).
+
+=item B<--warning-count>
+
+Set warning threshold for the number of events.
+
+=item B<--critical-count>
+
+Set critical threshold for the number of events.
+
+=back
+
+=cut
--- a/src/cloud/aws/cloudtrail/plugin.pm
+++ b/src/cloud/aws/cloudtrail/plugin.pm
@ -0,0 +1,51 @@
+#
+# Copyright 2023 Centreon (http://www.centreon.com/)
+#
+# Centreon is a full-fledged industry-strength solution that meets
+# the needs in IT infrastructure and application monitoring for
+# service performance.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+package cloud::aws::cloudtrail::plugin;
+
+use strict;
+use warnings;
+use base qw(centreon::plugins::script_custom);
+
+sub new {
+    my ( $class, %options ) = @_;
+    my $self = $class->SUPER::new( package => __PACKAGE__, %options );
+    bless $self, $class;
+
+    $self->{version} = '0.1';
+    %{ $self->{modes} } = (
+        'checktrailstatus'  => 'cloud::aws::cloudtrail::mode::checktrailstatus',
+        'countevents'       => 'cloud::aws::cloudtrail::mode::countevents'
+    );
+
+    $self->{custom_modes}{paws} = 'cloud::aws::custom::paws';
+    $self->{custom_modes}{awscli} = 'cloud::aws::custom::awscli';
+    return $self;
+}
+
+1;
+
+__END__
+
+=head1 PLUGIN DESCRIPTION
+
+Check Amazon CloudTrail.
+
+=cut
--- a/src/cloud/aws/custom/awscli.pm
+++ b/src/cloud/aws/custom/awscli.pm
@ -976,6 +976,80 @@ sub directconnect_describe_virtual_interfaces {
    return $results;
 }

+sub cloudtrail_events_set_cmd {
+    my ($self, %options) = @_;
+
+    return if (defined($self->{option_results}->{command_options}) && $self->{option_results}->{command_options} ne '');
+
+    my $cmd_options = "lookup-events --region $self->{option_results}->{region} --output json";
+    if (defined($options{delta})) {
+        my $endtime = time();
+        my $starttime = $endtime - ($options{delta} * 60);
+        $cmd_options .= " --start-time $starttime";
+        $cmd_options .= " --end-time $endtime";
+    }
+    $cmd_options .= " --starting-token $options{next_token}" if (length($options{next_token}));
+    $cmd_options .= " --endpoint-url $self->{endpoint_url}" if (length($self->{endpoint_url}));
+    $cmd_options .= " --no-verify-ssl 2>/dev/null" if (length($self->{option_results}->{skip_ssl_check}));
+
+    return $cmd_options;
+}
+
+sub cloudtrail_events {
+    my ($self, %options) = @_;
+
+    my $cmd_options = $self->cloudtrail_events_set_cmd(%options);
+
+    my $events_results = [];
+    eval {
+        while (my $list_events = $self->execute(cmd_options => $cmd_options)) {
+            foreach (@{$list_events->{Events}}) {
+                my $event = JSON::XS->new->utf8->decode($_->{CloudTrailEvent});
+                push @{$events_results}, {
+                    eventID => $event->{eventID},
+                    eventType => $event->{eventType},
+                    errorMessage => $event->{errorMessage}
+                };
+            }
+
+            last if (!defined($list_events->{NextToken}));
+            $options{next_token} = $list_events->{NextToken};
+        }
+    };
+
+    return $events_results;
+}
+
+sub cloudtrail_trail_status_set_cmd {
+    my ($self, %options) = @_;
+
+    return if (defined($self->{option_results}->{command_options}) && $self->{option_results}->{command_options} ne '');
+
