chore: randomize alb content (#71)

* randomize alb content

Signed-off-by: Kavindu Dodanduwa <[email protected]>

* fix test

Signed-off-by: Kavindu Dodanduwa <[email protected]>

---------

Signed-off-by: Kavindu Dodanduwa <[email protected]>

Author: Kavindu-Dodan

generators/elb.go

@@ -2,6 +2,7 @@ package generators
 
 import (
 	"fmt"
+	"math/rand"
 )
 
 type ALBGen struct {
@@ -15,19 +16,31 @@ func NewALBGen() *ALBGen {
 }
 
 func (a *ALBGen) Generate() (int64, error) {
+	accountID := randomSampleAccountID()
+
 	customizer := albCustomizer{
-		logType:        randomSchema(),
-		timestamp:      iso8601Now(),
-		creationTime:   iso8601Now(),
-		clientIPPort:   fmt.Sprintf("%s:%d", randomIP(), randomPort()),
-		targetIPPort:   fmt.Sprintf("%s:%d", randomIP(), randomPort()),
-		targetPortList: fmt.Sprintf("%s:%d", randomIP(), randomPort()),
-		request:        `"GET http://www.example.com:80/ HTTP/1.1"`,
-		elbID:          "appA/loadbalancer/123456789",
-		targetARN:      "arn:aws:elasticloadbalancing:us-east-1:123456789:targetID",
-		traceID:        `"trace=123456789"`,
-		userAgent:      `"curl/7.46.0"`,
-		requestID:      "TID_123456789",
+		cipher:           randomSSLCipher(),
+		clientIPPort:     fmt.Sprintf("%s:%d", randomIP(), randomPort()),
+		creationTime:     iso8601Now(),
+		domain:           randomDomain(),
+		elbID:            fmt.Sprintf("appA/loadbalancer/%s", accountID),
+		elbStatus:        randomStatus(),
+		logType:          randomSchema(),
+		receivedBytes:    randomBytesSize(),
+		request:          fmt.Sprintf("\"GET %s://%s:80/ HTTP/1.1\"", randomSchema(), randomDomain()),
+		requestID:        randomAZ09String(5),
+		requestProcTime:  randomProcessingTime(),
+		responseProcTime: randomProcessingTime(),
+		sentBytes:        randomBytesSize(),
+		sslProtocol:      sslProtocol(),
+		targetARN:        fmt.Sprintf("arn:aws:elasticloadbalancing:%s:%s:targetID", randomRegion(), accountID),
+		targetIPPort:     fmt.Sprintf("%s:%d", randomIP(), randomPort()),
+		targetPortList:   fmt.Sprintf("%s:%d", randomIP(), randomPort()),
+		targetProcTime:   randomProcessingTime(),
+		targetStatus:     randomStatus(),
+		timestamp:        iso8601Now(),
+		traceID:          fmt.Sprintf("\"trace=%d\"", rand.Intn(1000)),
+		userAgent:        fmt.Sprintf("\"%s\"", userAgents[rand.Intn(len(userAgents))]),
 	}
 
 	err := a.buf.write([]byte(buildALBLogLine(customizer)))
@@ -45,53 +58,53 @@ func (a *ALBGen) GetAndReset() []byte {
 // helpers
 
 const (
-	requestProcessingTimeMs  = "0.000"
-	targetProcessingTimeMs   = "0.001"
-	responseProcessingTimeMs = "0.000"
-	elbStatusCode            = "200"
-	targetStatusCode         = "200"
-	receivedBytes            = "34"
-	sentBytes                = "366"
-	matchedRulePriority      = "0"
-	actionsExecuted          = `"forward"`
-	targetStatusList         = `"200"`
-	sslCipher                = "-"
-	sslProtocol              = "-"
-	domainName               = `"-"`
-	chosenCertArn            = `"-"`
-	redirectURL              = `"-"`
-	errorReason              = `"-"`
-	targetHealthReason       = `"-"`
-	targetHealthDescription  = `"-"`
+	matchedRulePriority     = "0"
+	actionsExecuted         = `"forward"`
+	targetStatusList        = `"200"`
+	chosenCertArn           = `"-"`
+	redirectURL             = `"-"`
+	errorReason             = `"-"`
+	targetHealthReason      = `"-"`
+	targetHealthDescription = `"-"`
 )
 
 type albCustomizer struct {
-	logType        string
-	timestamp      string
-	creationTime   string
-	request        string
-	elbID          string
-	targetARN      string
-	traceID        string
-	userAgent      string
-	clientIPPort   string
-	targetIPPort   string
-	targetPortList string
-	requestID      string
+	cipher           string
+	clientIPPort     string
+	creationTime     string
+	domain           string
+	elbID            string
+	elbStatus        string
+	logType          string
+	receivedBytes    int
+	request          string
+	requestID        string
+	requestProcTime  float32
+	responseProcTime float32
+	sentBytes        int
+	sslProtocol      string
+	targetARN        string
+	targetIPPort     string
+	targetPortList   string
+	targetProcTime   float32
+	targetStatus     string
+	timestamp        string
+	traceID          string
+	userAgent        string
 }
 
