FortiShield
diff --git a/‎.github/workflows/changelog.yaml
Lines changed: 3 additions & 0 deletions b/‎.github/workflows/changelog.yaml
Lines changed: 3 additions & 0 deletions
diff --git a/‎.github/workflows/code_analysis.yaml
Lines changed: 4 additions & 1 deletion b/‎.github/workflows/code_analysis.yaml
Lines changed: 4 additions & 1 deletion
diff --git a/‎CHANGELOG.md
Lines changed: 15 additions & 3 deletions b/‎CHANGELOG.md
Lines changed: 15 additions & 3 deletions
diff --git a/‎conftest.py
Lines changed: 1 addition & 1 deletion b/‎conftest.py
Lines changed: 1 addition & 1 deletion
diff --git a/‎deps/wazuh_testing/wazuh_testing/__init__.py
Lines changed: 5 additions & 0 deletions b/‎deps/wazuh_testing/wazuh_testing/__init__.py
Lines changed: 5 additions & 0 deletions
diff --git a/‎deps/wazuh_testing/wazuh_testing/db_interface/cve_db.py
Lines changed: 24 additions & 0 deletions b/‎deps/wazuh_testing/wazuh_testing/db_interface/cve_db.py
Lines changed: 24 additions & 0 deletions
diff --git a/‎deps/wazuh_testing/wazuh_testing/event_monitor.py
Lines changed: 11 additions & 7 deletions b/‎deps/wazuh_testing/wazuh_testing/event_monitor.py
Lines changed: 11 additions & 7 deletions
diff --git a/‎deps/wazuh_testing/wazuh_testing/modules/__init__.py
Lines changed: 5 additions & 7 deletions b/‎deps/wazuh_testing/wazuh_testing/modules/__init__.py
Lines changed: 5 additions & 7 deletions
diff --git a/‎deps/wazuh_testing/wazuh_testing/modules/api/event_monitor.py
Lines changed: 2 additions & 1 deletion b/‎deps/wazuh_testing/wazuh_testing/modules/api/event_monitor.py
Lines changed: 2 additions & 1 deletion
diff --git a/‎deps/wazuh_testing/wazuh_testing/modules/aws/__init__.py
Lines changed: 58 additions & 0 deletions b/‎deps/wazuh_testing/wazuh_testing/modules/aws/__init__.py
Lines changed: 58 additions & 0 deletions
diff --git a/‎deps/wazuh_testing/wazuh_testing/modules/aws/cli_utils.py
Lines changed: 61 additions & 0 deletions b/‎deps/wazuh_testing/wazuh_testing/modules/aws/cli_utils.py
Lines changed: 61 additions & 0 deletions
@@ -1,6 +1,9 @@
 name: Changelog
 on:
   pull_request:
+    types:
+      - opened
+      - ready_for_review
     branches:
       - master
       - '[0-9]+.[0-9]+'
 
@@ -1,6 +1,9 @@
 name: Code analysis
 on:
-  pull_request
+  pull_request:
+    types:
+      - opened
+      - ready_for_review
 jobs:
   Linting:
     if: ${{ !github.event.pull_request.draft }}
 
@@ -2,21 +2,23 @@
 
 All notable changes to this project will be documented in this file.
 
-## [4.6.0] - Development (unreleased)
+## [4.6.0] - TBD
 
 Wazuh commit: TBD \
 Release report: TBD
 
 ### Changed
 - Update schema database version([#3879](https://github.com/wazuh/wazuh-qa/pull/3879)) \- (Tests)
 
-## [4.5.0] - Development (unreleased)
+## [4.5.0] - TBD
 
 Wazuh commit: TBD \
 Release report: TBD
 
 ### Added
 
+- Add integration tests for AWS module. ([#3911](https://github.com/wazuh/wazuh-qa/pull/3911)) \- (Framework + Tests + Documentation)
+- Add tests for msu patches with no associated CVE . ([#4009](https://github.com/wazuh/wazuh-qa/pull/4009)) \- (Framework + Tests)
 - Add tests with new options to avoid FIM synchronization overlapping. ([#3318](https://github.com/wazuh/wazuh-qa/pull/3318)) \- (Framework + tests)
 - Add Logcollector millisecond granularity support test case ([#3910](https://github.com/wazuh/wazuh-qa/pull/3910)) \- (Tests)
 - Add Windows System folders FIM monitoring tests ([#3720](https://github.com/wazuh/wazuh-qa/pull/3720)) \- (Tests)
@@ -28,6 +30,7 @@ Release report: TBD
 
 ### Changed
 
+- Update `test_logcollector` invalid configs log level ([#4094](https://github.com/wazuh/wazuh-qa/pull/4094)) \- (Tests)
 - Update `test_office365` to support the new tag `API_TYPE` ([#4065](https://github.com/wazuh/wazuh-qa/pull/4065)) \- (Framework + Tests)
 - Update `test_wazuh_db` & `test_enrollment` to support new column `status_code` and new value on the enrollment `payload`. ([#4021](https://github.com/wazuh/wazuh-qa/pull/4021)) \- (Tests)
 - Update FIM `test_audit` tests to new framework ([#3939](https://github.com/wazuh/wazuh-qa/pull/3939)) \- (Framework + Tests)
@@ -42,19 +45,23 @@ Release report: TBD
 
 ### Fixed
 
+- Fix a bug in on Migration tool's library ([#4106](https://github.com/wazuh/wazuh-qa/pull/4106)) \- (Framework)
 - Fix imports and add windows support for test_report_changes_and_diff IT ([#3548](https://github.com/wazuh/wazuh-qa/issues/3548)) \- (Framework + Tests)
 - Fix a regex error in the FIM integration tests ([#3061](https://github.com/wazuh/wazuh-qa/issues/3061)) \- (Framework + Tests)
 - Fix an error in the cluster performance tests related to CSV parser ([#2999](https://github.com/wazuh/wazuh-qa/pull/2999)) \- (Framework + Tests)
 - Fix bug in the framework on migration tool ([#2999](https://github.com/wazuh/wazuh-qa/pull/4027)) \- (Framework)
 
-## [4.4.2] - Development (unreleased)
+## [4.4.2] - TBD
 
 ### Added
 
+- Add test to check the Syscollector configuration. ([#3584](https://github.com/wazuh/wazuh-qa/pull/3584)) \- (Framework + Tests)
 - Add system tests for groups deletion ([#4057](https://github.com/wazuh/wazuh-qa/pull/4057)) \- (Tests)
 
 ### Fixed
 
+- Fix daemons_handler fixture (fix GCP IT) ([#4134](https://github.com/wazuh/wazuh-qa/pull/4134)) \- (Tests)
+- Fix wazuhdb IT. ([#3584](https://github.com/wazuh/wazuh-qa/pull/3584)) \- (Framework + Tests)
 - Fix agentd IT for python3.10 AMI ([#3973](https://github.com/wazuh/wazuh-qa/pull/3973)) \- (Tests)
 - Fix unstable system tests ([#4080](https://github.com/wazuh/wazuh-qa/pull/4080)) \- (Tests)
 
@@ -182,6 +189,11 @@ Release report: https://github.com/wazuh/wazuh/issues/15504
 - Remove all FIM Integration skipped tests ([#2927](https://github.com/wazuh/wazuh-qa/issues/2927)) \- (Framework + Tests)
 - VDT ITs: Remove Debian Stretch test support. ([#3172](https://github.com/wazuh/wazuh-qa/pull/3172)) \- (Tests)
 
+## [4.3.11] - 20-04-2023
+
+Wazuh commit: https://github.com/wazuh/wazuh/commit/776fda906581a1e4ee170c3e7e73a58d69e41f95 \
+Release report: https://github.com/wazuh/wazuh/issues/16758
+
 ## [4.3.10] - 16-11-2022
 
 Wazuh commit: https://github.com/wazuh/wazuh/commit/89530f11c9e592cd2e551432209b0080f08ff8e5 \
 
@@ -1,6 +1,6 @@
 import pytest
 
+
 def pytest_collectreport(report):
     if report.failed:
         pass
-
@@ -13,12 +13,14 @@
 if sys.platform == 'win32':
     WAZUH_PATH = os.path.join("C:", os.sep, "Program Files (x86)", "ossec-agent")
     LOG_FILE_PATH = os.path.join(WAZUH_PATH, 'ossec.log')
+    SYSCOLLECTOR_DB_PATH = os.path.join(WAZUH_PATH, 'queue', 'syscollector', 'db', 'local.db')
 else:
     if sys.platform == 'darwin':
         WAZUH_PATH = os.path.join("/", "Library", "Ossec")
     else:
         WAZUH_PATH = os.path.join("/var", "ossec")
     LOG_FILE_PATH = os.path.join(WAZUH_PATH, 'logs', 'ossec.log')
+    SYSCOLLECTOR_DB_PATH = os.path.join(WAZUH_PATH, 'queue', 'syscollector', 'db', 'local.db')
 
 
 WAZUH_CONF_PATH = os.path.join(WAZUH_PATH, 'etc', 'ossec.conf')
@@ -40,6 +42,8 @@
 WAZUH_TESTING_PATH = os.path.dirname(os.path.abspath(__file__))
 WAZUH_TESTING_DATA_PATH = os.path.join(os.path.dirname(os.path.realpath(__file__)), 'data')
 DEFAULT_AUTHD_PASS_PATH = os.path.join(WAZUH_PATH, 'etc', 'authd.pass')
+TEMPLATE_DIR = 'configuration_template'
+TEST_CASES_DIR = 'test_cases'
 
