*** Settings *** Library Collections Library RequestsLibrary Library String Library json Resource ../../../03-Variable/Bifangapivariable.txt Resource ForTwoKeywords.robot Resource ../Common.robot Resource ../policy_object/Log.robot *** Keywords *** Dashboard-Validation-Traffic [Documentation] ... 描述:Traffic统计验证 ... 每条线的所有的总量平均是否和traffic的对应数量一致; ... 每个点的ALL是否大于IN和OUT; ... 数据涉及三种类型:Bytes、Packets、Sessions ... 参数:starttime(必传,开始时间紧) ... endtime(必传,结束时间) ... timeGranularity 统计粒度,单位秒,仅用于趋势查询sql缺省为30秒 ... 返回:对比结果 [Arguments] ${starttime} ${endtime} ${timeGranularity} ${data} Set Variable startTime=${startTime}&endTime=${endTime} ${data} Run Keyword If "${timeGranularity}"!="${EMPTY}" Set Variable ${data}&timeGranularity=${timeGranularity} ... ELSE Set Variable ${data} ${url1} Set Variable report/traffic/statisticsbyunit ${bfResponse} TrafficBFRequest ${url1} ${data} #bytes ${trafficInBytes} Set Variable ${bfResponse['data']['trafficInBytes']} ${trafficInBytesList} Set Variable ${bfResponse['data']['trafficInBytesList']} ${trafficOutBytes} Set Variable ${bfResponse['data']['trafficOutBytes']} ${trafficOutBytesList} Set Variable ${bfResponse['data']['trafficOutBytesList']} ${trafficTotalBytes} Set Variable ${bfResponse['data']['trafficTotalBytes']} ${trafficTotalBytesList} Set Variable ${bfResponse['data']['trafficTotalBytesList']} #Packets ${trafficInPackets} Set Variable ${bfResponse['data']['trafficInPackets']} ${trafficInPacketsList} Set Variable ${bfResponse['data']['trafficInPacketsList']} ${trafficOutPackets} Set Variable ${bfResponse['data']['trafficOutPackets']} ${trafficOutPacketsList} Set Variable ${bfResponse['data']['trafficOutPacketsList']} ${trafficTotalPackets} Set Variable ${bfResponse['data']['trafficTotalPackets']} ${trafficTotalPacketsList} Set Variable ${bfResponse['data']['trafficTotalPacketsList']} #sessions ${sessions} Set Variable ${bfResponse['data']['sessions']} ${sessionsList} Set Variable ${bfResponse['data']['sessionsList']} #每条线的所有的总量平均是否和traffic的对应数量一致; ${trafficBytesCalTotal} Evaluate ${trafficInBytes}+${trafficOutBytes} Should Be True ${trafficTotalBytes}==${trafficBytesCalTotal} ${trafficPacketsCalTotal} Evaluate ${trafficInPackets}+${trafficOutPackets} Should Be True ${trafficTotalPackets}==${trafficPacketsCalTotal} #每个点的ALL是否大于IN和OUT; ${len} Get Length ${trafficTotalBytesList} ${index} Set Variable ${0} FOR ${trafficTotalBytes} IN @{trafficTotalBytesList} ${totalValue} Get From Dictionary ${trafficTotalBytes} statisticsNum ${inValue} Get From Dictionary ${trafficInBytesList[${index}]} statisticsNum ${outValue} Get From Dictionary ${trafficOutBytesList[${index}]} statisticsNum Should Be True ${totalValue}>=${inValue} Should Be True ${totalValue}>=${outValue} ${index} Evaluate ${index}+1 END ${index} Set Variable ${0} FOR ${trafficTotalPackets} IN @{trafficTotalPacketsList} ${totalValue} Get From Dictionary ${trafficTotalPackets} statisticsNum ${inValue} Get From Dictionary ${trafficInPacketsList[${index}]} statisticsNum ${outValue} Get From Dictionary ${trafficOutPacketsList[${index}]} statisticsNum Should Be True ${totalValue}>=${inValue} Should Be True ${totalValue}>=${outValue} ${index} Evaluate ${index}+1 END [Return] OK Dashboard-Validation-Policy-Hits [Documentation] ... Policy Hits by Action涉及验证 ... 