コード例 #1
0
  @Test
  public void testWindowsRegistryInputCrud() {
    Service service = connect();
    InputCollection inputCollection = service.getInputs();
    ServiceInfo info = service.getInfo();

    if (info.getOsName().equals("Windows")) {
      String name = "sdk-input-wr";
      Args args = new Args();

      if (service.versionCompare("4.3") < 0) return;

      if (inputCollection.containsKey(name)) {
        inputCollection.remove(name);
        inputCollection.refresh();
      }
      assertFalse(assertRoot + "#71", inputCollection.containsKey(name));

      // CRUD Windows Registry Input
      args.put("disabled", true);
      args.put("baseline", false);
      args.put("hive", "HKEY_USERS");
      args.put("proc", "*");
      args.put("type", "*");
      inputCollection.create(name, InputKind.WindowsRegistry, args);
      assertTrue(assertRoot + "#72", inputCollection.containsKey(name));
      WindowsRegistryInput windowsRegistryInput = (WindowsRegistryInput) inputCollection.get(name);

      windowsRegistryInput.setIndex("main");
      windowsRegistryInput.setMonitorSubnodes(true);
      windowsRegistryInput.update();

      assertFalse(assertRoot + "#73", windowsRegistryInput.getBaseline());
      assertEquals(assertRoot + "#74", "main", windowsRegistryInput.getIndex());

      // adjust a few of the arguments
      windowsRegistryInput.setType("create,delete");
      windowsRegistryInput.setBaseline(false);
      windowsRegistryInput.update();

      assertEquals(assertRoot + "#75", "*", windowsRegistryInput.getProc());
      assertTrue(assertRoot + "#76", windowsRegistryInput.getType().contains("create"));
      assertTrue(assertRoot + "#77", windowsRegistryInput.getType().contains("delete"));
      assertFalse(assertRoot + "#78", windowsRegistryInput.getBaseline());

      windowsRegistryInput.remove();
      inputCollection.refresh();
      assertFalse(assertRoot + "#79", inputCollection.containsKey(name));
    }
  }
コード例 #2
0
  private void touchSpecificInput(Input input) {
    InputKind inputKind = input.getKind();
    TcpConnections tcpConnections = null;
    UdpConnections udpConnections = null;

    switch (inputKind) {
      case Monitor:
        MonitorInput monitorInput = (MonitorInput) input;
        monitorInput.getBlacklist();
        monitorInput.getCrcSalt();
        monitorInput.getFileCount();
        monitorInput.getFollowTail();
        monitorInput.getHost();
        monitorInput.getHostRegex();
        monitorInput.getIgnoreOlderThan();
        monitorInput.getIndex();
        monitorInput.getQueue();
        monitorInput.getRcvBuf();
        monitorInput.getRecursive();
        monitorInput.getSource();
        monitorInput.getSourceType();
        monitorInput.getTimeBeforeClose();
        monitorInput.getWhitelist();
        break;
      case Script:
        ScriptInput scriptInput = (ScriptInput) input;
        scriptInput.getEndTime();
        scriptInput.getGroup();
        scriptInput.getHost();
        scriptInput.getIndex();
        scriptInput.getInterval();
        scriptInput.getRcvBuf();
        scriptInput.getStartTime();
        break;
      case Tcp:
        TcpInput tcpInput = (TcpInput) input;
        tcpInput.getConnectionHost();
        tcpInput.getGroup();
        tcpInput.getHost();
        tcpInput.getIndex();
        tcpInput.getQueue();
        tcpInput.getRcvBuf();
        tcpInput.getRestrictToHost();
        tcpInput.getSource();
        tcpInput.getSourceType();
        tcpInput.getSSL();
        tcpConnections = tcpInput.connections();
        tcpConnections.getConnection();
        tcpConnections.getServername();
        break;
      case TcpSplunk:
        TcpSplunkInput tcpSplunkInput = (TcpSplunkInput) input;
        tcpSplunkInput.getConnectionHost();
        tcpSplunkInput.getGroup();
        tcpSplunkInput.getHost();
        tcpSplunkInput.getIndex();
        tcpSplunkInput.getQueue();
        tcpSplunkInput.getRcvBuf();
        tcpSplunkInput.getSource();
        tcpSplunkInput.getSourceType();
        tcpSplunkInput.getSSL();
        tcpConnections = tcpSplunkInput.connections();
        tcpConnections.getConnection();
        tcpConnections.getServername();
        break;
      case Udp:
        UdpInput udpInput = (UdpInput) input;
        udpInput.getConnectionHost();
        udpInput.getGroup();
        udpInput.getHost();
        udpInput.getIndex();
        udpInput.getQueue();
        udpInput.getRcvBuf();
        udpInput.getSource();
        udpInput.getSourceType();
        udpInput.getNoAppendingTimeStamp();
        udpInput.getNoPriorityStripping();
        udpConnections = udpInput.connections();
        udpConnections.getGroup();
        break;
      case WindowsActiveDirectory:
        WindowsActiveDirectoryInput windowsActiveDirectoryInput =
            (WindowsActiveDirectoryInput) input;
        windowsActiveDirectoryInput.getIndex();
        windowsActiveDirectoryInput.getMonitorSubtree();
        windowsActiveDirectoryInput.getStartingNode();
        windowsActiveDirectoryInput.getTargetDc();
        break;
      case WindowsEventLog:
        WindowsEventLogInput windowsEventLogInput = (WindowsEventLogInput) input;
        windowsEventLogInput.getHosts();
        windowsEventLogInput.getIndex();
        windowsEventLogInput.getLocalName();
        windowsEventLogInput.getLogs();
        windowsEventLogInput.getLookupHost();
        break;
      case WindowsPerfmon:
        WindowsPerfmonInput windowsPerfmonInput = (WindowsPerfmonInput) input;
        windowsPerfmonInput.getCounters();
        windowsPerfmonInput.getIndex();
        windowsPerfmonInput.getInstances();
        windowsPerfmonInput.getInterval();
        windowsPerfmonInput.getObject();
        break;
      case WindowsRegistry:
        WindowsRegistryInput windowsRegistryInput = (WindowsRegistryInput) input;
        windowsRegistryInput.getBaseline();
        windowsRegistryInput.getHive();
        windowsRegistryInput.getIndex();
        windowsRegistryInput.getMonitorSubnodes();
        windowsRegistryInput.getProc();
        windowsRegistryInput.getType();
        break;
      case WindowsWmi:
        WindowsWmiInput windowsWmiInput = (WindowsWmiInput) input;
        windowsWmiInput.getClasses();
        windowsWmiInput.getFields();
        windowsWmiInput.getIndex();
        windowsWmiInput.getInstances();
        windowsWmiInput.getInterval();
        windowsWmiInput.getLocalName();
        windowsWmiInput.getLookupHost();
        windowsWmiInput.getServers();
        windowsWmiInput.getWql();
        break;
    }
  }