search

wazuh / wazuh

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
https://wazuh.com/
Other
9.34k stars 1.48k forks source link

Release 4.8.0 - RC 1 - Ruleset Test #23308

Closed Johnng007 closed 1 week ago

Johnng007 commented 1 week ago
Main release candidate issue #23246
Version 4.8.0
Release candidate # rc 1
Tag v4.8.0-rc1
Previous ruleset test #21464
Johnng007 commented 1 week ago
Component Tested Total Coverage
Rules 1381 4380 31.53%
Decoders 125 170 73.53% 
[root@stockholm-centos8 testing]# python2 runtests.py
- [ File = ./tests/SonicWall.ini ] ---------
...........

- [ File = ./tests/amazon_sec_lake.ini ] ---------
....................

- [ File = ./tests/apache.ini ] ---------
............

- [ File = ./tests/api.ini ] ---------
.....................

- [ File = ./tests/apparmor.ini ] ---------
.....

- [ File = ./tests/arbor.ini ] ---------
..

- [ File = ./tests/audit_scp.ini ] ---------
........

- [ File = ./tests/auditd.ini ] ---------
...............................

- [ File = ./tests/aws_s3_access.ini ] ---------
..........

- [ File = ./tests/checkpoint_smart1.ini ] ---------
..................

- [ File = ./tests/cimserver.ini ] ---------
..

- [ File = ./tests/cisco_asa.ini ] ---------
........................................................................................

- [ File = ./tests/cisco_ftd.ini ] ---------
..........................................

- [ File = ./tests/cisco_ios.ini ] ---------
.................

- [ File = ./tests/cloudflare-waf.ini ] ---------
.............

- [ File = ./tests/cpanel.ini ] ---------
.......

- [ File = ./tests/doas.ini ] ---------
....

- [ File = ./tests/dovecot.ini ] ---------
...............

- [ File = ./tests/dropbear.ini ] ---------
...

- [ File = ./tests/eset.ini ] ---------
........

- [ File = ./tests/exchange.ini ] ---------
..

- [ File = ./tests/exim.ini ] ---------
.......

- [ File = ./tests/f5_big_ip.ini ] ---------
................................................

- [ File = ./tests/fireeye.ini ] ---------
...

- [ File = ./tests/firewalld.ini ] ---------
..

- [ File = ./tests/fortiauth.ini ] ---------
....

- [ File = ./tests/fortiddos.ini ] ---------
...

- [ File = ./tests/fortigate.ini ] ---------
.............................................

- [ File = ./tests/fortimail.ini ] ---------
......

- [ File = ./tests/freepbx.ini ] ---------
......

- [ File = ./tests/gcp.ini ] ---------
...............................

- [ File = ./tests/github.ini ] ---------
....................................................................................................................................................................................................................................................................................................................................

- [ File = ./tests/gitlab.ini ] ---------
...........................

- [ File = ./tests/glpi.ini ] ---------
...

- [ File = ./tests/huawei_usg.ini ] ---------
...

- [ File = ./tests/iptables.ini ] ---------
.........

- [ File = ./tests/junos.ini ] ---------
...

- [ File = ./tests/kernel_usb.ini ] ---------
......

- [ File = ./tests/macos.ini ] ---------
...........

- [ File = ./tests/mailscanner.ini ] ---------
.

- [ File = ./tests/mcafee_epo.ini ] ---------
.

- [ File = ./tests/modsecurity.ini ] ---------
......

- [ File = ./tests/named.ini ] ---------
.....

- [ File = ./tests/netscreen.ini ] ---------
....

- [ File = ./tests/nextcloud.ini ] ---------
........

- [ File = ./tests/nginx.ini ] ---------
............

- [ File = ./tests/office365.ini ] ---------
................................................................................................................................

- [ File = ./tests/openldap.ini ] ---------
.........

- [ File = ./tests/opensmtpd.ini ] ---------
.......

- [ File = ./tests/openvpn_ldap.ini ] ---------
..

- [ File = ./tests/oscap.ini ] ---------
................................

- [ File = ./tests/ossec.ini ] ---------
.....

- [ File = ./tests/overwrite.ini ] ---------
..........

- [ File = ./tests/owlh.ini ] ---------
....

- [ File = ./tests/paloalto.ini ] ---------
................

- [ File = ./tests/pam.ini ] ---------
.....

- [ File = ./tests/panda_paps.ini ] ---------
........

- [ File = ./tests/pfsense.ini ] ---------
..

- [ File = ./tests/php.ini ] ---------
..

- [ File = ./tests/pix.ini ] ---------
......................

- [ File = ./tests/postfix.ini ] ---------
..

- [ File = ./tests/powershell.ini ] ---------
................................

- [ File = ./tests/proftpd.ini ] ---------
.......

- [ File = ./tests/rsh.ini ] ---------
..

- [ File = ./tests/samba.ini ] ---------
....

- [ File = ./tests/sophos.ini ] ---------
........

- [ File = ./tests/sophos_fw.ini ] ---------
..........

- [ File = ./tests/squid_rules.ini ] ---------
..

- [ File = ./tests/sshd.ini ] ---------
.................................................

- [ File = ./tests/su.ini ] ---------
.....

- [ File = ./tests/sudo.ini ] ---------
........

- [ File = ./tests/syslog.ini ] ---------
......

- [ File = ./tests/sysmon.ini ] ---------
.........................

- [ File = ./tests/sysmon_eid_1.ini ] ---------
...............................................................

- [ File = ./tests/sysmon_eid_10.ini ] ---------
....

