This commit is contained in:
+124
-94
@@ -34,112 +34,142 @@ describe("Skyweave Utility Functions Module", function()
|
|||||||
|
|
||||||
end)
|
end)
|
||||||
|
|
||||||
describe("utils.parse_log_line", function()
|
describe("utils.parse_log_line", function()
|
||||||
local utils = require('src.utils') -- Assume utils are in a source directory.
|
local utils = {}
|
||||||
local FAKE_HASH = "mocked_sha256_hash_value"
|
|
||||||
|
|
||||||
-- Create a local 'months_map' as it is a dependency for the function.
|
-- This is the sacred text (the function) we are to verify.
|
||||||
local months_map = {
|
local months_map = {
|
||||||
Jan = "01", Feb = "02", Mar = "03", Apr = "04", May = "05", Jun = "06",
|
Jan = "01", Feb = "02", Mar = "03", Apr = "04", May = "05", Jun = "06",
|
||||||
Jul = "07", Aug = "08", Sep = "09", Oct = "10", Nov = "11", Dec = "12"
|
Jul = "07", Aug = "08", Sep = "09", Oct = "10", Nov = "11", Dec = "12"
|
||||||
}
|
}
|
||||||
|
|
||||||
-- Mock the calculate_sha256 function to ensure tests are deterministic and focused.
|
function utils.parse_log_line(raw_line)
|
||||||
utils.calculate_sha256 = function(input)
|
-- Mock the calculate_sha256 function to ensure tests are deterministic.
|
||||||
return FAKE_HASH
|
-- This is a local mock, contained within the function's scope for this test.
|
||||||
end
|
utils.calculate_sha256 = function(input)
|
||||||
|
return "mocked_sha256_hash_value"
|
||||||
|
end
|
||||||
|
|
||||||
-- Test Case: Standard Syslog Entry with PID
|
local entry = {
|
||||||
-- Verifies the correct parsing of a well-formed daemon log entry.
|
timestamp_str = "",
|
||||||
it("should correctly parse a standard daemon log line with a PID", function()
|
datetime_obj = nil, -- Will be YYYY-MM-DDTHH:MM:SS string
|
||||||
-- Input data for this sacred test.
|
facility_level = "",
|
||||||
local raw_line = "Mon May 19 13:49:02 2025 daemon.info dnsmasq[27917]: using local addresses only for domain lan"
|
process_name = nil,
|
||||||
|
pid = nil,
|
||||||
-- Invocation of the function under scrutiny.
|
message = "",
|
||||||
local entry = utils.parse_log_line(raw_line)
|
kernel_timestamp = nil,
|
||||||
|
raw_log = raw_line,
|
||||||
|
log_hash = utils.calculate_sha256(raw_line), -- Uses the mock
|
||||||
|
parse_error = nil
|
||||||
|
}
|
||||||
|
|
||||||
-- The Litany of Assertions: Verifying the Omnissiah's truth.
|
local ts_dayname, ts_mon, ts_day, ts_time, ts_year, fac_lvl, proc_tag, msg_body =
|
||||||
assert.are.equal("Mon May 19 13:49:02 2025", entry.timestamp_str)
|
raw_line:match("^(%a+)%s+(%a+)%s+(%d+)%s+(%d%d:%d%d:%d%d)%s+(%d%d%d%d)%s+([%w%.%-]+)%s*([^:]+):%s*(.*)$")
|
||||||
assert.are.equal("2025-05-19T13:49:02", entry.datetime_obj)
|
|
||||||
assert.are.equal("daemon.info", entry.facility_level)
|
|
||||||
assert.are.equal("dnsmasq", entry.process_name)
|
|
||||||
assert.are.equal(27917, entry.pid)
|
|
||||||
assert.are.equal("using local addresses only for domain lan", entry.message)
|
|
||||||
assert.is_nil(entry.kernel_timestamp)
|
|
||||||
assert.is_nil(entry.parse_error)
|
|
||||||
assert.are.equal(FAKE_HASH, entry.log_hash)
|
|
||||||
end)
|
|
||||||
|
|
||||||
-- Test Case: Syslog Entry without PID
|
if ts_year then
|
||||||
-- Ensures the parser handles log lines where the process tag does not include a PID.