 
 # Daemons
@@ -66,6 +70,7 @@
 ANALYSISD_STATE = os.path.join(WAZUH_PATH, 'var', 'run', 'wazuh-analysisd.state')
 
 # Timeouts
+T_2 = 2
 T_5 = 5
 T_10 = 10
 T_20 = 20
 
@@ -228,3 +228,27 @@ def get_nvd_metadata_timestamp(year):
         return None
 
     return result[0]
+
+
+def get_rows_from_table(value, column, table, limit=None):
+    """
+    Args:
+        value (str): value that user wants to find in query
+        column (str): Name of the column where the value will be searched for.
+        table (str): Name of the table where the value will be searched for.
+        limit (int) - Optional: Maximum amount of results to look for. Default None (No Limit used).
+
+    Returns:
+        List (str): List with each instance of the value found
+    """
+
+    query_string = f"SELECT * FROM {table} WHERE {column} LIKE '{value}'"
+
+    if limit is not None:
+        query_string = query_string + f"LIMIT {limit}"
+
+    result = get_sqlite_query_result(CVE_DB_PATH, query_string)
+    if len(result) == 0:
+        return None
+
+    return result[0]
@@ -5,35 +5,39 @@
 
 def make_callback(pattern, prefix=''):
     """Create a callback function from a text pattern.
+
     Args:
-        pattern (str): String to match on the log.
+        pattern (str): string to match on the log.
         prefix (str): regular expression used as prefix before the pattern.
+
     Returns:
         lambda: function that returns if there's a match in the file
     """
     pattern = r'\s+'.join(pattern.split())
-    regex = re.compile(r'{}{}'.format(prefix, pattern))
+    regex = re.compile(r'{}{}'.format(prefix, pattern)) if prefix else re.compile(pattern)
 
     return lambda line: regex.match(line)
 
 
 def check_event(file_monitor=None, callback='', error_message=None, update_position=True, timeout=20,
-                accum_results=1, file_to_monitor=None):
-    """Check if an API event occurs
+                accum_results=1, file_to_monitor=None, prefix=None):
+    """Check if an event occurs.
+
     Args:
         file_monitor (FileMonitor): FileMonitor object to monitor the file content.
         callback (str): log regex to check in the file
         error_message (str): error message to show in case of expected event does not occur
         update_position (boolean): filter configuration parameter to search in the file
+        accum_results (int): accumulation of matches.
+        file_to_monitor (str): path to the file to be monitored.
         timeout (str): timeout to check the event in the file
-        prefix (str): log pattern regex
-        accum_results (int): Accumulation of matches.
+        prefix (str): prefix of the log message regex
     """
     file_monitor = FileMonitor(file_to_monitor) if file_monitor is None else file_monitor
     error_message = f"Could not find this event in {file_to_monitor}: {callback}" if error_message is None else \
         error_message
 
     result = file_monitor.start(timeout=timeout, update_position=update_position, accum_results=accum_results,
-                                callback=make_callback(callback), error_message=error_message)
+                                callback=make_callback(callback, prefix), error_message=error_message)
 
     return result
@@ -1,15 +1,13 @@
-# Copyright (C) 2015-2023, Wazuh Inc.
-# Created by Wazuh, Inc. <[email protected]>.
-# This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
-
 '''
-The purpose of this file is to contain all the variables necessary for Wazuh in order to be easier
-to maintain if one of them changes in the future.
+copyright: Copyright (C) 2015-2023, Wazuh Inc.
+           Created by Wazuh, Inc. <[email protected]>.
+           This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
 '''
 import pytest
 
-WAZUH_SERVICE_PREFIX = 'wazuh'
+# Services Variables
 WAZUH_SERVICES_STOPPED = 'stopped'
+WAZUH_SERVICE_PREFIX = 'wazuh'
 WAZUH_SERVICES_STOP = 'stop'
 WAZUH_SERVICES_START = 'start'
 
 
@@ -35,9 +35,10 @@ def check_api_event(file_monitor=None, callback='', error_message=None, update_p
         callback (str): log regex to check in the file
         error_message (str): error message to show in case of expected event does not occur
         update_position (boolean): filter configuration parameter to search in the file
-        timeout (str): timeout to check the event in the file
+        timeout (int): timeout to check the event in the file
         prefix (str): log pattern regex
         accum_results (int): Accumulation of matches.
+        file_to_monitor (str): File to be monitored.
     """
     file_monitor = FileMonitor(file_to_monitor) if file_monitor is None else file_monitor
     error_message = f"Could not find this event in {file_to_monitor}: {callback}" if error_message is None else \
 
