Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-14 20:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

btest/frameworks/intel: Use generic cluster-layout.zeek

Browse source
This commit is contained in:
Arne Welzel 2025-05-18 16:31:46 +02:00
parent 4dec63936e
commit 00a12a4cc5
12 changed files with 50 additions and 74 deletions
Download patch file Download diff file Expand all files Collapse all files

32
testing/btest/scripts/base/frameworks/intel/read-file-dist-cluster.zeek
View file

@ -1,24 +1,18 @@
# @TEST-PORT: BROKER_PORT1
# @TEST-PORT: BROKER_PORT2
# @TEST-PORT: BROKER_PORT3
# @TEST-PORT: BROKER_MANAGER_PORT
# @TEST-PORT: BROKER_WORKER1_PORT
# @TEST-PORT: BROKER_WORKER2_PORT
#
# @TEST-EXEC: btest-bg-run manager-1 ZEEKPATH=$ZEEKPATH:.. CLUSTER_NODE=manager-1 zeek -b %INPUT
# @TEST-EXEC: btest-bg-run worker-1 ZEEKPATH=$ZEEKPATH:.. CLUSTER_NODE=worker-1 zeek -b %INPUT
# @TEST-EXEC: btest-bg-run worker-2 ZEEKPATH=$ZEEKPATH:.. CLUSTER_NODE=worker-2 zeek -b %INPUT
# @TEST-EXEC: cp $FILES/broker/cluster-layout.zeek .
#
# @TEST-EXEC: btest-bg-run manager ZEEKPATH=$ZEEKPATH:.. CLUSTER_NODE=manager zeek -b %INPUT
# @TEST-EXEC: btest-bg-run worker-1 ZEEKPATH=$ZEEKPATH:.. CLUSTER_NODE=worker-1 zeek -b %INPUT
# @TEST-EXEC: btest-bg-run worker-2 ZEEKPATH=$ZEEKPATH:.. CLUSTER_NODE=worker-2 zeek -b %INPUT
# @TEST-EXEC: btest-bg-wait 40
# @TEST-EXEC: btest-diff manager-1/.stdout
# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-timestamps-and-sort btest-diff manager-1/intel.log
# @TEST-EXEC: btest-diff manager/.stdout
# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-timestamps-and-sort btest-diff manager/intel.log
# @TEST-EXEC: btest-diff worker-1/.stdout
# @TEST-EXEC: btest-diff worker-2/.stdout
# @TEST-START-FILE cluster-layout.zeek
redef Cluster::nodes = {
["manager-1"] = [$node_type=Cluster::MANAGER, $ip=127.0.0.1, $p=to_port(getenv("BROKER_PORT1"))],
["worker-1"] = [$node_type=Cluster::WORKER, $ip=127.0.0.1, $p=to_port(getenv("BROKER_PORT2")), $manager="manager-1"],
["worker-2"] = [$node_type=Cluster::WORKER, $ip=127.0.0.1, $p=to_port(getenv("BROKER_PORT3")), $manager="manager-1"],
};
# @TEST-END-FILE
# @TEST-START-FILE intel.dat
#fields indicator indicator_type meta.source meta.desc meta.url
1.2.3.4 Intel::ADDR source1 this host is just plain baaad http://some-data-distributor.com/1234
@ -43,7 +37,7 @@ redef enum Intel::Where += {
event do_it()
{
if ( Cluster::node == "manager-1" )
if ( Cluster::node == "manager" )
{
Broker::publish(Cluster::node_topic("worker-2"), do_it);
return;
@ -53,7 +47,7 @@ event do_it()
Intel::seen([$indicator="e@mail.com", $indicator_type=Intel::EMAIL, $where=Intel::IN_A_TEST]);
if ( Cluster::node == "worker-1" )
Broker::publish(Cluster::node_topic("manager-1"), do_it);
Broker::publish(Cluster::node_topic("manager"), do_it);
}
event start_it()
@ -63,7 +57,7 @@ event start_it()
event Cluster::Experimental::cluster_started()
{
if ( Cluster::node == "manager-1" )
if ( Cluster::node == "manager" )
# Give more time for intel distribution.
schedule 1sec { start_it() };
}