Test Suite for Red Hat Enterprise Linux 6.1r2-Pre5

Test Suite for Red Hat Enterprise Linux 6.1r2-Pre5

Run on 2011-4-14 1302772180000


SDK Tests

# Test Name Result Details
11 Test presence of plug-in Red-Hat_Enterprise-Linux_6.1r2-Pre5.clz.zip exists and the file size is 1265356 bytes
12 Test presence of md5 file Red-Hat_Enterprise-Linux_6.1r2-Pre5.md5 exists and the file size is 78 bytes
13 Verify MD5 hash file Red-Hat_Enterprise-Linux_6.1r2-Pre5.clz.zip: OK
14 Test presence of documentation Red-Hat_Enterprise-Linux_6.1r2-Pre5.pdf file not found
15 Test version revision history
16 Test presence of EULAs 48739 EULA_en.html
17 Test presence of package xml Extracting package.xml from Red-Hat_Enterprise-Linux_6.1r2-Pre5.clz.zip... package.xml exists in the plugin and the file size is 8693 bytes
21 Test package xml format ******** package.xml is well formed ********
22 Verify files in plugin All files listed in the package.xml are present in the plugin and their md5's match
23 Verify UUID matches previous version Red-Hat_Enterprise-Linux,9634E5E0-B803-102B-9F3F-005056C00008
25 Review plug-in description This Collector parses data from Red Hat Enterprise Linux; see documentation for supported subproducts and connection modes.
26 Compare dates in package and docs
27 Test version in docs and packagexml