 func buildALBLogLine(input albCustomizer) string {
 	logLine := fmt.Sprintf(
-		"%s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s\n",
+		"%s %s %s %s %s %0.3f %0.3f %0.3f %s %s %d %d %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s\n",
 		input.logType, input.timestamp, input.elbID,
 		input.clientIPPort, input.targetIPPort,
-		requestProcessingTimeMs, targetProcessingTimeMs, responseProcessingTimeMs,
-		elbStatusCode, targetStatusCode,
-		receivedBytes, sentBytes,
+		input.requestProcTime, input.targetProcTime, input.responseProcTime,
+		input.elbStatus, input.targetStatus,
+		input.receivedBytes, input.sentBytes,
 		input.request, input.userAgent,
-		sslCipher, sslProtocol,
+		input.cipher, input.sslProtocol,
 		input.targetARN, input.traceID,
-		domainName, chosenCertArn,
+		input.domain, chosenCertArn,
 		matchedRulePriority, input.creationTime,
 		actionsExecuted, redirectURL, errorReason,
 		input.targetPortList, targetStatusList,

generators/elb_test.go

@@ -13,18 +13,28 @@ const upstreamALBHTTP = `http 2018-07-02T22:23:00.186641Z app/my-loadbalancer/50
 func Test_buildALB(t *testing.T) {
 	t.Run("Validate AWS documented HTTP ALB line", func(t *testing.T) {
 		line := buildALBLogLine(albCustomizer{
-			logType:        "http",
-			timestamp:      "2018-07-02T22:23:00.186641Z",
-			creationTime:   "2018-07-02T22:22:48.364000Z",
-			request:        `"GET http://www.example.com:80/ HTTP/1.1"`,
-			elbID:          "app/my-loadbalancer/50dc6c495c0c9188",
-			targetARN:      "arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067",
-			traceID:        `"Root=1-58337262-36d228ad5d99923122bbe354"`,
-			userAgent:      `"curl/7.46.0"`,
-			clientIPPort:   "192.168.131.39:2817",
-			targetIPPort:   "10.0.0.1:80",
-			targetPortList: `"10.0.0.1:80"`,
-			requestID:      "TID_1234abcd5678ef90",
+			logType:          "http",
+			timestamp:        "2018-07-02T22:23:00.186641Z",
+			creationTime:     "2018-07-02T22:22:48.364000Z",
+			request:          `"GET http://www.example.com:80/ HTTP/1.1"`,
+			elbID:            "app/my-loadbalancer/50dc6c495c0c9188",
+			targetARN:        "arn:aws:elasticloadbalancing:us-east-2:123456789012:targetgroup/my-targets/73e2d6bc24d8a067",
+			traceID:          `"Root=1-58337262-36d228ad5d99923122bbe354"`,
+			userAgent:        `"curl/7.46.0"`,
+			clientIPPort:     "192.168.131.39:2817",
+			targetIPPort:     "10.0.0.1:80",
+			targetPortList:   `"10.0.0.1:80"`,
+			requestID:        "TID_1234abcd5678ef90",
+			requestProcTime:  0.000,
+			targetProcTime:   0.001,
+			responseProcTime: 0.000,
+			elbStatus:        "200",
+			targetStatus:     "200",
+			cipher:           "-",
+			sslProtocol:      "-",
+			domain:           `"-"`,
+			receivedBytes:    34,
+			sentBytes:        366,
 		})
 
 		require.Equal(t, upstreamALBHTTP, strings.TrimSpace(line))

generators/utils.go

@@ -13,30 +13,39 @@ const charsCapital = "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
 