+    my $cmd_options = "get-trail-status --region $self->{option_results}->{region} --output json";
+    $cmd_options .= " --name $options{trail_name}";
+    $cmd_options .= " --endpoint-url $self->{endpoint_url}" if (length($self->{endpoint_url}));
+    $cmd_options .= " --no-verify-ssl 2>/dev/null" if (length($self->{option_results}->{skip_ssl_check}));
+
+    return $cmd_options;
+}
+
+sub cloudtrail_trail_status {
+    my ($self, %options) = @_;
+
+    my $cmd_options = $self->cloudtrail_trail_status_set_cmd(%options);
+
+    my $trail_status;
+    eval {
+        $trail_status = $self->execute(cmd_options => $cmd_options);
+    };
+    if ($@) {
+        $self->{output}->add_option_msg(short_msg => "error: $@");
+        $self->{output}->option_exit();
+    }
+
+    return $trail_status;
+}
+
 1;

 __END__
--- a/src/cloud/aws/custom/paws.pm
+++ b/src/cloud/aws/custom/paws.pm
@ -50,7 +50,8 @@ sub new {
            'period:s'            => { name => 'period' },
            'statistic:s@'        => { name => 'statistic' },
            'zeroed'              => { name => 'zeroed' },
-            'proxyurl:s'          => { name => 'proxyurl' }
+            'proxyurl:s'          => { name => 'proxyurl' },
+            'endpoint:s'          => { name => 'endpoint' }
        });
    }
    $options{options}->add_help(package => __PACKAGE__, sections => 'PAWS OPTIONS', once => 1);
@ -839,6 +840,68 @@ sub directconnect_describe_virtual_interfaces {
    return $results;
 }

+sub cloudtrail_events {
+    my ($self, %options) = @_;
+
+    my $events_results = [];
+    eval {
+        my $ct;
+        if (defined($self->{option_results}->{endpoint}) && length $self->{option_results}->{endpoint}) {
+            $ct = $self->{paws}->service('CloudTrail', region => $self->{option_results}->{region} , endpoint => $self->{option_results}->{endpoint});
+        } else {
+            $ct = $self->{paws}->service('CloudTrail', region => $self->{option_results}->{region});
+        }
+        my %ct_options = ();
+        if (defined($options{delta})) {
+            $ct_options{EndTime} = time();
+            $ct_options{StartTime} = $ct_options{EndTime} - ($options{delta} * 60);
+        }
+
+        while (my $list_events = $ct->LookupEvents(%ct_options)) {
+            foreach (@{$list_events->{Events}}) {
+                my $event = JSON::XS->new->utf8->decode($_->{CloudTrailEvent});
+                push @{$events_results}, {
+                    eventID => $event->{eventID},
+                    eventType => $event->{eventType},
+                    errorMessage => $event->{errorMessage}
+                };
+            }
+
+            last if (!defined($list_events->{NextToken}));
+            $ct_options{NextToken} = $list_events->{NextToken};
+        }
+    };
+    if ($@) {
+        $self->{output}->add_option_msg(short_msg => "error: $@");
+        $self->{output}->option_exit();
+    }
+
+    return $events_results;
+}
+
+sub cloudtrail_trail_status {
+    my ($self, %options) = @_;
+
+    my $trail_status;
+    eval {
+        my $ct;
+        if (defined($self->{option_results}->{endpoint}) && length $self->{option_results}->{endpoint}) {
+            $ct = $self->{paws}->service('CloudTrail', region => $self->{option_results}->{region} , endpoint => $self->{option_results}->{endpoint});
+        } else {