Plug-in Type Tests

# Test Name Result Details
11 Test presence of CollPack Red-Hat_Enterprise-Linux_6.1r2-Pre5.spz.zip file not found
12 Test presence of EULA in collpack
21 Verify single default CONNECTION METHOD Found 1 nodes: -- NODE -- SYSLOG
22 Ensure all taxonomy is valid Line TaxonomyKey,Target,SubTarget,Action,SubAction,EventTaxonomy,EventOutcome in taxonomy.map had problems: | Target unrecognized | SubAction unrecognized
24 Verify DeviceName with RV31
28 Verify Collector Pack UUID Conflict Red-Hat_Enterprise-Linux,9634E5E0-B803-102B - is unique and does not have any node-level conflicts with other collector packs
29 Verify Collector Pack Controls Control 'Global Setup' is not found in package.xml Control 'Dashboard Status' is not found in package.xml Control 'Implementation Audit Trail' is not found in package.xml Control 'Event Trends' not found in package.xml Control 'Collector Management' is not found in package.xml
31 All events should have DeviceEventTime, DeviceEventTimeString, EventName, Message, Severity 23 events matched test criteria:<br/>The following events failed this test:<br/>Line 9: et=; evt=Collector Internal Message; xdastaxname=; msg=Parsing failed: TypeError: Cannot call method "search" of undefined; input: Oct 31 12:42:12 linuxtest vsftpd[3241]: Mon Oct 31 12:42:12 2005 [pid 3241] [root] OK LOGIN: Client "127.0.0.1<br/>Line 11: et=; evt=Red Hat Enterprise Linux useradd Event; xdastaxname=; msg=useradd[17914]: new group: name=heebu123, GID=504
32 All events should have an Observer IP or hostname 23 events matched test criteria:<br/>The following events failed this test:<br/>Line 9: et=; evt=Collector Internal Message; xdastaxname=; msg=Parsing failed: TypeError: Cannot call method "search" of undefined; input: Oct 31 12:42:12 linuxtest vsftpd[3241]: Mon Oct 31 12:42:12 2005 [pid 3241] [root] OK LOGIN: Client "127.0.0.1<br/>Line 11: et=; evt=Red Hat Enterprise Linux useradd Event; xdastaxname=; msg=useradd[17914]: new group: name=heebu123, GID=504
33 All events should report the Collector name and UUID 23 events matched test criteria:<br/>All events passed.
401 Account events (create, delete, modify, enable, disable, change password) should have InitUserName 5 events matched test criteria:<br/>The following events failed this test:<br/>Line 2: et=Sat May 08 2010 11:18:57 GMT-0400 (EDT); evt=passwd: Password changed; xdastaxname=XDAS_AE_SET_CRED_ACCOUNT; msg=pam_unix(passwd:chauthtok): password changed for heebu<br/>Line 3: et=Sat May 08 2010 11:19:48 GMT-0400 (EDT); evt=passwd: Password change failed; xdastaxname=XDAS_AE_SET_CRED_ACCOUNT; msg=pam_unix(passwd:chauthtok): new password not acceptable<br/>Line 12: et=Fri May 07 2010 16:53:29 GMT-0400 (EDT); evt=useradd: Account Created Successfully; xdastaxname=XDAS_AE_CREATE_ACCOUNT; msg=new user: name=heebu123, UID=503, GID=504, home=/home/heebu123, shell=/bin/bash<br/>Line 13: et=Fri May 07 2010 16:53:51 GMT-0400 (EDT); evt=useradd: Account Created Successfully; xdastaxname=XDAS_AE_CREATE_ACCOUNT; msg=new user: name=nawaz123, UID=504, GID=504, home=/home/nawaz123, shell=/bin/bash<br/>Line 14: et=Tue May 25 2010 11:10:00 GMT-0400 (EDT); evt=userdel: User deleted; xdastaxname=XDAS_AE_DELETE_ACCOUNT; msg=delete user `Testuser2'
402 Account events (create, delete, modify, enable, disable, change password) should have TargetUserName 5 events matched test criteria:<br/>The following events failed this test:<br/>Line 2: et=Sat May 08 2010 11:18:57 GMT-0400 (EDT); evt=passwd: Password changed; xdastaxname=XDAS_AE_SET_CRED_ACCOUNT; msg=pam_unix(passwd:chauthtok): password changed for heebu<br/>Line 3: et=Sat May 08 2010 11:19:48 GMT-0400 (EDT); evt=passwd: Password change failed; xdastaxname=XDAS_AE_SET_CRED_ACCOUNT; msg=pam_unix(passwd:chauthtok): new password not acceptable<br/>Line 12: et=Fri May 07 2010 16:53:29 GMT-0400 (EDT); evt=useradd: Account Created Successfully; xdastaxname=XDAS_AE_CREATE_ACCOUNT; msg=new user: name=heebu123, UID=503, GID=504, home=/home/heebu123, shell=/bin/bash<br/>Line 13: et=Fri May 07 2010 16:53:51 GMT-0400 (EDT); evt=useradd: Account Created Successfully; xdastaxname=XDAS_AE_CREATE_ACCOUNT; msg=new user: name=nawaz123, UID=504, GID=504, home=/home/nawaz123, shell=/bin/bash<br/>Line 14: et=Tue May 25 2010 11:10:00 GMT-0400 (EDT); evt=userdel: User deleted; xdastaxname=XDAS_AE_DELETE_ACCOUNT; msg=delete user `Testuser2'
403 All account queries should have TargetUserName 0 events matched test criteria:<br/>
404 User Login events should have TargetUserName 7 events matched test criteria:<br/>The following events failed this test:<br/>Line 1: et=Thu Jan 20 2011 02:40:23 GMT-0500 (EST); evt=sshd(pam_unix): Session opened; xdastaxname=XDAS_AE_CREATE_SESSION; msg=session opened for user root by root(uid=0)<br/>Line 4: et=Thu Jan 20 2011 02:41:32 GMT-0500 (EST); evt=remote(pam_unix): Authentication failure; xdastaxname=XDAS_AE_AUTHENTICATE_ACCOUNT; msg=authentication failure; logname= uid=0 euid=0 tty=pts/1 ruser= rhost=172.16.12.199 <br/>Line 7: et=Thu Oct 28 2010 12:54:13 GMT-0400 (EDT); evt=unix_chkpwd: check pass; xdastaxname=XDAS_AE_CREATE_SESSION; msg=check pass; user unknown<br/>Line 8: et=Thu Oct 28 2010 13:37:03 GMT-0400 (EDT); evt=su(pam_unix): Become session opened; xdastaxname=XDAS_AE_CREATE_SESSION; msg=session opened for user root by esec(uid=500)<br/>Line 10: et=Sun Oct 31 2010 12:39:46 GMT-0400 (EDT); evt=vsftpd(pam_unix): Authentication failure; xdastaxname=XDAS_AE_AUTHENTICATE_ACCOUNT; msg=authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=127.0.0.1 user=root<br/>Line 16: et=Thu Jan 20 2011 02:42:15 GMT-0500 (EST); evt=sshd: Authentication denied; xdastaxname=XDAS_AE_AUTHENTICATE_ACCOUNT; msg=Failed password for root from ::ffff:172.16.12.199 port 32771 ssh2<br/>Line 17: et=Thu Jan 20 2011 02:42:33 GMT-0500 (EST); evt=sshd: Authentication denied; xdastaxname=XDAS_AE_AUTHENTICATE_ACCOUNT; msg=Invalid user kidddd from ::ffff:172.16.12.199
