diff --git a/generator/test_case_generator.go b/generator/test_case_generator.go index fe240389d..223ed43fe 100644 --- a/generator/test_case_generator.go +++ b/generator/test_case_generator.go @@ -125,6 +125,7 @@ var testTypeToTestConfig = map[string][]testConfig{ "ec2_windows_performance": { {testDir: "../../test/performance/windows/logs"}, {testDir: "../../test/performance/windows/system"}, + {testDir: "../../test/performance/windows/windows_events"}, }, "ec2_stress": { {testDir: "../../test/stress/emf"}, @@ -136,6 +137,7 @@ var testTypeToTestConfig = map[string][]testConfig{ "ec2_windows_stress": { {testDir: "../../test/stress/windows/logs"}, {testDir: "../../test/stress/windows/system"}, + {testDir: "../../test/stress/windows/windows_events"}, }, "ecs_fargate": { {testDir: "./test/ecs/ecs_metadata"}, diff --git a/terraform/performance/main.tf b/terraform/performance/main.tf index 2a6182c3a..18a5e5a52 100644 --- a/terraform/performance/main.tf +++ b/terraform/performance/main.tf @@ -152,4 +152,4 @@ data "aws_ami" "latest" { data "aws_dynamodb_table" "performance-dynamodb-table" { name = module.common.performance-dynamodb-table -} +} \ No newline at end of file diff --git a/test/performance/windows/windows_events/agent_config.json b/test/performance/windows/windows_events/agent_config.json new file mode 100644 index 000000000..ec5973f4c --- /dev/null +++ b/test/performance/windows/windows_events/agent_config.json @@ -0,0 +1,108 @@ +{ + "agent": { + "metrics_collection_interval": 1 + }, + "metrics": { + "namespace": "CloudWatchAgentPerformance", + "append_dimensions": { + "InstanceId": "${aws:InstanceId}" + }, + "metrics_collected": { + "Memory": { + "measurement": [ + { + "name": "Available Bytes", + "rename": "Available_Bytes" + } + ], + "metrics_collection_interval": 1 + }, + "Network Interface": { + "resources": [ + "*" + ], + "measurement": [ + { + "name": "Bytes Sent/sec", + "rename": "Bytes_Sent_Per_Sec" + }, + { + "name": "Packets Sent/sec", + "rename": "Packets_Sent_Per_Sec" + } + ], + "metrics_collection_interval": 1 + }, + "procstat": [ + { + "exe": "amazon-cloudwatch-agent.exe", + "measurement": [ + "cpu_usage", + "memory_rss", + "memory_vms", + "write_bytes" + ], + "metrics_collection_interval": 1 + } + ] + } + }, + "logs": { + "logs_collected": { + "windows_events": { + "collect_list": [ + { + "event_format": "xml", + "event_levels": [ + "VERBOSE", + "INFORMATION", + "WARNING", + "ERROR", + "CRITICAL" + ], + "event_name": "System", + "log_group_name": "{instance_id}", + "log_stream_name": "System" + }, + { + "event_format": "xml", + "event_levels": [ + "VERBOSE", + "INFORMATION", + "WARNING", + "ERROR", + "CRITICAL" + ], + "event_name": "Security", + "log_group_name": "{instance_id}", + "log_stream_name": "Security" + }, + { + "event_format": "xml", + "event_levels": [ + "VERBOSE", + "INFORMATION", + "WARNING", + "ERROR", + "CRITICAL" + ], + "event_name": "Application", + "log_group_name": "{instance_id}", + "log_stream_name": "Application" + } + ] + }, + "files": { + "collect_list": [ + { + "file_path": "C:/Users/Administrator/AppData/Local/Temp/test1.log", + "log_group_name": "{instance_id}", + "log_stream_name": "test1.log", + "timezone": "UTC" + } + ] + } + }, + "force_flush_interval": 60 + } +} diff --git a/test/performance/windows/windows_events/parameters.yml b/test/performance/windows/windows_events/parameters.yml new file mode 100644 index 000000000..8def65b79 --- /dev/null +++ b/test/performance/windows/windows_events/parameters.yml @@ -0,0 +1,133 @@ +receivers: ["logs"] + +test_case: "logs_windows_events_performance" +validate_type: "performance" +data_type: "logs" +# Number of logs being written +number_monitored_logs: 100 +# Number of metrics to be sent or number of log lines being written each minute +values_per_minute: "" +# Number of seconds the agent should run and collect the metrics. In this case, 5 minutes +agent_collection_period: 300 + +commit_hash: +commit_date: + +os_family: "" +cloudwatch_agent_config: "" + +# Metric that the test needs to validate; moreover, the stress validation already has +# InstanceID dimension; therefore, does not need to validate it +# https://github.com/aws/amazon-cloudwatch-agent-test/pull/109/files#diff-47c87373e751dd9fd5ce504e44b320765c8b84d6cde524a4e8a32cfa34674165R124-R135 +metric_namespace: "CloudWatchAgentPerformance" +metric_validation: + - metric_name: "procstat cpu_usage" + metric_sample_count: 300 + metric_dimension: + - name: "exe" + value: "amazon-cloudwatch-agent.exe" + - name: "process_name" + value: "amazon-cloudwatch-agent.exe" + - metric_name: "procstat memory_rss" + metric_sample_count: 300 + metric_dimension: + - name: "exe" + value: "amazon-cloudwatch-agent.exe" + - name: "process_name" + value: "amazon-cloudwatch-agent.exe" + - metric_name: "procstat memory_vms" + metric_sample_count: 300 + metric_dimension: + - name: "exe" + value: "amazon-cloudwatch-agent.exe" + - name: "process_name" + value: "amazon-cloudwatch-agent.exe" + - metric_name: "procstat write_bytes" + metric_sample_count: 300 + metric_dimension: + - name: "exe" + value: "amazon-cloudwatch-agent.exe" + - name: "process_name" + value: "amazon-cloudwatch-agent.exe" + + # Validations for Network Interface + - metric_name: "Bytes_Sent_Per_Sec" + metric_dimension: + - name: "objectname" + value: "Network Interface" + - name: "instance" + value: "Amazon Elastic Network Adapter" + - metric_name: "Packets_Sent_Per_Sec" + metric_dimension: + - name: "objectname" + value: "Network Interface" + - name: "instance" + value: "Amazon Elastic Network Adapter" + # Validate Memory metrics + - metric_name: "Available_Bytes" + metric_sample_count: 60 + metric_dimension: + - name: "objectname" + value: "Memory" + +log_validation: + - log_value: "Security Informational log" + log_level: "Information" + log_lines: 1 + log_stream: "Security" + log_source: "WindowsEvents" + - log_value: "Security Warning log" + log_level: "Warning" + log_lines: 1 + log_stream: "Security" + log_source: "WindowsEvents" + - log_value: "Security Error log" + log_level: "Error" + log_lines: 1 + log_stream: "Security" + log_source: "WindowsEvents" + - log_value: "Security Critical log" + log_level: "Critical" + log_lines: 1 + log_stream: "Security" + log_source: "WindowsEvents" + - log_value: "System information log" + log_level: "Information" + log_lines: 1 + log_stream: "System" + log_source: "WindowsEvents" + - log_value: "System warning log" + log_level: "Warning" + log_lines: 1 + log_stream: "System" + log_source: "WindowsEvents" + - log_value: "System error log" + log_level: "Error" + log_lines: 1 + log_stream: "System" + log_source: "WindowsEvents" + - log_value: "System Critical log" + log_level: "Critical" + log_lines: 1 + log_stream: "System" + log_source: "WindowsEvents" + - log_value: "Application information log" + log_level: "Information" + log_lines: 1 + log_stream: "Application" + log_source: "WindowsEvents" + - log_value: "Application warning log" + log_level: "Warning" + log_lines: 1 + log_stream: "Application" + log_source: "WindowsEvents" + - log_value: "Application error log" + log_level: "Error" + log_lines: 1 + log_stream: "Application" + log_source: "WindowsEvents" + - log_value: "Application critical log" + log_level: "Critical" + log_lines: 1 + log_stream: "Application" + log_source: "WindowsEvents" \ No newline at end of file diff --git a/test/stress/windows/windows_events/agent_config.json b/test/stress/windows/windows_events/agent_config.json new file mode 100644 index 000000000..10a631944 --- /dev/null +++ b/test/stress/windows/windows_events/agent_config.json @@ -0,0 +1,100 @@ +{ + "agent": { + "debug": true + }, + "metrics": { + "namespace": "CloudWatchAgentStress", + "metrics_collected": { + "net": { + "resources": [ + "eth0" + ], + "measurement": [ + { + "name": "Bytes Sent/sec", + "rename": "Bytes_Sent_Per_Sec" + }, + { + "name": "Packets Sent/sec", + "rename": "Packets_Sent_Per_Sec" + } + ], + "metrics_collection_interval": 1 + }, + "procstat": [ + { + "exe": "cloudwatch-agent", + "measurement": [ + "cpu_usage", + "memory_rss", + "memory_vms", + "write_bytes" + ], + "metrics_collection_interval": 1 + } + ] + }, + "append_dimensions": { + "InstanceId": "${aws:InstanceId}" + }, + "force_flush_interval": 10 + }, + "logs": { + "logs_collected": { + "windows_events": { + "collect_list": [ + { + "event_format": "xml", + "event_levels": [ + "VERBOSE", + "INFORMATION", + "WARNING", + "ERROR", + "CRITICAL" + ], + "event_name": "System", + "log_group_name": "{instance_id}", + "log_stream_name": "System" + }, + { + "event_format": "xml", + "event_levels": [ + "VERBOSE", + "INFORMATION", + "WARNING", + "ERROR", + "CRITICAL" + ], + "event_name": "Security", + "log_group_name": "{instance_id}", + "log_stream_name": "Security" + }, + { + "event_format": "xml", + "event_levels": [ + "VERBOSE", + "INFORMATION", + "WARNING", + "ERROR", + "CRITICAL" + ], + "event_name": "Application", + "log_group_name": "{instance_id}", + "log_stream_name": "Application" + } + ] + }, + "files": { + "collect_list": [ + { + "file_path": "C:/Users/Administrator/AppData/Local/Temp/test1.log", + "log_group_name": "{instance_id}", + "log_stream_name": "test1.log", + "timezone": "UTC" + } + ] + } + }, + "force_flush_interval": 60 + } +} diff --git a/test/stress/windows/windows_events/parameters.yml b/test/stress/windows/windows_events/parameters.yml new file mode 100644 index 000000000..9f19bca52 --- /dev/null +++ b/test/stress/windows/windows_events/parameters.yml @@ -0,0 +1,133 @@ +receivers: ["logs"] + +test_case: "logs_windows_events_stress" +validate_type: "stress" +data_type: "logs" +# Number of logs being written +number_monitored_logs: 100 +# Number of metrics to be sent or number of log lines being written each minute +values_per_minute: "" +# Number of seconds the agent should run and collect the metrics. In this case, 5 minutes +agent_collection_period: 300 + +commit_hash: +commit_date: + +os_family: "" +cloudwatch_agent_config: "" + +# Metric that the test needs to validate; moreover, the stress validation already has +# InstanceID dimension; therefore, does not need to validate it +# https://github.com/aws/amazon-cloudwatch-agent-test/pull/109/files#diff-47c87373e751dd9fd5ce504e44b320765c8b84d6cde524a4e8a32cfa34674165R124-R135 +metric_namespace: "CloudWatchAgentStress" +metric_validation: + - metric_name: "procstat cpu_usage" + metric_sample_count: 300 + metric_dimension: + - name: "exe" + value: "amazon-cloudwatch-agent.exe" + - name: "process_name" + value: "amazon-cloudwatch-agent.exe" + - metric_name: "procstat memory_rss" + metric_sample_count: 300 + metric_dimension: + - name: "exe" + value: "amazon-cloudwatch-agent.exe" + - name: "process_name" + value: "amazon-cloudwatch-agent.exe" + - metric_name: "procstat memory_vms" + metric_sample_count: 300 + metric_dimension: + - name: "exe" + value: "amazon-cloudwatch-agent.exe" + - name: "process_name" + value: "amazon-cloudwatch-agent.exe" + - metric_name: "procstat write_bytes" + metric_sample_count: 300 + metric_dimension: + - name: "exe" + value: "amazon-cloudwatch-agent.exe" + - name: "process_name" + value: "amazon-cloudwatch-agent.exe" + + # Validations for Network Interface + - metric_name: "Bytes_Sent_Per_Sec" + metric_dimension: + - name: "objectname" + value: "Network Interface" + - name: "instance" + value: "Amazon Elastic Network Adapter" + - metric_name: "Packets_Sent_Per_Sec" + metric_dimension: + - name: "objectname" + value: "Network Interface" + - name: "instance" + value: "Amazon Elastic Network Adapter" + # Validate Memory metrics + - metric_name: "Available_Bytes" + metric_sample_count: 60 + metric_dimension: + - name: "objectname" + value: "Memory" + +log_validation: + - log_value: "Security Informational log" + log_level: "Information" + log_lines: 1 + log_stream: "Security" + log_source: "WindowsEvents" + - log_value: "Security Warning log" + log_level: "Warning" + log_lines: 1 + log_stream: "Security" + log_source: "WindowsEvents" + - log_value: "Security Error log" + log_level: "Error" + log_lines: 1 + log_stream: "Security" + log_source: "WindowsEvents" + - log_value: "Security Critical log" + log_level: "Critical" + log_lines: 1 + log_stream: "Security" + log_source: "WindowsEvents" + - log_value: "System information log" + log_level: "Information" + log_lines: 1 + log_stream: "System" + log_source: "WindowsEvents" + - log_value: "System warning log" + log_level: "Warning" + log_lines: 1 + log_stream: "System" + log_source: "WindowsEvents" + - log_value: "System error log" + log_level: "Error" + log_lines: 1 + log_stream: "System" + log_source: "WindowsEvents" + - log_value: "System Critical log" + log_level: "Critical" + log_lines: 1 + log_stream: "System" + log_source: "WindowsEvents" + - log_value: "Application information log" + log_level: "Information" + log_lines: 1 + log_stream: "Application" + log_source: "WindowsEvents" + - log_value: "Application warning log" + log_level: "Warning" + log_lines: 1 + log_stream: "Application" + log_source: "WindowsEvents" + - log_value: "Application error log" + log_level: "Error" + log_lines: 1 + log_stream: "Application" + log_source: "WindowsEvents" + - log_value: "Application critical log" + log_level: "Critical" + log_lines: 1 + log_stream: "Application" + log_source: "WindowsEvents" \ No newline at end of file diff --git a/util/common/logs.go b/util/common/logs.go index 92a4e9ca1..b74e6da29 100644 --- a/util/common/logs.go +++ b/util/common/logs.go @@ -32,6 +32,7 @@ func GenerateLogs(configFilePath string, duration time.Duration, sendingInterval } func GenerateWindowsEvents(validationLog []models.LogValidation) error { + log.Printf("Windows event creation") var multiErr error for _, vLog := range validationLog { if vLog.LogSource == "WindowsEvents" && vLog.LogLevel != "" { diff --git a/validator/models/validation_config.go b/validator/models/validation_config.go index ed9a96fb6..314fa3356 100644 --- a/validator/models/validation_config.go +++ b/validator/models/validation_config.go @@ -15,7 +15,7 @@ import ( "gopkg.in/yaml.v3" ) -var supportedReceivers = []string{"logs", "statsd", "collectd", "system", "emf"} +var supportedReceivers = []string{"logs", "statsd", "collectd", "system", "emf", "windows_events"} type ValidateConfig interface { GetPluginsConfig() []string