Test Suite for NetIQ UNIX Agent 2011.1r3

Test Suite for NetIQ UNIX Agent 2011.1r3

Run on 2013-4-24 1366849610000

Summary Results

Suite Total Pass Warn Fail
Plug-in Tests
Type-specific Tests
Release-specific Tests
Regression against previous build
Regression against previous release

1. Plug-in Tests

# Test Name Result Details

2. Type-specific Tests

# Test Name Result Details
12486941 Verify there is a single default CONNECTION METHOD All 1 Matched Events Passed
12487891 CollPack spz.zip file should exist in build folder No Events Matched the Match Condition. ERROR: java.lang.RuntimeException: SOLUTION_PACK package type does not exist. Required files do not exist. Verify this was not a Production Build, if it was this indicates a build problem

12487901 Test presence of EULA in collpack No Events Matched the Match Condition. ERROR: java.lang.RuntimeException: SOLUTION_PACK package type does not exist. Required files do not exist. Verify this was not a Production Build, if it was this indicates a build problem

12487911 Validate format and content from columns of Taxonomy.map All 1 Matched Events Passed
12487921 Collector Pack controls and Collector Controls must be present in package.xml from collpack No Events Matched the Match Condition. ERROR: java.lang.RuntimeException: SOLUTION_PACK package type does not exist. Required files do not exist. Verify this was not a Production Build, if it was this indicates a build problem

31 All events should have DeviceEventTime, DeviceEventTimeString, EventName, Message, Severity All 63 Matched Events Passed
33 All events should report the Collector name and UUID No Events Matched the Match Condition. PluginTestObject.formattedResultMessage


3. Release-specific Tests

# Test Name Result Details
12874921 Secure Shell Server Error event should properly map when received by Unix Agent All 1 Matched Events Passed
12907441 sulog group started event should properly map when received by Unix Agent All 1 Matched Events Passed
12907442 sulog rule group terminated event should properly map when received by Unix Agent All 1 Matched Events Passed
12916801 wtmp User logout event should properly map when received by Unix Agent All 1 Matched Events Passed
12916811 wtmp User login event should properly map when received by Unix Agent All 1 Matched Events Passed
12916841 wtmp Detect rules started event should properly map when received by Unix Agent All 1 Matched Events Passed
12916842 btmp Detect rules started event should properly map when received by Unix Agent All 1 Matched Events Passed
12916843 network Detect rules started event should properly map when received by Unix Agent All 1 Matched Events Passed
12916844 filesystem Detect rules started event should properly map when received by Unix Agent All 1 Matched Events Passed
12916845 pacct event Detect rules started should properly map when received by Unix Agent All 1 Matched Events Passed
12916846 syslog event Detect rules started should properly map when received by Unix Agent 0 events passed out of 1 events matching the Match Condition:

Failed test on line 31: . From event syslog event Detect rules started should properly map when received by Unix Agent "Observer Host Name" was "unknown-host" but was expected to be "unknown-host". Test Result: fail

12916847 Linux event Detect rules started should properly map when received by Unix Agent All 1 Matched Events Passed
12916848 aix event Detect rules started should properly map when received by Unix Agent All 1 Matched Events Passed
12916851 wtmp Detect rule group terminated event should properly map when received by Unix Agent All 1 Matched Events Passed
12916852 btmp group terminated event should properly map when received by Unix Agent All 1 Matched Events Passed
12916853 network group terminated event should properly map when received by Unix Agent All 1 Matched Events Passed
12916854 filesystem group terminated event should properly map when received by Unix Agent All 1 Matched Events Passed
12916855 pacct event group terminated should properly map when received by Unix Agent All 1 Matched Events Passed
12916856 syslog event Detect rule group terminated should properly map when received by Unix Agent 0 events passed out of 1 events matching the Match Condition:

Failed test on line 32: . From event syslog event Detect rule group terminated should properly map when received by Unix Agent "Observer Host Name" was "unknown-host" but was expected to be "unknown-host". Test Result: fail