数据涉及三种类型:Bytes、Packets、Sessions ... 每条线的各个时间点总量和对应action一致; ... 参数:starttime(必传,开始时间紧) ... endtime(必传,结束时间) ... orderBy 排序方式 ... logType(必填,日志类型) [Arguments] ${starttime} ${endtime} ${logType} ${orderBy} ${data} Set Variable logType=${logType}&startTime=${startTime}&endTime=${endTime} ${data} Run Keyword If "${orderBy}"!="${EMPTY}" Set Variable ${data}&orderBy=${orderBy} ... ELSE Set Variable ${data} ${url1} Set Variable report/policyevent/hit/action ${bfResponse} TrafficBFRequest ${url1} ${data} ${actionCount} Set Variable ${bfResponse['data']['actionCount']} ${DefaultCount} Set Variable ${EMPTY} ${AllowCount} Set Variable ${EMPTY} ${DenyCount} Set Variable ${EMPTY} ${MonitorCount} Set Variable ${EMPTY} ${InterceptCount} Set Variable ${EMPTY} FOR ${action} IN @{actionCount} ${DefaultCount} Run Keyword If "${action['action']}"=="Default" and "${DefaultCount}"=="${EMPTY}" Set Variable ${action} ... ELSE Set Variable ${DefaultCount} ${AllowCount} Run Keyword If "${action['action']}"=="Allow" and "${AllowCount}"=="${EMPTY}" Set Variable ${action} ... ELSE Set Variable ${AllowCount} ${DenyCount} Run Keyword If "${action['action']}"=="Deny" and "${DenyCount}"=="${EMPTY}" Set Variable ${action} ... ELSE Set Variable ${DenyCount} ${MonitorCount} Run Keyword If "${action['action']}"=="Monitor" and "${MonitorCount}"=="${EMPTY}" Set Variable ${action} ... ELSE Set Variable ${MonitorCount} ${InterceptCount} Run Keyword If "${action['action']}"=="Intercept" and "${InterceptCount}"=="${EMPTY}" Set Variable ${action} ... ELSE Set Variable ${InterceptCount} END ${trendList} Set Variable ${bfResponse['data']['trendList']} ${DefaultSessions} Set Variable ${0} ${DefaultBytes} Set Variable ${0} ${DefaultPackets} Set Variable ${0} ${AllowSessions} Set Variable ${0} ${AllowBytes} Set Variable ${0} ${AllowPackets} Set Variable ${0} ${DenySessions} Set Variable ${0} ${DenyBytes} Set Variable ${0} ${DenyPackets} Set Variable ${0} ${MonitorSessions} Set Variable ${0} ${MonitorBytes} Set Variable ${0} ${MonitorPackets} Set Variable ${0} ${InterceptSessions} Set Variable ${0} ${InterceptBytes} Set Variable ${0} ${InterceptPackets} Set Variable ${0} FOR ${treand} IN @{trendList} ${action} Get From Dictionary ${treand} action ${sessions} Get From Dictionary ${treand} sessions ${bytes} Get From Dictionary ${treand} bytes ${packets} Get From Dictionary ${treand} packets ${DefaultSessions} Run Keyword If "${action}"=="Default" Evaluate ${DefaultSessions}+${sessions} ... ELSE Set Variable ${DefaultSessions} ${DefaultBytes} Run Keyword If "${action}"=="Default" Evaluate ${DefaultBytes}+${bytes} ... ELSE Set Variable ${DefaultBytes} ${DefaultPackets} Run Keyword If "${action}"=="Default" Evaluate ${DefaultPackets}+${packets} ... ELSE Set Variable ${DefaultPackets} ${AllowSessions} Run Keyword If "${action}"=="Allow" Evaluate ${AllowSessions}+${sessions} ... ELSE Set Variable ${AllowSessions} ${AllowBytes} Run Keyword If "${action}"=="Allow" Evaluate ${AllowBytes}+${bytes} ... ELSE Set Variable ${AllowBytes} ${AllowPackets} Run Keyword If "${action}"=="Allow" Evaluate ${AllowPackets}+${packets} ... ELSE Set Variable ${AllowPackets} ${DenySessions} Run