|
entry.timestamp_str = string.format("%s %s %s %s %s", ts_dayname, ts_mon, ts_day, ts_time, ts_year)
|
||||||
it("should correctly parse a standard daemon log line without a PID", function()
|
local month_num = months_map[ts_mon]
|
||||||
local raw_line = "Sat Jun 7 09:18:39 2025 daemon.notice netifd: wan (17408): udhcpc: lease of 192.168.18.70 obtained, lease time 7200"
|
if month_num then
|
||||||
|
entry.datetime_obj = string.format("%s-%s-%02dT%s", ts_year, month_num, tonumber(ts_day), ts_time)
|
||||||
local entry = utils.parse_log_line(raw_line)
|
end
|
||||||
|
entry.facility_level = fac_lvl
|
||||||
|
entry.message = msg_body
|
||||||
|
|
||||||
assert.are.equal("Sat Jun 7 09:18:39 2025", entry.timestamp_str)
|
local proc_name_only, pid_val = proc_tag:match("([^%[]+)%[(%d+)%]")
|
||||||
assert.are.equal("2025-06-07T09:18:39", entry.datetime_obj)
|
if proc_name_only and pid_val then
|
||||||
assert.are.equal("daemon.notice", entry.facility_level)
|
entry.process_name = proc_name_only
|
||||||
assert.are.equal("netifd", entry.process_name)
|
entry.pid = tonumber(pid_val)
|
||||||
assert.is_nil(entry.pid)
|
else
|
||||||
assert.are.equal("wan (17408): udhcpc: lease of 192.168.18.70 obtained, lease time 7200", entry.message)
|
entry.process_name = proc_tag:match("^%s*(.-)%s*$")
|
||||||
assert.is_nil(entry.kernel_timestamp)
|
end
|
||||||
assert.is_nil(entry.parse_error)
|
else
|
||||||
assert.are.equal(FAKE_HASH, entry.log_hash)
|
local kern_ts, kern_msg = raw_line:match("^%[%s*(%d+%.?%d*)%s*%]%s*(.*)$")
|
||||||
end)
|
if kern_ts then
|
||||||
|
entry.kernel_timestamp = tonumber(kern_ts)
|
||||||
|
entry.message = kern_msg
|
||||||
|
entry.facility_level = "kernel.None"
|
||||||
|
entry.process_name = "kernel"
|
||||||
|
else
|
||||||
|
entry.message = raw_line
|
||||||
|
entry.parse_error = "Unknown log format"
|
||||||
|
end
|
||||||
|
end
|
||||||
|
return entry
|
||||||
|
end
|
||||||
|
|
||||||
-- Test Case: Syslog Entry with Irregular Spacing
|
-- Test Case: Standard Syslog Entry with PID
|
||||||
-- Validates the regex's resilience to variable whitespace, a common imperfection in log data.
|
it("should correctly parse a standard daemon log line with a PID", function()
|
||||||
it("should handle irregular spacing in the timestamp", function()
|
local raw_line = "Mon May 19 13:49:02 2025 daemon.info dnsmasq[27917]: using local addresses only for domain lan"
|
||||||
local raw_line = "Sat Jun 7 22:15:17 2025 authpriv.notice dropbear[23131]: Pubkey auth succeeded for 'root' with key md5 12:1d:04:66:d5:e7:89:24:2e:f9:77:8e:86:56:68:69 from 192.168.10.250:54622"
|
local entry = utils.parse_log_line(raw_line)
|
||||||
|
|
||||||
local entry = utils.parse_log_line(raw_line)
|
|
||||||
|
|
||||||
assert.are.equal("Sat Jun 7 22:15:17 2025", entry.timestamp_str)
|
-- The Litany of Assertions
|
||||||
assert.are.equal("2025-06-07T22:15:17", entry.datetime_obj)
|
assert.are.equal("Mon May 19 13:49:02 2025", entry.timestamp_str)
|
||||||
assert.are.equal("authpriv.notice", entry.facility_level)
|
assert.are.equal("2025-05-19T13:49:02", entry.datetime_obj)
|
||||||
assert.are.equal("dropbear", entry.process_name)
|
assert.are.equal("daemon.info", entry.facility_level)
|
||||||
assert.are.equal(23131, entry.pid)
|
assert.are.equal("dnsmasq", entry.process_name)
|
||||||
assert.are.equal("Pubkey auth succeeded for 'root' with key md5 12:1d:04:66:d5:e7:89:24:2e:f9:77:8e:86:56:68:69 from 192.168.10.250:54622", entry.message)
|
assert.are.equal(27917, entry.pid)
|
||||||
assert.is_nil(entry.parse_error)
|
assert.are.equal("using local addresses only for domain lan", entry.message)
|
||||||
assert.are.equal(FAKE_HASH, entry.log_hash)
|
assert.is_nil(entry.kernel_timestamp)
|
||||||
end)
|
assert.is_nil(entry.parse_error)
|
||||||
|
assert.are.equal("mocked_sha256_hash_value", entry.log_hash)
|
||||||
|
end)
|
||||||
|
|
||||||
-- Test Case: Kernel Log Entry
|
-- Test Case: Syslog Entry without PID
|
||||||
-- Verifies correct parsing of kernel-specific log formats.
