Fixed unit tests in Linux, added rules configuration.

config/linux/rules.yml

@@ -0,0 +1,5 @@
+rules:
+  - id: 1
+    path: /etc
+    rule: '\.sh$'
+    message: "Shell script present in /etc folder."

config/macos/rules.yml

@@ -0,0 +1,5 @@
+rules:
+  - id: 1
+    path: /etc
+    rule: '\.sh$'
+    message: "Shell script present in /etc folder."

config/windows/rules.yml

@@ -1,6 +1,5 @@
-monitor:
-  - path: C:\tmp\
-    id: 7
-    rule: '\.php$'
-    message: "This is a test"
-    labels: ["windows", "test"]
+rules:
+  - id: 1
+    path: C:\
+    rule: '\.ps1$'
+    message: "Powershell script present in root directory."

src/auditevent.rs

@@ -504,7 +504,6 @@ impl fmt::Debug for Event {
 mod tests {
     use super::*;
     use crate::auditevent::Event;
-    use crate::appconfig::*;
     use tokio_test::block_on;
     use std::fs;
 

src/integration.rs

@@ -144,8 +144,8 @@ mod tests {
     // ------------------------------------------------------------------------
 
     #[cfg(any(target_os = "linux", target_os = "darwin"))]
-    pub fn create_dummy_event_unix(path: &str, operation: &str) -> Event {
-        Event{
+    pub fn create_dummy_event_unix(path: &str, operation: &str) -> MonitorEvent {
+        MonitorEvent{
             id: "Test_id".to_string(),
             timestamp: "Timestamp".to_string(),
             hostname: "Hostname".to_string(),

src/main.rs

@@ -46,8 +46,9 @@ async fn main() {
     let (cfg, ruleset) = init();
 
     let (tx, rx) = mpsc::channel();
+    let rotator_cfg = cfg.clone();
     match thread::Builder::new()
-        .name("FIM_Rotator".to_string()).spawn(|| rotator::rotator(cfg)){
+        .name("FIM_Rotator".to_string()).spawn(|| rotator::rotator(rotator_cfg)){
         Ok(_v) => info!("FIM rotator thread started."),
         Err(e) => error!("Could not start FIM rotator thread, error: {}", e)
     };