+            $ct = $self->{paws}->service('CloudTrail', region => $self->{option_results}->{region});
+        }
+        my %ct_options = ();
+        $ct_options{Name} = $options{trail_name};
+        $trail_status = $ct->GetTrailStatus(%ct_options);
+    };
+    if ($@) {
+        $self->{output}->add_option_msg(short_msg => "error: $@");
+        $self->{output}->option_exit();
+    }
+
+    return $trail_status;
+}
+
 1;

 __END__
--- a/tests/functional/cloud/aws/cloudtrail/checktrailstatus.sh
+++ b/tests/functional/cloud/aws/cloudtrail/checktrailstatus.sh
@ -0,0 +1,34 @@
+#!/bin/bash
+
+current_dir="$( cd  "$(dirname "$0")/../../../../.." >/dev/null 2>&1 || exit ; pwd -P )"
+cmd="perl $current_dir/src/centreon_plugins.pl --plugin=cloud::aws::cloudtrail::plugin --custommode=paws --region=eu-west --aws-secret-key=secret --aws-access-key=key"
+
+nb_tests=0
+nb_tests_ok=0
+
+test_status_ok=$($cmd --mode=checktrailstatus --endpoint=http://localhost:3000/cloudtrail/gettrailstatus/true --trail-name=TrailName)
+((nb_tests++))
+if [[ $test_status_ok = "OK: Trail is logging: 1 | 'trail_is_logging'=1;;;0;" ]]
+then
+  ((nb_tests_ok++))
+else
+  echo "test_status_ok ko"
+  echo $test_status_ok
+fi
+
+test_status_critical=$($cmd --mode=checktrailstatus --endpoint=http://localhost:3000/cloudtrail/gettrailstatus/false --trail-name=TrailName)
+((nb_tests++))
+if [[ $test_status_critical = "CRITICAL: Trail is logging: 0 | 'trail_is_logging'=0;;;0;" ]]
+then
+  ((nb_tests_ok++))
+else
+  echo "test_status_critical ko"
+  echo $test_status_critical
+fi
+
+if [[ $nb_tests_ok = $nb_tests ]]
+then
+  echo "OK: "$nb_tests_ok"/"$nb_tests" tests OK"
+else
+  echo "NOK: "$nb_tests_ok"/"$nb_tests" tests OK"
+fi
--- a/tests/functional/cloud/aws/cloudtrail/countevents.sh
+++ b/tests/functional/cloud/aws/cloudtrail/countevents.sh
@ -0,0 +1,106 @@
+#!/bin/bash
+
+current_dir="$( cd  "$(dirname "$0")/../../../../.." >/dev/null 2>&1 || exit ; pwd -P )"
+cmd="perl $current_dir/src/centreon_plugins.pl --plugin=cloud::aws::cloudtrail::plugin --custommode=paws --region=eu-west --aws-secret-key=secret --aws-access-key=key"
+
+nb_tests=0
+nb_tests_ok=0
+
+endpoint_url="http://localhost:3000/cloudtrail/events/AwsApiCall/4/AwsServiceEvent/2/AwsConsoleAction/1/AwsConsoleSignIn/3/NextToken/t"
+
+test_ok=$($cmd --mode=countevents --endpoint=$endpoint_url)
+((nb_tests++))
+if [[ $test_ok = "OK: Number of events: 10.00 | 'events_count'=10.00;;;0;" ]]
+then
+  ((nb_tests_ok++))
+else
+  echo "test_ok ko"
+  echo $test_ok
+fi
+
+test_oknexttoken=$($cmd --mode=countevents --endpoint=$endpoint_url"rue")
+((nb_tests++))
+if [[ $test_oknexttoken = "OK: Number of events: 20.00 | 'events_count'=20.00;;;0;" ]]
+then
+  ((nb_tests_ok++))
+else
+  echo "$test_oknexttoken ko"
+  echo $test_oknexttoken
+fi
+
+test_okeventtype=$($cmd --mode=countevents --endpoint=$endpoint_url --event-type=AwsApiCall)
+((nb_tests++))
+if [[ $test_okeventtype = "OK: Number of events: 4.00 | 'events_count'=4.00;;;0;" ]]
+then
+  ((nb_tests_ok++))
+else
+  echo "test_okeventtype ko"
+  echo $test_okeventtype
+fi
+
+test_okeventtypenexttoken=$($cmd --mode=countevents --endpoint=$endpoint_url"rue" --event-type=AwsServiceEvent)
+((nb_tests++))
+if [[ $test_okeventtypenexttoken = "OK: Number of events: 4.00 | 'events_count'=4.00;;;0;" ]]
+then
+  ((nb_tests_ok++))
+else
+  echo "test_okeventtypenexttoken ko"