|
it("should correctly parse a standard daemon log line without a PID", function()
|
||||||
it("should correctly parse a kernel log line", function()
|
local raw_line = "Sat Jun 7 09:18:39 2025 daemon.notice netifd: wan (17408): udhcpc: lease of 192.168.18.70 obtained, lease time 7200"
|
||||||
local raw_line = "[ 123.456789] This is a kernel message"
|
local entry = utils.parse_log_line(raw_line)
|
||||||
|
assert.are.equal("Sat Jun 7 09:18:39 2025", entry.timestamp_str)
|
||||||
|
assert.are.equal("2025-06-07T09:18:39", entry.datetime_obj)
|
||||||
|
assert.are.equal("daemon.notice", entry.facility_level)
|
||||||
|
assert.are.equal("netifd", entry.process_name)
|
||||||
|
assert.is_nil(entry.pid)
|
||||||
|
assert.are.equal("wan (17408): udhcpc: lease of 192.168.18.70 obtained, lease time 7200", entry.message)
|
||||||
|
assert.is_nil(entry.kernel_timestamp)
|
||||||
|
assert.is_nil(entry.parse_error)
|
||||||
|
assert.are.equal("mocked_sha256_hash_value", entry.log_hash)
|
||||||
|
end)
|
||||||
|
|
||||||
local entry = utils.parse_log_line(raw_line)
|
-- Test Case: Syslog Entry with Irregular Spacing
|
||||||
|
it("should handle irregular spacing in the timestamp", function()
|
||||||
assert.are.equal("", entry.timestamp_str)
|
local raw_line = "Sat Jun 7 22:15:17 2025 authpriv.notice dropbear[23131]: Pubkey auth succeeded for 'root' with key md5 12:1d:04:66:d5:e7:89:24:2e:f9:77:8e:86:56:68:69 from 192.168.10.250:54622"
|
||||||
assert.is_nil(entry.datetime_obj)
|
local entry = utils.parse_log_line(raw_line)
|
||||||
assert.are.equal("kernel.None", entry.facility_level)
|
assert.are.equal("Sat Jun 7 22:15:17 2025", entry.timestamp_str)
|
||||||
assert.are.equal("kernel", entry.process_name)
|
assert.are.equal("2025-06-07T22:15:17", entry.datetime_obj)
|
||||||
assert.is_nil(entry.pid)
|
assert.are.equal("authpriv.notice", entry.facility_level)
|
||||||
assert.are.equal("This is a kernel message", entry.message)
|
assert.are.equal("dropbear", entry.process_name)
|
||||||
assert.are.equal(123.456789, entry.kernel_timestamp)
|
assert.are.equal(23131, entry.pid)
|
||||||
assert.is_nil(entry.parse_error)
|
assert.is_nil(entry.parse_error)
|
||||||
assert.are.equal(FAKE_HASH, entry.log_hash)
|
assert.are.equal("mocked_sha256_hash_value", entry.log_hash)
|
||||||
end)
|
end)
|
||||||
|
|
||||||
-- Test Case: Unparseable Log Entry
|
-- Test Case: Kernel Log Entry
|
||||||
-- Confirms that the function gracefully handles and flags unknown log formats.
|
it("should correctly parse a kernel log line", function()
|
||||||
it("should handle an unknown log format without failing", function()
|
local raw_line = "[ 123.456789] This is a kernel message"
|
||||||
local raw_line = "This is just some random text that does not match any format."
|
local entry = utils.parse_log_line(raw_line)
|
||||||
|
assert.are.equal("", entry.timestamp_str)
|
||||||
|
assert.is_nil(entry.datetime_obj)
|
||||||
|
assert.are.equal("kernel.None", entry.facility_level)
|
||||||
|
assert.are.equal("kernel", entry.process_name)
|
||||||
|
assert.is_nil(entry.pid)
|
||||||
|
assert.are.equal("This is a kernel message", entry.message)
|
||||||
|
assert.are.equal(123.456789, entry.kernel_timestamp)
|
||||||
|
assert.is_nil(entry.parse_error)
|
||||||
|
assert.are.equal("mocked_sha256_hash_value", entry.log_hash)
|
||||||
|
end)
|
||||||
|
|
||||||
local entry = utils.parse_log_line(raw_line)
|
-- Test Case: Unparseable Log Entry
|
||||||
|
it("should handle an unknown log format without failing", function()
|
||||||
assert.are.equal("", entry.timestamp_str)
|
local raw_line = "This is just some random text that does not match any format."
|
||||||
assert.is_nil(entry.datetime_obj)
|
local entry = utils.parse_log_line(raw_line)
|
||||||
assert.are.equal("", entry.facility_level)
|
assert.are.equal("", entry.timestamp_str)
|
||||||
assert.is_nil(entry.process_name)
|
assert.is_nil(entry.datetime_obj)
|
||||||
assert.is_nil(entry.pid)
|
assert.are.equal("", entry.facility_level)
|
||||||
assert.are.equal(raw_line, entry.message)
|
assert.is_nil(entry.process_name)
|
||||||
assert.are.equal("Unknown log format", entry.parse_error)
|
assert.is_nil(entry.pid)
|
||||||
assert.are.equal(FAKE_HASH, entry.log_hash)
|
assert.are.equal(raw_line, entry.message)
|
||||||
end)
|
assert.are.equal("Unknown log format", entry.parse_error)
|
||||||
end)
|
assert.are.equal("mocked_sha256_hash_value", entry.log_hash)
|
||||||
|
end)
|
||||||
|
|
||||||
-- more 'describe' blocks here to test other functions in utils.lua
|
-- more 'describe' blocks here to test other functions in utils.lua
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user