405 User Logout should have InitUserName 2 events matched test criteria:<br/>The following events failed this test:<br/>Line 15: et=Sat May 08 2010 11:42:36 GMT-0400 (EDT); evt=su: Become session closed; xdastaxname=XDAS_AE_TERMINATE_SESSION; msg=pam_unix(su-l:session): session closed for user heebu<br/>Line 23: et=Tue May 25 2010 18:28:59 GMT-0400 (EDT); evt=crond(pam_unix): Session closed; xdastaxname=XDAS_AE_TERMINATE_SESSION; msg=session closed for user root
411 Trust events (create, delete, modify) should have InitUserName 2 events matched test criteria:<br/>The following events failed this test:<br/>Line 21: et=Tue May 25 2010 11:10:01 GMT-0400 (EDT); evt=groupdel: Group deleted; xdastaxname=XDAS_AE_DELETE_TRUST; msg=remove group `Testuser2'<br/>Line 22: et=Tue May 25 2010 10:45:06 GMT-0400 (EDT); evt=groupadd: Group added; xdastaxname=XDAS_AE_CREATE_TRUST; msg=new group: name=newgroup1, gid=535
412 Trust events (create, delete, modify) should have TargetTrustName 2 events matched test criteria:<br/>The following events failed this test:<br/>Line 21: et=Tue May 25 2010 11:10:01 GMT-0400 (EDT); evt=groupdel: Group deleted; xdastaxname=XDAS_AE_DELETE_TRUST; msg=remove group `Testuser2'<br/>Line 22: et=Tue May 25 2010 10:45:06 GMT-0400 (EDT); evt=groupadd: Group added; xdastaxname=XDAS_AE_CREATE_TRUST; msg=new group: name=newgroup1, gid=535
413 Trust events (query) should have TargetTrustName 0 events matched test criteria:<br/>
414 Trust events (associate, deassociate) should have InitUserName 0 events matched test criteria:<br/>
415 Trust events (associate, deassociate) should have TargetTrustName and TargetUserName 0 events matched test criteria:<br/>
416 Resource access to trust (grant, revoke) should have InitUserName 0 events matched test criteria:<br/>
417 Resource access to trust (grant, revoke) should have TargetTrustName and TargetDataName 0 events matched test criteria:<br/>
418 Resource access to user (grant, revoke) should have InitUserName 0 events matched test criteria:<br/>
419 Resource access to user (grant, revoke) should have TargetUserName and TargetDataName 0 events matched test criteria:<br/>
421 DataItem events (create, delete, modify) should have InitUserName 0 events matched test criteria:<br/>
422 DataItem events (create, delete, modify) should have TargetDataName 0 events matched test criteria:<br/>
423 DataItem events (open, close, modify, query) should have InitUserName 0 events matched test criteria:<br/>
424 DataItem events (open, close, modify, query) should have TargetDataName 0 events matched test criteria:<br/>
425 DataItem query attributes event should have TargetDataName 0 events matched test criteria:<br/>
431 Session Modification events should have InitUserName 0 events matched test criteria:<br/>
441 System events (start, shutdown) should have InitUserName 0 events matched test criteria:<br/>
442 System events (start, shutdown) should have TargetHostName or TargetIP 0 events matched test criteria:<br/>
443 Service events (install, remove, enable, disable, invoke, terminate, config, modify) should have InitUserName 4 events matched test criteria:<br/>The following events failed this test:<br/>Line 6: et=Thu Jan 20 2011 02:46:21 GMT-0500 (EST); evt=xinetd: START: telnet; xdastaxname=XDAS_AE_ENABLE_SERVICE; msg=START: telnet pid=3375 from=172.16.12.199<br/>Line 18: et=Thu May 13 2010 12:36:12 GMT-0400 (EDT); evt=crontab: BEGIN EDIT; xdastaxname=XDAS_AE_INVOKE_SERVICE; msg=(root) BEGIN EDIT (root)<br/>Line 19: et=Thu May 13 2010 12:25:52 GMT-0400 (EDT); evt=anacron: Service started; xdastaxname=XDAS_AE_INVOKE_SERVICE; msg=Anacron 2.3 started on 2009-05-13<br/>Line 20: et=Thu May 13 2010 12:57:51 GMT-0400 (EDT); evt=crond: Cronjob Running; xdastaxname=XDAS_AE_INVOKE_SERVICE; msg=(root) CMD (run-parts /etc/cron.hourly)
444 Service events (install, remove, enable, disable, invoke, terminate, config, modify) should have TargetServiceName 4 events matched test criteria:<br/>The following events failed this test:<br/>Line 6: et=Thu Jan 20 2011 02:46:21 GMT-0500 (EST); evt=xinetd: START: telnet; xdastaxname=XDAS_AE_ENABLE_SERVICE; msg=START: telnet pid=3375 from=172.16.12.199
445 Service events (config, query) should have TargetServiceName 0 events matched test criteria:<br/>
451 Resource events (backup) should have InitUserName 0 events matched test criteria:<br/>
452 Resource events (backup) should have TargetDataName 0 events matched test criteria:<br/>
453 Resource events (corrupt, exhaust) should have TargetDataName 0 events matched test criteria:<br/>
461 All WorkFlow events should have TargetDataName and TargetDataContainer 0 events matched test criteria:<br/>
471 Malware infected events should have TargetDataName 0 events matched test criteria:<br/>
472 Malware infected events should have TargetHostName or TargetIP 0 events matched test criteria:<br/>

Release Tests

# Test Name Result Details

Comparison Tests

Comparison of this version with previous prototype/beta version.

Line # Field Event from 6.1r2-Pre4 Event from 6.1r2-Pre5

Comparison of this version with previous released version.