+  echo $test_okeventtypenexttoken
+fi
+
+test_okdelta=$($cmd --mode=countevents --endpoint=$endpoint_url --event-type=AwsApiCall --delta=10)
+((nb_tests++))
+if [[ $test_okdelta = "OK: Number of events: 4.00 | 'events_count'=4.00;;;0;" ]]
+then
+  ((nb_tests_ok++))
+else
+  echo "test_okdelta ko"
+  echo $test_okdelta
+fi
+
+test_okerrormessage=$($cmd --mode=countevents --endpoint=$endpoint_url --error-message='Login error')
+((nb_tests++))
+if [[ $test_okerrormessage = "OK: Number of events: 3.00 | 'events_count'=3.00;;;0;" ]]
+then
+  ((nb_tests_ok++))
+else
+  echo "test_okerrormessage ko"
+  echo $test_okerrormessage
+fi
+
+test_okerrormessagepartial=$($cmd --mode=countevents --endpoint=$endpoint_url --error-message='.*error')
+((nb_tests++))
+if [[ $test_okerrormessagepartial = "OK: Number of events: 4.00 | 'events_count'=4.00;;;0;" ]]
+then
+  ((nb_tests_ok++))
+else
+  echo "test_okerrormessagepartial ko"
+  echo $test_okerrormessagepartial
+fi
+
+test_warning=$($cmd --mode=countevents --endpoint=$endpoint_url --warning-count=3)
+((nb_tests++))
+if [[ $test_warning = "WARNING: Number of events: 10.00 | 'events_count'=10.00;;;0;" ]]
+then
+  ((nb_tests_ok++))
+else
+  echo "test_warning ko"
+  echo $test_warning
+fi
+
+test_critical=$($cmd --mode=countevents --endpoint=$endpoint_url --critical-count=5)
+((nb_tests++))
+if [[ $test_critical = "CRITICAL: Number of events: 10.00 | 'events_count'=10.00;;;0;" ]]
+then
+  ((nb_tests_ok++))
+else
+  echo "test_critical ko"
+  echo $test_critical
+fi
+
+if [[ $nb_tests_ok = $nb_tests ]]
+then
+  echo "OK: "$nb_tests_ok"/"$nb_tests" tests OK"
+else
+  echo "NOK: "$nb_tests_ok"/"$nb_tests" tests OK"
+fi
--- a/tests/resources/mockoon/cloud-aws-cloudtrail.json
+++ b/tests/resources/mockoon/cloud-aws-cloudtrail.json
@ -0,0 +1,130 @@
+{
+  "uuid": "e59ad81e-2050-480d-bbae-0e71c607c927",
+  "lastMigration": 27,
+  "name": "Aws cloudtrail",
+  "endpointPrefix": "",
+  "latency": 0,
+  "port": 3000,
+  "hostname": "",
+  "folders": [],
+  "routes": [
+    {
+      "uuid": "b5e25f3a-a8e3-4128-9e45-f2654c5a599d",
+      "type": "http",
+      "documentation": "",
+      "method": "post",
+      "endpoint": "cloudtrail/gettrailstatus/:islogging",
+      "responses": [
+        {
+          "uuid": "76483999-2022-4610-8e8c-9c0bd535e4c5",
+          "body": "{\r\n   \"IsLogging\": {{ urlParam 'islogging' 'true' }},\r\n   \"LatestCloudWatchLogsDeliveryError\": \"error\",\r\n   \"LatestCloudWatchLogsDeliveryTime\": 1683298944.125,\r\n   \"LatestDeliveryAttemptSucceeded\": \"2023-05-05T15:02:24Z\",\r\n   \"LatestDeliveryAttemptTime\": \"2023-05-05T15:02:24Z\",\r\n   \"LatestDeliveryError\": \"error\",\r\n   \"LatestDeliveryTime\": 1683298944.125,\r\n   \"LatestDigestDeliveryError\": \"error\",\r\n   \"LatestDigestDeliveryTime\": 1683298944.125,\r\n   \"LatestNotificationAttemptSucceeded\": \"2023-05-05T15:02:24Z\",\r\n   \"LatestNotificationAttemptTime\": \"2023-05-05T15:02:24Z\",\r\n   \"LatestNotificationError\": \"error\",\r\n   \"LatestNotificationTime\": 1683298944.125,\r\n   \"StartLoggingTime\": 1683298944.125,\r\n   \"StopLoggingTime\": 1683298477.918,\r\n   \"TimeLoggingStarted\": \"2023-05-05T15:02:24Z\",\r\n   \"TimeLoggingStopped\": \"2023-05-05T14:54:37Z\"\r\n}",
+          "latency": 0,
+          "statusCode": 200,
+          "label": "",