12916857 Linux event Detect rule group terminated should properly map when received by Unix Agent All 1 Matched Events Passed
12916858 aix event Detect rule group terminated should properly map when received by Unix Agent All 1 Matched Events Passed
12916861 btmp Failed UNIX login event should properly map when received by Unix Agent All 1 Matched Events Passed
12916862 syslog event Failed UNIX login should properly map when received by Unix Agent All 1 Matched Events Passed
12916863 linux event Failed UNIX login should properly map when received by Unix Agent All 1 Matched Events Passed
12923331 filesystem Batch Authorization Changed event should properly map when received by Unix Agent All 1 Matched Events Passed
12923332 filesystem Batch Configuration Changed event should properly map when received by Unix Agent All 1 Matched Events Passed
12923351 filesystem event New or modified set-user-id file should properly map when received by Unix Agent All 1 Matched Events Passed
12923361 filesystem event System configuration file modified should properly map when received by Unix Agent All 1 Matched Events Passed
12923371 filesystem event User Password Changed should properly map when received by Unix Agent All 1 Matched Events Passed
12925931 filesystem event New or modified executable file should properly map when received by Unix Agent All 1 Matched Events Passed
12928821 filesystem event Log File Size Decreased should properly map when received by Unix Agent All 1 Matched Events Passed
12931331 pacct event Detects that TCP or UDP is running should properly map when received by Unix Agent All 1 Matched Events Passed
12931541 pacct event Critical system commands run by non-root should properly map when received by Unix Agent All 1 Matched Events Passed
12931551 pacct event System hacking tools being used should properly map when received by Unix Agent All 1 Matched Events Passed
12935701 syslog event Failed su should properly map when received by Unix Agent All 1 Matched Events Passed
12935721 syslog event Network Promiscuous Mode Detected should properly map when received by Unix Agent All 1 Matched Events Passed
12935801 syslog event Successful su to Root should properly map when received by Unix Agent All 1 Matched Events Passed
12935802 syslog event Successful su to myuser should properly map when received by Unix Agent All 1 Matched Events Passed
12935803 aix event Detects executions of the su command should properly map when received by Unix Agent All 1 Matched Events Passed
12941491 syslog event Changed Ethernet Address should properly map when received by Unix Agent All 1 Matched Events Passed
12941501 syslog event Flip-flop Ethernet Address should properly map when received by Unix Agent All 1 Matched Events Passed
12941511 syslog event Reused Ethernet Address should properly map when received by Unix Agent All 1 Matched Events Passed
12941521 syslog event Execute From Stack Attempted should properly map when received by Unix Agent All 1 Matched Events Passed
12941541 syslog event Internet Service Server (inetd) Errors should properly map when received by Unix Agent All 1 Matched Events Passed
12941581 syslog event TCP Wrapper Errors should properly map when received by Unix Agent All 1 Matched Events Passed
12941611 event File system is full should properly map when received by Unix Agent All 1 Matched Events Passed
12941621 event FTP Server Errors should properly map when received by Unix Agent All 1 Matched Events Passed
12941651 syslog event Unsafe Code Detected in Detect Rule Set should properly map when received by Unix Agent All 1 Matched Events Passed
12941671 syslog event Mail redirection should properly map when received by Unix Agent All 1 Matched Events Passed
12941701 Linux event Application Attempted to Set uid or euid should properly map when received by Unix Agent All 1 Matched Events Passed
12942111 linux event File System Object Modified by Non-Root User should properly map when received by Unix Agent All 1 Matched Events Passed
12942112 aix event File System Object Modified by Non-Root User should properly map when received by Unix Agent All 1 Matched Events Passed
12954481 linux event File System Object Modified by Root User should properly map when received by Unix Agent All 1 Matched Events Passed
12954482 aix event File System Object Modified by Root User should properly map when received by Unix Agent All 1 Matched Events Passed
12964231 event Root runs non-root executable should properly map when received by Unix Agent All 1 Matched Events Passed
12964251 event Clock Changed should properly map when received by Unix Agent All 1 Matched Events Passed
12964301 event Root executed world-writable file should properly map when received by Unix Agent All 1 Matched Events Passed
13026191 aix event file file \/etc\/security\/audit\/config modified should properly map when received by Unix Agent All 1 Matched Events Passed
13026211 aix event Detects execution of the audit command should properly map when received by Unix Agent All 1 Matched Events Passed
13026221 aix event AIX User Group Changed should properly map when received by Unix Agent All 1 Matched Events Passed
13026241 aix event AIX File Permissions Changed should properly map when received by Unix Agent All 1 Matched Events Passed
13029601 aix event AIX User Group Created should properly map when received by Unix Agent All 1 Matched Events Passed
13030481 aix event AIX User Account Created should properly map when received by Unix Agent All 1 Matched Events Passed

4. Regression Tests

Comparison of this version with previous prototype/beta version:

Comparison of this version with previous released version: