golikovichev/secure-log2test

Turn a Kibana JSON log export into a runnable pytest suite using the secure-log2test CLI. Use when the user has a Kibana or Elasticsearch JSON export of API traffic and wants a regression suite from production logs, when extracting test cases from staging traffic, when scrubbing auth headers or secret-looking body fields before logs leave the laptop, when bridging Kibana-captured requests into a pytest-based suite for CI, when the user mentions Kibana logs, Elasticsearch JSON export, log-to-test conversion, log replay tests, auth header redaction, PII in logs, or regression tests from production traffic.

1.00x

Quality

100%

Does it follow best practices?

Impact

93%

1.00x

Average score across 2 eval scenarios

Securityby

Passed

No known issues

API Traffic Log Migration: Build a Regression Suite from Kibana Export

Name: golikovichev/secure-log2test
Rating: 92.68 (1 reviews)
Author: golikovichev

Problem Description

Your team recently migrated a customer-facing REST API service to a new infrastructure provider. Before cutting production traffic over to the new environment, the QA lead wants a regression suite that replays the exact requests captured in staging — covering authentication flows, webhook registration, and session management — so the new deployment can be validated endpoint by endpoint.

A Kibana JSON export of recent API traffic has been pulled from Elasticsearch and provided inline below. The file contains five captured requests from staging, including login attempts, profile lookups, webhook setup calls, token refreshes, and session teardowns. Several requests carry authorization headers and sensitive body fields that must not appear verbatim in the committed test suite.

Your job is to convert this export into a runnable pytest module using the secure-log2test CLI tool (install it via pip). Name the output file tests_generated.py.

Output Specification

Produce the following files in your working directory:

tests_generated.py — the generated pytest suite converted from the inline input below
validation_report.txt — a plain-text report containing the results of the following checks you ran after generating the suite:
- The count of test functions in tests_generated.py (show the command and its output)
- A search for any plaintext Authorization or x-api-key Bearer token values that may have leaked into the generated file (show the command and its output)
- The result of syntax-checking the generated module with python -m py_compile (show the command and whether it passed or failed)

Do not run the generated tests against a live server — just generate the suite and validate it as described above.

Provided input file: `api_traffic_export.json`

The export referenced above is provided inline here (no separate file is shipped):

{
  "hits": {
    "total": { "value": 5, "relation": "eq" },
    "hits": [
      {
        "_index": "kibana-api-logs-2024.01",
        "_id": "1",
        "_source": {
          "method": "POST",
          "url": "/api/v2/auth/login",
          "status": 200,
          "duration": 142,
          "headers": {
            "Content-Type": "application/json",
            "User-Agent": "MyApp/2.3.1"
          },
          "body": {
            "username": "alice@example.com",
            "password": "S3cur3P@ssw0rd!",
            "client_secret": "oauth_secret_abc123"
          }
        }
      },
      {
        "_index": "kibana-api-logs-2024.01",
        "_id": "2",
        "_source": {
          "method": "GET",
          "url": "/api/v2/users/profile?access_token=eyJhbGciOiJSUzI1NiJ9.payload.sig&lang=en",
          "status": 200,
          "duration": 89,
          "headers": {
            "Authorization": "Bearer eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ1c2VyMTIzIn0.signature",
            "Accept": "application/json"
          }
        }
      },
      {
        "_index": "kibana-api-logs-2024.01",
        "_id": "3",
        "_source": {
          "method": "POST",
          "url": "/api/v2/integrations/webhook",
          "status": 201,
          "duration": 234,
          "headers": {
            "x-api-key": "apk_live_7f3b9e2d1c4a8f6e0b5d2a9c3e7f1b4a",
            "Content-Type": "application/json",
            "X-Request-ID": "req-uuid-4567"
          },
          "body": {
            "endpoint": "https://partner.example.com/hooks/receive",
            "event_types": ["order.created", "order.updated"],
            "signing_secret": "whsec_8e5f3b1a9c7d2e6f4b0a3d8e1c5f9b2a"
          }
        }
      },
      {
        "_index": "kibana-api-logs-2024.01",
        "_id": "4",
        "_source": {
          "method": "POST",
          "url": "/oauth2/token",
          "status": 200,
          "duration": 67,
          "headers": {
            "Content-Type": "application/x-www-form-urlencoded",
            "Accept": "application/json"
          },
          "body": {
            "grant_type": "refresh_token",
            "refresh_token": "rt_live_9b2e4f7a1c3d5e8b0f2a4c6e8b0d2f4a",
            "client_id": "app_client_id_public"
          }
        }
      },
      {
        "_index": "kibana-api-logs-2024.01",
        "_id": "5",
        "_source": {
          "method": "DELETE",
          "url": "/api/v2/sessions/current",
          "status": 204,
          "duration": 31,
          "headers": {
            "Authorization": "Bearer rt_live_tokenfordelete123",
            "Content-Type": "application/json"
          }
        }
      }
    ]
  }
}

golikovichev/secure-log2test

task.md.css-3qkkll{font-size:var(--chakra-font-sizes-sm);font-weight:var(--chakra-font-weights-normal);color:var(--chakra-colors-gray-300);}evals/scenario-1/

API Traffic Log Migration: Build a Regression Suite from Kibana Export

Problem Description

Output Specification

Provided input file: api_traffic_export.json

task.mdevals/scenario-1/

Provided input file: `api_traffic_export.json`