+          "headers": [
+            {
+              "key": "Content-Type",
+              "value": "application/json"
+            }
+          ],
+          "bodyType": "INLINE",
+          "filePath": "",
+          "databucketID": "",
+          "sendFileAsBody": false,
+          "rules": [],
+          "rulesOperator": "OR",
+          "disableTemplating": false,
+          "fallbackTo404": false,
+          "default": true
+        }
+      ],
+      "enabled": true,
+      "responseMode": null
+    },
+    {
+      "uuid": "77f82f1c-b06e-478a-8366-ab325830f00e",
+      "type": "http",
+      "documentation": "",
+      "method": "post",
+      "endpoint": "cloudtrail/events/AwsApiCall/:AwsApiCall/AwsServiceEvent/:AwsServiceEvent/AwsConsoleAction/:AwsConsoleAction/AwsConsoleSignIn/:AwsConsoleSignIn/NextToken/:NextToken",
+      "responses": [
+        {
+          "uuid": "7dd41177-8d63-458a-abcc-b3af3ea8c9cd",
+          "body": "{\r\n\t\"Events\": [\r\n\t\t{{#each (dataRaw 'Events')}}\r\n\t\t  {{#if (gt @index 0)}}\r\n\t\t    ,\r\n\t\t  {{/if}}\r\n  \t\t{\r\n  \t\t\t\"AccessKeyId\": \"{{AccessKeyId}}\",\r\n  \t\t\t\"CloudTrailEvent\": \"{\\\"awsRegion\\\": \\\"eu-west-1\\\", {{#if Error}}\\\"errorCode\\\": \\\"{{ErrorCode}}\\\", \\\"errorMessage\\\": \\\"{{ErrorMessage}}\\\",{{/if}} \\\"eventCategory\\\": \\\"Management\\\", \\\"eventID\\\": \\\"{{EventId}}\\\", \\\"eventName\\\": \\\"{{EventName}}\\\", \\\"eventSource\\\": \\\"{{EventSource}}\\\", \\\"eventTime\\\": \\\"{{EventTime}}\\\", \\\"eventType\\\": \\\"{{EventType}}\\\", \\\"eventVersion\\\": \\\"1.08\\\", \\\"managementEvent\\\": true, \\\"readOnly\\\": true, \\\"recipientAccountId\\\": \\\"{{AccountId}}\\\", \\\"requestID\\\": \\\"{{ faker 'datatype.uuid' }}\\\", \\\"requestParameters\\\": null, \\\"responseElements\\\": null, \\\"sourceIPAddress\\\": \\\"{{ faker 'internet.ip' }}\\\", \\\"tlsDetails\\\": {\\\"cipherSuite\\\": \\\"ECDHE-RSA-AES128-GCM-SHA256\\\", \\\"clientProvidedHostHeader\\\": \\\"cloudtrail.eu-west-1.amazonaws.com\\\", \\\"tlsVersion\\\": \\\"TLSv1.2\\\"}, \\\"userAgent\\\": \\\"aws-cli/2.11.0 Python/3.11.2 Darwin/22.2.0 source/x86_64 prompt/off command/cloudtrail.lookup-events\\\", \\\"userIdentity\\\": {\\\"accessKeyId\\\": \\\"{{AccessKeyId}}\\\", \\\"accountId\\\": \\\"{{AccountId}}\\\", \\\"arn\\\": \\\"arn:aws:sts::{{AccountId}}:assumed-role/{{UserRole}}/{{UserName}}\\\", \\\"principalId\\\": \\\"{{PrincipalId}}:{{UserName}}\\\", \\\"sessionContext\\\": {\\\"attributes\\\": {\\\"creationDate\\\": \\\"{{ faker 'date.past' EventTime }}\\\", \\\"mfaAuthenticated\\\": \\\"false\\\"}, \\\"sessionIssuer\\\": {\\\"accountId\\\": \\\"{{AccountId}}\\\", \\\"arn\\\": \\\"arn:aws:iam::{{AccountId}}:role/{{UserRole}}\\\", \\\"principalId\\\": \\\"{{PrincipalId}}\\\", \\\"type\\\": \\\"Role\\\", \\\"userName\\\": \\\"{{UserRole}}\\\"}, \\\"webIdFederationData\\\": {}}, \\\"type\\\": \\\"{{ faker 'name.jobArea' }}\\\"}}\",\r\n  \t\t\t\"EventId\": \"{{EventId}}\",\r\n  \t\t\t\"EventName\": \"{{EventName}}\",\r\n  \t\t\t\"EventSource\": \"{{EventSource}}\",\r\n  \t\t\t\"EventTime\": \"{{EventTime}}\",\r\n  \t\t\t\"ReadOnly\": \"true\",\r\n  \t\t\t\"Resources\": [\r\n  \t\t\t],\r\n  \t\t\t\"Username\": \"{{UserName}}\"\r\n  \t\t}\r\n\t\t{{/each}}\r\n\t]\r\n\t{{#if (gte (indexOf (urlParam 'NextToken') 'true' 0) 0)}}\r\n\t  {{#unless (includes (stringify (body)) 'NextToken')}}\r\n\t\t  ,\"NextToken\": \"{{ faker 'random.alphaNumeric' 64 casing='upper' }}\"\r\n\t\t{{/unless}}\r\n\t{{/if}}\r\n}",