 var ff = false
 var tt = true
-var schema = []string{"http", "https"}
-var vpcActions = []string{"ACCEPT", "REJECT"}
+
+var contentTypes = []string{"text/html", "application/json", "text/plain", "application/xml"}
+var countryCodes = []string{"US", "GB", "DE", "FR", "IN", "CN", "JP", "AU", "CA", "BR"}
+var sampleDomains = []string{"example.com", "test.com", "sample.org", "demo.net"}
 var httpMethods = []string{"GET", "POST", "PUT", "DELETE", "PATCH", "HEAD", "OPTIONS"}
+var httpSchema = []string{"http", "https"}
 var httpSourceIDs = []string{"E2A1BCD34FGH56", "E3B2CDE45GHI67", "E4C3DEF56HIJ78", "E5D4EFG67IJK89"}
 var queryStrings = []string{"", "a=1&b=2", "user=abc", "id=12345", "page=1", "search=term"}
-var uriPaths = []string{"/", "/home", "/api/resource", "/login"}
-var contentTypes = []string{"text/html", "application/json", "text/plain", "application/xml"}
-var userAgents = []string{
-	"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3"}
-var countryCodes = []string{"US", "GB", "DE", "FR", "IN", "CN", "JP", "AU", "CA", "BR"}
-var sampleRuleIDs = []string{"rule-1", "rule-2", "rule-3", "rule-4", "rule-5"}
-var sampleAccountIDs = []string{"123456789012", "987654321098", "111122223333", "444455556666", "777788889999"}
-var samplePrincipalIDs = []string{"AID1234567890", "AID0987654321", "AID1111222233", "AID7777888899"}
+var randomFragments = []string{"", "#browser", "#app"}
+var randomPhrases = []string{"some random phrase", "another random phrase", "yet another random phrase", "log on something"}
 var regions = []string{"us-east-1", "us-west-1", "us-west-2", "eu-west-1", "eu-central-1"}
 var s3EventNames = []string{"PutObject", "GetObject", "DeleteObject", "ListObjects"}
-var randomPhrases = []string{"some random phrase", "another random phrase", "yet another random phrase", "log on something"}
-var randomFragments = []string{"", "#browser", "#app"}
+var sampleAccountIDs = []string{"123456789012", "987654321098", "111122223333", "444455556666", "777788889999"}
+var samplePrincipalIDs = []string{"AID1234567890", "AID0987654321", "AID1111222233", "AID7777888899"}
+var sampleRuleIDs = []string{"rule-1", "rule-2", "rule-3", "rule-4", "rule-5"}
+var sslCiphers = []string{"ECDHE-RSA-AES128-GCM-SHA256", "ECDHE-RSA-AES256-GCM-SHA384", "AES128-GCM-SHA256"}
+var sslProtocols = []string{"TLSv1.2", "TLSv1.3"}
+var statuses = []string{"200", "400", "500"}
+var uriPaths = []string{"/", "/home", "/api/resource", "/login"}
+var userAgents = []string{"Mozilla/5.0, AppleWebKit/537.36, Chrome/58.0.3029.110, Safari/537.3", "curl/7.46.0"}
 var uuids = []string{"550e8400-e29b-41d4-a716-446655440000", "123e4567-e89b-12d3-a456-426614174000", "9b2c3d4e-5f6a-7b8c-9d0e-1f2a3b4c5d6e"}
+var vpcActions = []string{"ACCEPT", "REJECT"}
 var wafActions = []string{"ALLOW", "BLOCK", "COUNT"}
 var wafRuleTypes = []string{"REGULAR", "RATE_BASED", "GROUP"}
 var wafSampleHTTPSourceNames = []string{"ALB", "CloudFront", "API Gateway"}
+
 // ipPrefix contains example public IP address prefixes, representing geo-distributed or commonly used public IP ranges.
 var ipPrefix = []int{1, 8, 31, 41, 91, 123, 179, 201, 210, 250}
 
+func randomDomain() string {
+	return sampleDomains[rand.Intn(len(sampleDomains))]
+}
+
 func iso8601Now() string {
 	return time.Now().UTC().Format("2006-01-02T15:04:05.000000Z")
 }
@@ -45,15 +54,35 @@ func unixSeconds(delay int) int64 {
 	return time.Now().Unix() + int64(delay)
 }
 
+// randomProcessingTime returns a random float as string between 0.500 and 1.499
+func randomProcessingTime() float32 {
+	return (0.5 + rand.Float32()*1000) / 1000
+}
+
+func randomStatus() string {
+	return statuses[rand.Intn(len(statuses))]
+}
+
+func randomBytesSize() int {
+	return rand.Intn(5000-200) + 200
+}
+
 func randomSchema() string {
-	return schema[rand.Intn(len(schema))]
+	return httpSchema[rand.Intn(len(httpSchema))]
+}
+
+func sslProtocol() string {
+	return sslProtocols[rand.Intn(len(sslProtocols))]
+}
+
+func randomSSLCipher() string {
+	return sslCiphers[rand.Intn(len(sslCiphers))]
 }
 
 func randomVPCAction() string {
 	return vpcActions[rand.Intn(len(vpcActions))]
 }
 
-// randomIP from 172.16.101.0/24
 func randomIP() string {
 	return fmt.Sprintf("%d.%d.%d.%d",
 		ipPrefix[rand.Intn(len(ipPrefix))],
@@ -63,9 +92,9 @@ func randomIP() string {
 	)
 }
 
-// randomPort in range 58080 to 62000
+// randomPort in range 58080 to 59090
 func randomPort() int {
-	return rand.Intn(62000-58080) + 58080
+	return rand.Intn(59090-58080) + 58080
 }
 
 func ctUserIdentity() UserIdentity {