@@ -0,0 +1,58 @@
+from pathlib import Path
+
+from wazuh_testing import WAZUH_PATH
+
+AWS_MODULE_PATH = Path(WAZUH_PATH, 'wodles', 'aws')
+S3_CLOUDTRAIL_DB_PATH = Path(AWS_MODULE_PATH, 's3_cloudtrail.db')
+AWS_SERVICES_DB_PATH = Path(AWS_MODULE_PATH, 'aws_services.db')
+
+AWS_LOGS = 'AWSLogs'
+RANDOM_ACCOUNT_ID = '819751203818'
+CLOUDTRAIL = 'CloudTrail'
+GUARDDUTY = 'GuardDuty'
+VPC_FLOW_LOGS = 'vpcflowlogs'
+FLOW_LOG_ID = 'fl-0754d951c16f517fa'
+CONFIG = 'Config'
+ELASTIC_LOAD_BALANCING = 'elasticloadbalancing'
+SERVER_ACCESS_TABLE_NAME = 's3_server_access'
+PERMANENT_CLOUDWATCH_LOG_GROUP = 'wazuh-cloudwatchlogs-integration-tests'
+TEMPORARY_CLOUDWATCH_LOG_GROUP = 'temporary-log-group'
+FAKE_CLOUDWATCH_LOG_GROUP = 'fake-log-group'
+
+EVENT_TIME_FORMAT = '%Y-%m-%dT%H:%M:%SZ'
+PATH_DATE_FORMAT = '%Y/%m/%d'
+PATH_DATE_NO_PADED_FORMAT = '%Y/%-m/%-d'
+FILENAME_DATE_FORMAT = '%Y%m%dT%H%MZ'
+ALB_DATE_FORMAT = '%Y-%m-%dT%H:%M:%fZ'
+
+US_EAST_1_REGION = 'us-east-1'
+
+JSON_EXT = '.json'
+LOG_EXT = '.log'
+JSON_GZ_EXT = '.jsonl.gz'
+CSV_EXT = '.csv'
+
+# Bucket types
+CLOUD_TRAIL_TYPE = 'cloudtrail'
+VPC_FLOW_TYPE = 'vpcflow'
+CONFIG_TYPE = 'config'
+ALB_TYPE = 'alb'
+CLB_TYPE = 'clb'
+NLB_TYPE = 'nlb'
+KMS_TYPE = 'kms'
+MACIE_TYPE = 'macie'
+KMS_TYPE = 'kms'
+TRUSTED_ADVISOR_TYPE = 'trusted'
+CUSTOM_TYPE = 'custom'
+GUARD_DUTY_TYPE = 'guardduty'
+NATIVE_GUARD_DUTY_TYPE = 'native-guardduty'
+WAF_TYPE = 'waf'
+SERVER_ACCESS = 'server_access'
+CISCO_UMBRELLA_TYPE = 'cisco_umbrella'
+
+# Params
+
+ONLY_LOGS_AFTER_PARAM = '--only_logs_after'
+
+
+local_internal_options = {'wazuh_modules.debug': '2', 'monitord.rotate_log': '0'}
@@ -0,0 +1,61 @@
+import subprocess
+from pathlib import Path
+
+from wazuh_testing import logger
+from wazuh_testing.modules.aws import AWS_MODULE_PATH
+from wazuh_testing.modules.aws.exceptions import OutputAnalysisError
+
+AWS_BINARY_PATH = Path(AWS_MODULE_PATH, 'aws-s3')
+
+
+def call_aws_module(*parameters):
+    """Given some parameters call the AWS module and return the output.
+
+    Returns:
+        str: The command output.
+    """
+    command = [AWS_BINARY_PATH, *parameters]
+    logger.debug("Calling AWS module with: '%s'", command)
+    command_result = subprocess.run(command, capture_output=True)
+
+    return command_result.stdout.decode()
+
+
+def _default_callback(line: str):
+    print(line)
+    return line
+
+
+def analyze_command_output(
+    command_output, callback=_default_callback, expected_results=1, error_message=''
+):
+    """Analyze the given command output searching for a pattern.
+
+    Args:
+        command_output (str): The output to analyze.
+        callback (Callable, optional): A callback to process each line. Defaults to _default_callback.
+        expected_results (int, optional): Number of expected results. Defaults to 1.
+        error_message (str, optional): Message to show with the exception. Defaults to ''.
+
+    Raises:
+        OutputAnalysisError: When the expected results are not correct.
+    """
+
+    results = []
+
+    for line in command_output.splitlines():
+        logger.debug(line)
+        item = callback(line)
+
+        if item is not None:
+            results.append(item)
+
+    results_len = len(results)
+
+    if results_len != expected_results:
+        if error_message:
+            logger.error(error_message)
+            logger.error('Results found: %s', results_len)
+            logger.error('Results expected: %s', expected_results)
+            raise OutputAnalysisError(error_message)
+        raise OutputAnalysisError()