+          "latency": 0,
+          "statusCode": 200,
+          "label": "",
+          "headers": [],
+          "bodyType": "INLINE",
+          "filePath": "",
+          "databucketID": "c5kh",
+          "sendFileAsBody": false,
+          "rules": [],
+          "rulesOperator": "OR",
+          "disableTemplating": false,
+          "fallbackTo404": false,
+          "default": true
+        }
+      ],
+      "enabled": true,
+      "responseMode": null
+    }
+  ],
+  "rootChildren": [
+    {
+      "type": "route",
+      "uuid": "b5e25f3a-a8e3-4128-9e45-f2654c5a599d"
+    },
+    {
+      "type": "route",
+      "uuid": "77f82f1c-b06e-478a-8366-ab325830f00e"
+    }
+  ],
+  "proxyMode": false,
+  "proxyHost": "",
+  "proxyRemovePrefix": false,
+  "tlsOptions": {
+    "enabled": false,
+    "type": "CERT",
+    "pfxPath": "",
+    "certPath": "",
+    "keyPath": "",
+    "caPath": "",
+    "passphrase": ""
+  },
+  "cors": true,
+  "headers": [
+    {
+      "key": "Content-Type",
+      "value": "application/json"
+    }
+  ],
+  "proxyReqHeaders": [
+    {
+      "key": "",
+      "value": ""
+    }
+  ],
+  "proxyResHeaders": [
+    {
+      "key": "",
+      "value": ""
+    }
+  ],
+  "data": [
+    {
+      "uuid": "76dec2a5-ff63-4e81-9611-94b900ab16e1",
+      "id": "c5kh",
+      "name": "EventsData",
+      "documentation": "",
+      "value": "[\n  {{#each (dataRaw 'EventsTypeData')}}\n    {{#if (gte @isEvent 1)}}\n    ,\n    {{/if}}\n    {{setVar 'isEvent' (add (urlParam name) @isEvent)}}\n    {{#repeat (urlParam name comma=true)}}\n      {\n        \"AccessKeyId\": \"{{ faker 'random.alphaNumeric' 20 casing='upper' }}\",\n        \"AccountId\": \"{{ faker 'random.numeric' 12 }}\",\n        \"Error\": {{error}},\n        {{#if error}}\n        \"ErrorCode\": \"{{errorCode}}\",\n\t      \"ErrorMessage\": \"{{errorMessage}}\",\n        {{/if}}\n        \"EventId\": \"{{ faker 'datatype.uuid' }}\",\n        \"EventName\": \"{{oneOf (array 'LookupEvents' 'ListInstanceAssociations' 'AssumeRoleWithWebIdentity')}}\",\n        \"EventSource\": \"{{oneOf (array 'cloudtrail.amazonaws.com' 'ssm.amazonaws.com' 'sts.amazonaws.com')}}\",\n        \"EventTime\": \"{{ faker 'date.recent' }}\",\n        \"EventType\": \"{{name}}\",\n        \"PrincipalId\": \"{{ faker 'random.alphaNumeric' 20 casing='upper' }}\",\n        \"UserName\": \"{{ faker 'internet.userName' }}\",\n        \"UserRole\": \"{{ faker 'name.jobType' }}\"\n      }\n    {{/repeat}}\n  {{/each}}\n]"
+    },
+    {
+      "uuid": "5dce6340-bade-4336-8041-50fd22570055",
+      "id": "nu28",
+      "name": "EventsTypeData",
+      "documentation": "",
+      "value": "[\n  {\n    \"name\": \"AwsApiCall\",\n    \"error\": false\n  },\n  {\n    \"name\": \"AwsServiceEvent\",\n    \"error\": false\n  },\n  {\n    \"name\": \"AwsConsoleAction\",\n    \"error\": true,\n  \t\"errorCode\": \"ThrottlingException\",\n  \t\"errorMessage\": \"Rate exceeded error\"\n  },\n  {\n    \"name\": \"AwsConsoleSignIn\",\n    \"error\": true,\n    \"errorCode\": \"LoginErrorException\",\n    \"errorMessage\": \"Login error\"\n  }\n]"
+    }
+  ]
+}