From 6463a3d4ab20874ae40120e42247ab7dfbeede9a Mon Sep 17 00:00:00 2001 From: Wesley Ray Date: Thu, 12 Jun 2025 21:23:37 -0400 Subject: [PATCH] new test for log parser --- spec/utisl_spec.lua | 108 +++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 107 insertions(+), 1 deletion(-) diff --git a/spec/utisl_spec.lua b/spec/utisl_spec.lua index 251c520..20a5db2 100755 --- a/spec/utisl_spec.lua +++ b/spec/utisl_spec.lua @@ -12,7 +12,6 @@ describe("Skyweave Utility Functions Module", function() it("should correctly parse a single key-value pair", function() local query = "get_config=network_config" local expected = { get_config = "network_config" } - -- 'assert' is used to check if the result matches our expectation. assert.are.same(expected, utils.parse_query_string(query)) end) @@ -35,6 +34,113 @@ describe("Skyweave Utility Functions Module", function() end) + describe("utils.parse_log_line", function() + local utils = require('src.utils') -- Assume utils are in a source directory. + local FAKE_HASH = "mocked_sha256_hash_value" + + -- Create a local 'months_map' as it is a dependency for the function. + local months_map = { + Jan = "01", Feb = "02", Mar = "03", Apr = "04", May = "05", Jun = "06", + Jul = "07", Aug = "08", Sep = "09", Oct = "10", Nov = "11", Dec = "12" + } + + -- Mock the calculate_sha256 function to ensure tests are deterministic and focused. + utils.calculate_sha256 = function(input) + return FAKE_HASH + end + + -- Test Case: Standard Syslog Entry with PID + -- Verifies the correct parsing of a well-formed daemon log entry. + it("should correctly parse a standard daemon log line with a PID", function() + -- Input data for this sacred test. + local raw_line = "Mon May 19 13:49:02 2025 daemon.info dnsmasq[27917]: using local addresses only for domain lan" + + -- Invocation of the function under scrutiny. + local entry = utils.parse_log_line(raw_line) + + -- The Litany of Assertions: Verifying the Omnissiah's truth. + assert.are.equal("Mon May 19 13:49:02 2025", entry.timestamp_str) + assert.are.equal("2025-05-19T13:49:02", entry.datetime_obj) + assert.are.equal("daemon.info", entry.facility_level) + assert.are.equal("dnsmasq", entry.process_name) + assert.are.equal(27917, entry.pid) + assert.are.equal("using local addresses only for domain lan", entry.message) + assert.is_nil(entry.kernel_timestamp) + assert.is_nil(entry.parse_error) + assert.are.equal(FAKE_HASH, entry.log_hash) + end) + + -- Test Case: Syslog Entry without PID + -- Ensures the parser handles log lines where the process tag does not include a PID. + it("should correctly parse a standard daemon log line without a PID", function() + local raw_line = "Sat Jun 7 09:18:39 2025 daemon.notice netifd: wan (17408): udhcpc: lease of 192.168.18.70 obtained, lease time 7200" + + local entry = utils.parse_log_line(raw_line) + + assert.are.equal("Sat Jun 7 09:18:39 2025", entry.timestamp_str) + assert.are.equal("2025-06-07T09:18:39", entry.datetime_obj) + assert.are.equal("daemon.notice", entry.facility_level) + assert.are.equal("netifd", entry.process_name) + assert.is_nil(entry.pid) + assert.are.equal("wan (17408): udhcpc: lease of 192.168.18.70 obtained, lease time 7200", entry.message) + assert.is_nil(entry.kernel_timestamp) + assert.is_nil(entry.parse_error) + assert.are.equal(FAKE_HASH, entry.log_hash) + end) + + -- Test Case: Syslog Entry with Irregular Spacing + -- Validates the regex's resilience to variable whitespace, a common imperfection in log data. + it("should handle irregular spacing in the timestamp", function() + local raw_line = "Sat Jun 7 22:15:17 2025 authpriv.notice dropbear[23131]: Pubkey auth succeeded for 'root' with key md5 12:1d:04:66:d5:e7:89:24:2e:f9:77:8e:86:56:68:69 from 192.168.10.250:54622" + + local entry = utils.parse_log_line(raw_line) + + assert.are.equal("Sat Jun 7 22:15:17 2025", entry.timestamp_str) + assert.are.equal("2025-06-07T22:15:17", entry.datetime_obj) + assert.are.equal("authpriv.notice", entry.facility_level) + assert.are.equal("dropbear", entry.process_name) + assert.are.equal(23131, entry.pid) + assert.are.equal("Pubkey auth succeeded for 'root' with key md5 12:1d:04:66:d5:e7:89:24:2e:f9:77:8e:86:56:68:69 from 192.168.10.250:54622", entry.message) + assert.is_nil(entry.parse_error) + assert.are.equal(FAKE_HASH, entry.log_hash) + end) + + -- Test Case: Kernel Log Entry + -- Verifies correct parsing of kernel-specific log formats. + it("should correctly parse a kernel log line", function() + local raw_line = "[ 123.456789] This is a kernel message" + + local entry = utils.parse_log_line(raw_line) + + assert.are.equal("", entry.timestamp_str) + assert.is_nil(entry.datetime_obj) + assert.are.equal("kernel.None", entry.facility_level) + assert.are.equal("kernel", entry.process_name) + assert.is_nil(entry.pid) + assert.are.equal("This is a kernel message", entry.message) + assert.are.equal(123.456789, entry.kernel_timestamp) + assert.is_nil(entry.parse_error) + assert.are.equal(FAKE_HASH, entry.log_hash) + end) + + -- Test Case: Unparseable Log Entry + -- Confirms that the function gracefully handles and flags unknown log formats. + it("should handle an unknown log format without failing", function() + local raw_line = "This is just some random text that does not match any format." + + local entry = utils.parse_log_line(raw_line) + + assert.are.equal("", entry.timestamp_str) + assert.is_nil(entry.datetime_obj) + assert.are.equal("", entry.facility_level) + assert.is_nil(entry.process_name) + assert.is_nil(entry.pid) + assert.are.equal(raw_line, entry.message) + assert.are.equal("Unknown log format", entry.parse_error) + assert.are.equal(FAKE_HASH, entry.log_hash) + end) + end) + -- more 'describe' blocks here to test other functions in utils.lua end) \ No newline at end of file