- [ File = ./tests/sysmon_eid_11.ini ] ---------
............................

- [ File = ./tests/sysmon_eid_13.ini ] ---------
.........

- [ File = ./tests/sysmon_eid_20.ini ] ---------
..

- [ File = ./tests/sysmon_eid_3.ini ] ---------
..........

- [ File = ./tests/sysmon_eid_7.ini ] ---------
......

- [ File = ./tests/sysmon_eid_8.ini ] ---------
....

- [ File = ./tests/systemd.ini ] ---------
..

- [ File = ./tests/test_expr_negation.ini ] ---------
........................................................

- [ File = ./tests/test_features.ini ] ---------
.......

- [ File = ./tests/test_osmatch_regex.ini ] ---------
......

- [ File = ./tests/test_osregex_regex.ini ] ---------
............................

- [ File = ./tests/test_pcre2_regex.ini ] ---------
.................................

- [ File = ./tests/test_static_filters.ini ] ---------
............................

- [ File = ./tests/unbound.ini ] ---------

- [ File = ./tests/vsftpd.ini ] ---------
....

- [ File = ./tests/vuln_detector.ini ] ---------
..

- [ File = ./tests/web_appsec.ini ] ---------
...............................

- [ File = ./tests/web_rules.ini ] ---------
..........

- [ File = ./tests/win_application.ini ] ---------

- [ File = ./tests/win_event_channel.ini ] ---------
........
File Passed Failed Status
./tests/proftpd.ini 7 0
./tests/exim.ini 7 0
./tests/squid_rules.ini 2 0
./tests/sysmon_eid_3.ini 10 0
./tests/amazon_sec_lake.ini 20 0
./tests/checkpoint_smart1.ini 18 0
./tests/iptables.ini 9 0
./tests/sysmon_eid_10.ini 4 0
./tests/SonicWall.ini 11 0
./tests/panda_paps.ini 8 0
./tests/fortiauth.ini 4 0
./tests/openldap.ini 9 0
./tests/f5_big_ip.ini 48 0
./tests/sophos.ini 8 0
./tests/opensmtpd.ini 7 0
./tests/netscreen.ini 4 0
./tests/rsh.ini 2 0
./tests/arbor.ini 2 0
./tests/web_rules.ini 10 0
./tests/exchange.ini 2 0
./tests/vuln_detector.ini 2 0
./tests/sysmon_eid_7.ini 6 0
./tests/macos.ini 11 0
./tests/samba.ini 4 0
./tests/apparmor.ini 5 0
./tests/test_osmatch_regex.ini 6 0
./tests/test_features.ini 7 0
./tests/pam.ini 5 0
./tests/apache.ini 12 0
./tests/fireeye.ini 3 0
./tests/sysmon.ini 25 0
./tests/dovecot.ini 15 0
./tests/web_appsec.ini 31 0
./tests/nextcloud.ini 8 0
./tests/kernel_usb.ini 6 0
./tests/paloalto.ini 16 0
./tests/sysmon_eid_13.ini 9 0
./tests/ossec.ini 5 0
./tests/test_osregex_regex.ini 28 0
./tests/cisco_ftd.ini 42 0
./tests/sysmon_eid_1.ini 63 0
./tests/github.ini 324 0
./tests/test_pcre2_regex.ini 33 0
./tests/named.ini 5 0
./tests/powershell.ini 32 0
./tests/openvpn_ldap.ini 2 0
./tests/sysmon_eid_8.ini 4 0
./tests/cloudflare-waf.ini 13 0
./tests/huawei_usg.ini 3 0
./tests/eset.ini 8 0
./tests/test_expr_negation.ini 56 0
./tests/gcp.ini 31 0
./tests/cpanel.ini 7 0
./tests/pfsense.ini 2 0
./tests/cisco_asa.ini 88 0
./tests/systemd.ini 2 0
./tests/nginx.ini 12 0
./tests/sysmon_eid_11.ini 28 0
./tests/cisco_ios.ini 17 0
./tests/pix.ini 22 0
./tests/php.ini 2 0
./tests/office365.ini 128 0
./tests/fortigate.ini 45 0
./tests/fortimail.ini 6 0
./tests/audit_scp.ini 8 0
./tests/win_application.ini 0 0
./tests/fortiddos.ini 3 0
./tests/cimserver.ini 2 0
./tests/freepbx.ini 6 0
./tests/overwrite.ini 10 0
./tests/sshd.ini 49 0
./tests/win_event_channel.ini 8 0
./tests/gitlab.ini 27 0
./tests/glpi.ini 3 0
./tests/api.ini 21 0
./tests/dropbear.ini 3 0
./tests/firewalld.ini 2 0
./tests/mailscanner.ini 1 0
./tests/owlh.ini 4 0
./tests/sysmon_eid_20.ini 2 0
./tests/auditd.ini 31 0
./tests/mcafee_epo.ini 1 0
./tests/doas.ini 4 0
./tests/junos.ini 3 0
./tests/sudo.ini 8 0
./tests/syslog.ini 6 0
./tests/sophos_fw.ini 10 0
./tests/vsftpd.ini 4 0
./tests/postfix.ini 2 0
./tests/modsecurity.ini 6 0
./tests/su.ini 5 0
./tests/unbound.ini 0 0
./tests/aws_s3_access.ini 10 0
./tests/test_static_filters.ini 28 0
./tests/oscap.ini 32 0
ooniagbi commented 1 week ago

LGTM!

juliamagan commented 1 week ago

LGTM