Skip to content

Commit

Permalink
fix amides tests
Browse files Browse the repository at this point in the history
  • Loading branch information
@ekneg54
ekneg54 committed Oct 16, 2023
1 parent c42c782 commit 68dd339
Showing 1 changed file with 0 additions and 11 deletions.
11 changes: 0 additions & 11 deletions tests/unit/processor/amides/test_amides.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,6 @@ class TestAmides(BaseProcessorTestCase):

def test_process_event_malicious_process_command_line(self):
self.object.setup()
assert self.object.metrics.number_of_processed_events == 0
document = {
"winlog": {
"event_id": 1,
Expand All @@ -36,7 +35,6 @@ def test_process_event_malicious_process_command_line(self):
}

self.object.process(document)
assert self.object.metrics.number_of_processed_events == 1

result = document.get("amides")
assert result
Expand All @@ -53,7 +51,6 @@ def test_process_event_malicious_process_command_line(self):

def test_process_event_benign_process_command_line(self):
self.object.setup()
assert self.object.metrics.number_of_processed_events == 0
document = {
"winlog": {
"event_id": 1,
Expand All @@ -62,7 +59,6 @@ def test_process_event_benign_process_command_line(self):
},
}
self.object.process(document)
assert self.object.metrics.number_of_processed_events == 1
result = document.get("amides")
assert result
assert result["confidence"] < self.CONFIG.get("decision_threshold") and not result.get(
Expand All @@ -85,10 +81,8 @@ def test_process_event_benign_process_command_line(self):
@pytest.mark.parametrize("document", no_pc_events)
def test_process_event_no_process_creation_events(self, document):
self.object.setup()
assert self.object.metrics.number_of_processed_events == 0

self.object.process(document)
assert self.object.metrics.number_of_processed_events == 1
assert not document.get("amides")
assert self.object.metrics.total_cmdlines == 0
assert self.object.metrics.new_results == 0
Expand All @@ -99,14 +93,12 @@ def test_process_event_no_process_creation_events(self, document):

def test_process_event_without_command_line_field(self):
self.object.setup()
assert self.object.metrics.number_of_processed_events == 0
document = {
"winlog": {"event_id": 1, "provider_name": "Microsoft-Windows-Sysmon"},
"some": {"random": "data"},
}

self.object.process(document)
assert self.object.metrics.number_of_processed_events == 1
assert not document.get("amides")
assert self.object.metrics.total_cmdlines == 0
assert self.object.metrics.new_results == 0
Expand All @@ -117,7 +109,6 @@ def test_process_event_without_command_line_field(self):

def test_classification_results_from_cache(self):
self.object.setup()
assert self.object.metrics.number_of_processed_events == 0
document = {
"winlog": {
"event_id": 1,
Expand All @@ -129,7 +120,6 @@ def test_classification_results_from_cache(self):

self.object.process(document)
self.object.process(other_document)
assert self.object.metrics.number_of_processed_events == 2

assert other_document.get("amides") == document.get("amides")
assert self.object.metrics.total_cmdlines == 2
Expand All @@ -142,7 +132,6 @@ def test_classification_results_from_cache(self):

def test_process_event_raise_duplication_error(self, caplog):
self.object.setup()
assert self.object.metrics.number_of_processed_events == 0
document = {
"winlog": {
"event_id": 1,
Expand Down

0 comments on commit 68dd339

Please sign in to comment.