Keyword If "${action}"=="Deny" Evaluate ${DenySessions}+${sessions} ... ELSE Set Variable ${DenySessions} ${DenyBytes} Run Keyword If "${action}"=="Deny" Evaluate ${DenyBytes}+${bytes} ... ELSE Set Variable ${DenyBytes} ${DenyPackets} Run Keyword If "${action}"=="Deny" Evaluate ${DenyPackets}+${packets} ... ELSE Set Variable ${DenyPackets} ${MonitorSessions} Run Keyword If "${action}"=="Monitor" Evaluate ${MonitorSessions}+${sessions} ... ELSE Set Variable ${MonitorSessions} ${MonitorBytes} Run Keyword If "${action}"=="Monitor" Evaluate ${MonitorBytes}+${bytes} ... ELSE Set Variable ${MonitorBytes} ${MonitorPackets} Run Keyword If "${action}"=="Monitor" Evaluate ${MonitorPackets}+${packets} ... ELSE Set Variable ${MonitorPackets} ${InterceptSessions} Run Keyword If "${action}"=="Intercept" Evaluate ${InterceptSessions}+${sessions} ... ELSE Set Variable ${InterceptSessions} ${InterceptBytes} Run Keyword If "${action}"=="Intercept" Evaluate ${InterceptBytes}+${bytes} ... ELSE Set Variable ${InterceptBytes} ${InterceptPackets} Run Keyword If "${action}"=="Intercept" Evaluate ${InterceptPackets}+${packets} ... ELSE Set Variable ${InterceptPackets} END Should Be True ${DefaultCount['sessions']}==${DefaultSessions} Should Be True ${DefaultCount['packets']}==${DefaultPackets} Should Be True ${DefaultCount['bytes']}==${DefaultBytes} Should Be True ${AllowCount['sessions']}==${AllowSessions} Should Be True ${AllowCount['packets']}==${AllowPackets} Should Be True ${AllowCount['bytes']}==${AllowBytes} Should Be True ${DenyCount['sessions']}==${DenySessions} Should Be True ${DenyCount['packets']}==${DenyPackets} Should Be True ${DenyCount['bytes']}==${DenyBytes} Should Be True ${MonitorCount['sessions']}==${MonitorSessions} Should Be True ${MonitorCount['packets']}==${MonitorPackets} Should Be True ${MonitorCount['bytes']}==${MonitorBytes} Should Be True ${InterceptCount['sessions']}==${InterceptSessions} Should Be True ${InterceptCount['packets']}==${InterceptPackets} Should Be True ${InterceptCount['bytes']}==${InterceptBytes} [Return] OK Dashboard-Validation-Hits-Action [Documentation] ... security_event_log支持的action:Allow、Deny、Monitor、Intercept ... proxy_event_log支持的sub action:Allow、Deny、Monitor、Redirect、Replace、Hijack、Insert ... 到原始日志对应时间范围内对应动作比对,使用差值比对,即差的绝对值小于某个阈值参数; ... 支持security_event_log,proxy_event_log ... proxy_event_log只对sessions进行比对 ... security_event_log会进行sessions,bytes,packages三种数据的比对 ... 参数:starttime(必传,开始时间紧) ... endtime(必传,结束时间) ... orderBy 排序方式 ... logType(必填,日志类型) ... originalLogTye(必填,原始日志日志类型) ... action(必填,动作) [Arguments] ${starttime} ${endtime} ${logType} ${originalLogTye} ${action} ${data} Set Variable logType=${logType}&startTime=${startTime}&endTime=${endTime} ${url1} Set Variable report/policyevent/hit/action ${bfResponse} TrafficBFRequest ${url1} ${data} ${actionCount} Set Variable ${bfResponse['data']['actionCount']} ${actionTotal} Set Variable ${EMPTY} FOR ${action1} IN @{actionCount} ${actionTotal} Run Keyword If "${action}"=="${action1['action']}" and "${actionTotal}"=="${EMPTY}" Set Variable ${action1} ... ELSE Set Variable ${actionTotal} END Run Keyword If "${actionTotal}"=="${EMPTY}" Fail 不支持的action ${action} ${conditions} Run Keyword If "${action}"=="Allow" and "${originalLogTye}"=="security_event_log" Set Variable common_action|int|=|128 ... ELSE IF "${action}"=="Allow" and "${originalLogTye}"=="proxy_event_log" Set Variable common_sub_action|string|exactly|allow ... ELSE IF "${action}"=="Deny" and "${originalLogTye}"=="security_event_log" Set Variable common_action|int|=|16 ... ELSE IF "${action}"=="Deny" and "${originalLogTye}"=="proxy_event_log" Set Variable common_sub_action|string|exactly|deny ... ELSE IF "${action}"=="Monitor" and "${originalLogTye}"=="security_event_log" Set Variable common_action|int|=|1 ... ELSE IF "${action}"=="Monitor" and "${originalLogTye}"=="proxy_event_log" Set Variable common_sub_action|string|exactly|monitor ... ELSE IF "${action}"=="Intercept" Set Variable common_action|int|=|2 ... ELSE IF "${action}"=="Redirect" Set Variable common_sub_action|string|exactly|redirect ... ELSE IF "${action}"=="Replace" Set Variable common_sub_action|string|exactly|replace ... ELSE IF "${action}"=="Hijack" Set Variable common_sub_action|string|exactly|hijack ... ELSE IF "${action}"=="Insert" Set Variable common_sub_action|string|exactly|insert ... ELSE Set Variable ${EMPTY} ${params} Create Dictionary logType=${originalLogTye} start_common_recv_time=${startTime} end_common_recv_time=${endTime} conditions=${conditions} ${response} QueryLogs ${params} count ${sessionsTotal} Set Variable ${response['total']} ${sessionsAbs} Evaluate abs(${sessionsTotal}-${actionTotal['sessions']}) Run Keyword And Return If "${originalLogTye}"=="proxy_event_log" Should Be True ${sessionsAbs}<=${hitsAbs} Set To Dictionary ${params} pageNo=1 pageSize=${response['total']} ... fields=common_c2s_pkt_num|long,common_s2c_pkt_num|long,common_c2s_byte_num|long,common_s2c_byte_num|long conditions=${conditions} ${response} QueryLogs ${params} list #计算Allow 的bytes,packets ${calBytes} Set Variable ${0} ${calPackets} Set Variable ${0} FOR ${item} IN @{response['list']} ${bytes} Evaluate ${item['common_c2s_byte_num']}+${item['common_s2c_byte_num']} ${packets} Evaluate ${item['common_c2s_pkt_num']}+${item['common_s2c_pkt_num']} ${calBytes} Evaluate ${calBytes}+${bytes} ${calPackets} Evaluate ${calPackets}+${packets} END ${bytesAbs} Evaluate abs(${calBytes}-${actionTotal['bytes']}) ${packetsAbs} Evaluate abs(${calPackets}-${actionTotal['packets']}) Should Be True ${bytesAbs}<=${hitsAbs} Should Be True ${packetsAbs}<=${hitsAbs} [Return] OK Top-Hits-Validation [Documentation] ... 使用对应时间范围内对应策略id原始数据比对,使用差值比对,即差的绝对值小于某个阈值参数; ... top只能使用整点5分钟内数据比较,例如11:20-11:25,不能使用11:11-11:06这样的时间范围 ... 参数:starttime(必传,开始时间紧) ... endtime(必传,结束时间) ... limit topN的N ... logType(必填,日志类型) ... originalLogTye(必填,原始日志日志类型) [Arguments] ${starttime} ${endtime} ${logType} ${limit} ${originalLogTye} ${data} Set Variable logType=${logType}&startTime=${startTime}&endTime=${endTime}&limit=${limit} ${url1} Set Variable report/policyevent/hit/topn ${bfResponse} TrafficBFRequest ${url1} ${data} ${list} Set Variable ${bfResponse['data']['list']} FOR ${item} IN @{list} ${policyId} Get From Dictionary ${item} policyId ${sessions} Get From Dictionary ${item} sessions ${params} Create Dictionary logType=${originalLogTye} start_common_recv_time=${startTime} end_common_recv_time=${endTime} conditions=common_policy_id|int||${policyId} ${response} QueryLogs ${params} count ${sessionsTotal} Set Variable ${response['total']} ${sessionsAbs} Evaluate abs(${sessionsTotal}-${sessions}) Should Be True ${sessionsAbs}<=${hitsAbs} END [Return] OK Traffic-TopN-X-Validation [Documentation] ... 