private static SensorEnrichmentConfig findConfigBySensorType(SourceConfigHandler scHandler, Map<String, SensorEnrichmentConfig> sourceConfigsChanged, String key) throws Exception { SensorEnrichmentConfig config = sourceConfigsChanged.get(key); if(config == null) { config = scHandler.readConfig(key); if(LOG.isDebugEnabled()) { LOG.debug(config.toJSON()); } } return config; }
@Override public void persistConfig(String sensor, SensorEnrichmentConfig config) throws Exception { ConfigurationsUtils.writeSensorEnrichmentConfigToZookeeper(sensor, config.toJSON().getBytes(), client); } }
@Test public void testSerDe() throws IOException { for(File enrichmentConfig : new File(new File(TestConstants.ENRICHMENTS_CONFIGS_PATH), "enrichments").listFiles()) { SensorEnrichmentConfig config = null; try (BufferedReader br = new BufferedReader(new FileReader(enrichmentConfig))) { String parserStr = IOUtils.toString(br); config = SensorEnrichmentConfig.fromBytes(parserStr.getBytes()); } SensorEnrichmentConfig config2 = SensorEnrichmentConfig.fromBytes(config.toJSON().getBytes()); Assert.assertEquals(config2, config); } } }
Assert.assertNotNull(outputScs.get("bro")); Assert.assertNotSame(outputScs.get("bro"), broSc); Assert.assertEquals( outputScs.get("bro").toJSON() , ((List<String>)outputScs.get("bro").getEnrichment().getFieldMap().get(Constants.SIMPLE_HBASE_ENRICHMENT)).size() , 2 ); Assert.assertTrue( outputScs.get("bro").toJSON() , ((List<String>)outputScs.get("bro").getEnrichment().getFieldMap() .get(Constants.SIMPLE_HBASE_ENRICHMENT)) .contains("ip_src_addr") ); Assert.assertTrue( outputScs.get("bro").toJSON() , ((List<String>)outputScs.get("bro").getEnrichment().getFieldMap() .get(Constants.SIMPLE_HBASE_ENRICHMENT)) .contains("ip_dst_addr") ); Assert.assertEquals( outputScs.get("bro").toJSON() , outputScs.get("bro").getEnrichment().getFieldToTypeMap().keySet().size() , 2 ); Assert.assertEquals( outputScs.get("bro").toJSON() , ((List<String>)(outputScs.get("bro").getEnrichment().getFieldToTypeMap().get("ip_src_addr"))).size() , 1 ); Assert.assertEquals( outputScs.get("bro").toJSON() , ((List<String>)(outputScs.get("bro").getEnrichment().getFieldToTypeMap().get("ip_src_addr"))).get(0) , "playful" ); Assert.assertEquals( outputScs.get("bro").toJSON()
Assert.assertNotNull(finalEnrichmentConfig.get("bro")); Assert.assertNotSame(finalEnrichmentConfig.get("bro"), broSc); Assert.assertEquals( finalEnrichmentConfig.get("bro").toJSON() , ((List<String>)finalEnrichmentConfig.get("bro").getThreatIntel().getFieldMap().get(Constants.SIMPLE_HBASE_THREAT_INTEL)).size() , 2 ); Assert.assertEquals(1, finalEnrichmentConfig.get("bro").getThreatIntel().getTriageConfig().getRiskLevelRules().size()); Assert.assertTrue( finalEnrichmentConfig.get("bro").toJSON() , ((List<String>)finalEnrichmentConfig.get("bro").getThreatIntel().getFieldMap() .get(Constants.SIMPLE_HBASE_THREAT_INTEL)) .contains("ip_src_addr") ); Assert.assertTrue( finalEnrichmentConfig.get("bro").toJSON() , ((List<String>)finalEnrichmentConfig.get("bro").getThreatIntel().getFieldMap() .get(Constants.SIMPLE_HBASE_THREAT_INTEL)) .contains("ip_dst_addr") ); Assert.assertEquals( finalEnrichmentConfig.get("bro").toJSON() , finalEnrichmentConfig.get("bro").getThreatIntel().getFieldToTypeMap().keySet().size() , 2 ); Assert.assertEquals( finalEnrichmentConfig.get("bro").toJSON() , ((List<String>)(finalEnrichmentConfig.get("bro").getThreatIntel().getFieldToTypeMap().get("ip_src_addr"))).size() , 2 ); Assert.assertTrue( finalEnrichmentConfig.get("bro").toJSON() , ((List<String>)(finalEnrichmentConfig.get("bro").getThreatIntel().getFieldToTypeMap().get("ip_src_addr"))).contains("playful") ); Assert.assertTrue( finalEnrichmentConfig.get("bro").toJSON()