Assuming the Monkey agent is already sending the relevant telemetry, you’ll need to add the test in two places.
zero_trust_consts.py
In the file /monkey/common/data/zero_trust_consts.py
,
STATUS_UNEXECUTED
) have finding explanations.telemetry/processing.py
Find the relevant telemetry type you wish to test the finding in. This can be found in /monkey/monkey_island/cc/services/telemetry/processing.py
. In the relevant process_*_telemetry
function, add your Zero Trust testing code. Please put the zero trust tests under the /monkey/monkey_island/cc/services/telemetry/zero_trust_tests
directory. There you can find examples of existing tests as well, so you’ll know pretty much what you need to write.
Test ALL possible finding statuses you’ve defined in a fake network. Observe the events as well and see they were formatted correctly. If there’s an algorithmic part to your Zero Trust test, please cover it using a Unit Test.