使用对应时间范围内对应策略ClientIP原始数据比对,使用差值比对,即差的绝对值小于某个阈值参数; ... top只能使用整点5分钟内数据比较,例如11:20-11:25,不能使用11:11-11:06这样的时间范围; ... 数据涉及三种类型:Bytes、Packets、Sessions; ... 注意通联日志数量较大,必须限制5分钟范围之内 ... URL TOPN不支持比对 ... 参数:starttime(必传,开始时间紧) ... endtime(必传,结束时间) ... limit topN的N,因为通联日志不支持url条件查询 ... orderBy(必填,排序依据:sessions、bytes、packets) ... uri(必填topN接口url最后一段) [Arguments] ${uri} ${starttime} ${endtime} ${orderBy} ${limit} #关注的统计维度,注意url只有sessions ${caredDimension} Run Keyword If "${uri}"=="clientip" Set Variable clientIp ... ELSE IF "${uri}"=="serverip" Set Variable serverIp ... ELSE IF "${uri}"=="domain" Set Variable domain ... ELSE IF "${uri}"=="subscriberid" Set Variable subscriberid ... ELSE IF "${uri}"=="url" Fail 不支持URL维度的统计对比,因为通联日志不支持url条件查询 ... ELSE Fail 不支持的统计维度${uri} ${data} Set Variable orderBy=${orderBy}&startTime=${startTime}&endTime=${endTime}&limit=${limit} ${url1} Set Variable report/traffic/topn/${uri} ${bfResponse} TrafficBFRequest ${url1} ${data} ${list} Set Variable ${bfResponse['data']['list']} ${dimensionKeywords} Set Variable ${EMPTY} ${dimensionDict} Create Dictionary ${dimensionList} Create List FOR ${item} IN @{list} ${dimensionKeyword} Set Variable ${item['${caredDimension}']} ${dimensionKeywords} Set Variable ${dimensionKeywords}^${dimensionKeyword} ${sessions} Get From Dictionary ${item} sessions ${bytes} Run Keyword If "${caredDimension}"!="url" Get From Dictionary ${item} totalBytes ... ELSE Set Variable ${0} ${packets} Run Keyword If "${caredDimension}"!="url" Get From Dictionary ${item} totalPackets ... ELSE Set Variable ${0} ${dict} Create Dictionary sessions=${sessions} bytes=${bytes} packets=${packets} ... originalSessions=${0} originalBytes=${0} originalPackets=${0} Set To Dictionary ${dimensionDict} ${dimensionKeyword}=${dict} Append To List ${dimensionList} ${dimensionKeyword} END ${dimensionKeywords} Run Keyword If "${dimensionKeywords}"!="${EMPTY}" Remove String Using Regexp ${dimensionKeywords} ^\\^ ... ELSE Set Variable ${dimensionKeywords} ${conditions} Run Keyword If "${caredDimension}"=="clientIp" Set Variable common_client_ip|string|exactly|${dimensionKeywords} ... ELSE IF "${caredDimension}"=="serverIp" Set Variable common_server_ip|string|exactly|${dimensionKeywords} ... ELSE IF "${caredDimension}"=="domain" Set Variable http_domain|string|exactly|${dimensionKeywords} ... ELSE IF "${caredDimension}"=="subscriberid" Set Variable common_subscriber_id|string|exactly|${dimensionKeywords} ... ELSE IF "${caredDimension}"=="url" Set Variable http_url|string|exactly|${dimensionKeywords} ${basicFields} Set Variable common_c2s_pkt_num|long,common_s2c_pkt_num|long,common_c2s_byte_num|long,common_s2c_byte_num|long ${fields} Run Keyword If "${caredDimension}"=="clientIp" Set Variable common_client_ip|string|,${basicFields} ... ELSE IF "${caredDimension}"=="serverIp" Set Variable common_server_ip|string|,${basicFields} ... ELSE IF "${caredDimension}"=="domain" Set Variable http_domain|string|,${basicFields} ... ELSE IF "${caredDimension}"=="subscriberid" Set Variable common_subscriber_id|string|,${basicFields} ... ELSE IF "${caredDimension}"=="url" Set Variable http_url|string|,${basicFields} ${dimensionField} Run Keyword If "${caredDimension}"=="clientIp" Set Variable common_client_ip ... ELSE IF "${caredDimension}"=="serverIp" Set Variable common_server_ip ... ELSE IF "${caredDimension}"=="domain" Set Variable http_domain ... ELSE IF "${caredDimension}"=="subscriberid" Set Variable common_subscriber_id ... ELSE IF "${caredDimension}"=="url" Set Variable http_url ${params} Create Dictionary logType=connection_record_log start_common_recv_time=${startTime} ... end_common_recv_time=${endTime} conditions=${conditions} ${response} QueryLogs ${params} count Set To Dictionary ${params} pageNo=1 pageSize=${response['total']} ... fields=${fields} conditions=${conditions} ${response} QueryLogs ${params} list FOR ${data} IN @{response['list']} ${key} Set Variable ${data['${dimensionField}']} ${value} Get From Dictionary ${dimensionDict} ${key} ${sessions} Evaluate ${value['originalSessions']}+1 ${bytes} Evaluate ${value['originalBytes']}+${data['common_c2s_byte_num']}+${data['common_s2c_byte_num']} ${packets} Evaluate ${value['originalPackets']}+${data['common_c2s_pkt_num']}+${data['common_s2c_pkt_num']} Set To Dictionary ${value} originalSessions=${sessions} originalBytes=${bytes} originalPackets=${packets} END FOR ${key} IN @{dimensionList} ${value} Get From Dictionary ${dimensionDict} ${key} ${sessionsAbs} Evaluate abs(${value['sessions']}-${value['originalSessions']}) ${packetsAbs} Evaluate abs(${value['packets']}-${value['originalPackets']}) ${bytesAbs} Evaluate abs(${value['bytes']}-${value['originalBytes']}) Run Keyword If "${orderBy}"=="bytes" Should Be True ${bytesAbs}<=${hitsAbs} Run Keyword If "${orderBy}"=="packets" Should Be True ${packetsAbs}<=${hitsAbs} Run Keyword If "${orderBy}"=="sessions" Should Be True ${sessionsAbs}<=${hitsAbs} END [Return] OK Pinning-Validation [Documentation] ... Pinning验证 ... 对应not、maybe、yes三种类型总量和不大于安全策略日志:Policy Hits by Action Sessions Intercept [Arguments] ${starttime} ${endtime} ${limit} ${data} Set Variable startTime=${startTime}&endTime=${endTime}&limit=${limit} ${url1} Set Variable report/policyevent/hit/pinning ${bfResponse} TrafficBFRequest ${url1} ${data} ${data} Set Variable ${bfResponse['data']} ${notPinningNum} Set Variable ${data['notPinningNum']} ${maybePinningNum} Set Variable ${data['maybePinningNum']} ${pinningNum} Set Variable ${data['pinningNum']} ${total} Evaluate ${notPinningNum}+${maybePinningNum}+${pinningNum} ${url2} Set Variable report/policyevent/hit/action ${data1} Set Variable logType=security_event_hits_log&startTime=${startTime}&endTime=${endTime}&limit=${limit}&orderBy=sessions ${bfResponse} TrafficBFRequest ${url2} ${data1} ${data} Set Variable ${bfResponse['data']} ${actionCount} Set Variable ${data['actionCount']} ${Intercept} Set Variable ${0} FOR ${action} IN @{actionCount} ${Intercept} Run Keyword If "${action['action']}"=="Intercept" Set Variable ${action['sessions']} ... ELSE Set Variable ${Intercept} END Should Be True ${Intercept}>=${total}