Skip to content

Commit 97587da

Browse files
ajasnoszajasnosz
authored
chore: add netapp tests (#2705)
* chore: add netapp test * chore: update netapp config * chore: fix typo
1 parent 124804b commit 97587da

File tree

4 files changed

+79
-6
lines changed

4 files changed

+79
-6
lines changed

package/etc/conf.d/conflib/netsource/app-netsource-netapp_ontap.conf

Lines changed: 23 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,26 @@ block parser app-netsource-netapp_ontap() {
3434
class('audit')
3535
);
3636
};
37+
} elif {
38+
parser {
39+
regexp-parser(
40+
prefix(".tmp.")
41+
patterns('\[(?<host>[^:]+):(?<category>[^:]+):(?<severity>[^\]]+)\]: (?<message>.*)')
42+
template("${MESSAGE}")
43+
);
44+
};
45+
rewrite {
46+
set('${.tmp.message}' value('MESSAGE'));
47+
set('${.tmp.host}' value('HOST'));
48+
set('${.tmp.category}' value('fields.category'));
49+
set('${.tmp.severity}' value('fields.severity'));
50+
};
51+
rewrite {
52+
r_set_splunk_dest_update_v2(
53+
sourcetype('netapp:ontap:ems')
54+
class('ems')
55+
);
56+
};
3757
} else {
3858
rewrite {
3959
r_set_splunk_dest_update_v2(
@@ -46,10 +66,10 @@ block parser app-netsource-netapp_ontap() {
4666
};
4767

4868
application app-netsource-netapp_ontap[sc4s-network-source] {
49-
filter {
69+
filter {
5070
match("netapp", value('.netsource.sc4s_vendor'), type(string))
5171
and match("ontap", value('.netsource.sc4s_product'), type(string))
5272
and "`SC4S_NETAPP_ONTAP_NEW_FORMAT`" eq "yes"
53-
};
73+
};
5474
parser { app-netsource-netapp_ontap(); };
55-
};
75+
};

package/etc/test_parsers/app-vps-test-netapp_ontap.conf

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,7 @@
11
application app-vps-test-netapp_ontap[sc4s-vps] {
22
filter {
33
host("netapp-ontap-" type(string) flags(prefix))
4+
or message("[netapp-ontap-" type(string) flags(prefix))
45
or (
56
message("netapp-ontap-" type(string) flags(prefix))
67
and program("netapp-ontap-" type(string) flags(prefix))

package/lite/etc/addons/netapp/app-netsource-netapp_ontap.conf

Lines changed: 23 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,26 @@ block parser app-netsource-netapp_ontap() {
3434
class('audit')
3535
);
3636
};
37+
} elif {
38+
parser {
39+
regexp-parser(
40+
prefix(".tmp.")
41+
patterns('\[(?<host>[^:]+):(?<category>[^:]+):(?<severity>[^\]]+)\]: (?<message>.*)')
42+
template("${MESSAGE}")
43+
);
44+
};
45+
rewrite {
46+
set('${.tmp.message}' value('MESSAGE'));
47+
set('${.tmp.host}' value('HOST'));
48+
set('${.tmp.category}' value('fields.category'));
49+
set('${.tmp.severity}' value('fields.severity'));
50+
};
51+
rewrite {
52+
r_set_splunk_dest_update_v2(
53+
sourcetype('netapp:ontap:ems')
54+
class('ems')
55+
);
56+
};
3757
} else {
3858
rewrite {
3959
r_set_splunk_dest_update_v2(
@@ -46,10 +66,10 @@ block parser app-netsource-netapp_ontap() {
4666
};
4767

4868
application app-netsource-netapp_ontap[sc4s-network-source] {
49-
filter {
69+
filter {
5070
match("netapp", value('.netsource.sc4s_vendor'), type(string))
5171
and match("ontap", value('.netsource.sc4s_product'), type(string))
5272
and "`SC4S_NETAPP_ONTAP_NEW_FORMAT`" eq "yes"
53-
};
73+
};
5474
parser { app-netsource-netapp_ontap(); };
55-
};
75+
};

tests/test_netapp.py

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -87,4 +87,36 @@ def test_netapp_ontap_ems_rfc5424(
8787
record_property("resultCount", result_count)
8888
record_property("message", message)
8989

90+
assert result_count == 1
91+
92+
93+
# Netapp Ontap EMS event
94+
# <13>Feb 10 11:36:10 [cluster-01:secd.conn.auth.failure:notice]: Vserver (datavserver) could not make a connection over the network to server (ip 2.3.3.3, port 389). Error: Operation timed out (Service: LDAP (Active Directory), Operation: SiteDiscovery).
95+
@pytest.mark.addons("netapp")
96+
def test_netapp_ontap_ems(
97+
record_property, get_host_key, setup_splunk, setup_sc4s
98+
):
99+
host = "netapp-ontap-" + get_host_key
100+
101+
dt = datetime.datetime.now(datetime.timezone.utc)
102+
_, bsd, _, _, _, _, epoch = time_operations(dt)
103+
104+
# Tune time functions
105+
epoch = epoch[:-7]
106+
mt = env.from_string(
107+
"{{ mark }}{{ bsd }} [{{ host }}:{{ category }}:{{ severity }}]: Vserver (datavserver) could not make a connection over the network to server (ip 2.3.3.3, port 389). Error: Operation timed out (Service: LDAP (Active Directory), Operation: SiteDiscovery)")
108+
message = mt.render(mark="<13>", bsd=bsd, host=host, category="secd.conn.auth.failure", severity="notice")
109+
sendsingle(message, setup_sc4s[0], setup_sc4s[1][514])
110+
111+
st = env.from_string(
112+
'search index=infraops _time={{ epoch }} sourcetype="netapp:ontap:ems" host="{{ host }}"'
113+
)
114+
search = st.render(epoch=epoch, host=host)
115+
116+
result_count, _ = splunk_single(setup_splunk, search)
117+
118+
record_property("host", host)
119+
record_property("resultCount", result_count)
120+
record_property("message", message)
121+
90122
assert result_count == 1

0 commit comments

Comments
 (0)