diff --git a/testing/btest/Baseline/bifs.disable_analyzer-for-conn-2/output b/testing/btest/Baseline/bifs.disable_analyzer-for-conn-2/output
new file mode 100644
index 0000000000..49d861c74c
--- /dev/null
+++ b/testing/btest/Baseline/bifs.disable_analyzer-for-conn-2/output
@@ -0,0 +1 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
diff --git a/testing/btest/Baseline/bifs.disable_analyzer-for-conn-3/output b/testing/btest/Baseline/bifs.disable_analyzer-for-conn-3/output
new file mode 100644
index 0000000000..49d861c74c
--- /dev/null
+++ b/testing/btest/Baseline/bifs.disable_analyzer-for-conn-3/output
@@ -0,0 +1 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
diff --git a/testing/btest/Baseline/bifs.disable_analyzer-for-conn/output b/testing/btest/Baseline/bifs.disable_analyzer-for-conn/output
new file mode 100644
index 0000000000..bb88a2d5b0
--- /dev/null
+++ b/testing/btest/Baseline/bifs.disable_analyzer-for-conn/output
@@ -0,0 +1,3 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+Analyzer::ANALYZER_HTTP
+Analyzer::ANALYZER_HTTP
diff --git a/testing/btest/bifs/disable_analyzer-for-conn.zeek b/testing/btest/bifs/disable_analyzer-for-conn.zeek
new file mode 100644
index 0000000000..18143e9030
--- /dev/null
+++ b/testing/btest/bifs/disable_analyzer-for-conn.zeek
@@ -0,0 +1,51 @@
+# Verifies analyzer ID retrieval from a connection.
+#
+# @TEST-EXEC: zeek -b -r ${TRACES}/ssh/ssh-on-port-80.trace %INPUT >output
+# @TEST-EXEC: btest-diff output
+
+# This first test should trigger two analyzer violations since the given pcap
+# has non-HTTP content on port 80, which triggers one violation each for the
+# missing request and response lines.
+
+@load base/protocols/http
+
+event analyzer_violation_info(atype: AllAnalyzers::Tag, info: AnalyzerViolationInfo)
+	{
+	print atype;
+	}
+
+# @TEST-START-NEXT
+
+# This one should not trigger violations since we suppress HTTP analysis when
+# the TCP connection establishes.
+
+@load base/protocols/http
+
+event analyzer_violation_info(atype: AllAnalyzers::Tag, info: AnalyzerViolationInfo)
+	{
+	print atype;
+	}
+
+event connection_established(c: connection)
+	{
+	local aid = lookup_connection_analyzer_id(c$id, Analyzer::ANALYZER_HTTP);
+	if ( aid > 0 )
+		disable_analyzer(c$id, aid, T, T);
+	}
+
+# @TEST-START-NEXT
+
+# This one validates the return values of analyzer ID lookup calls for valid &
+# invalid connection IDs and analyzers.
+
+@load base/protocols/http
+
+event connection_established(c: connection)
+	{
+	assert lookup_connection_analyzer_id(c$id, Analyzer::ANALYZER_HTTP) != 0;
+
+	local wrong_cid = copy(c$id);
+	wrong_cid$orig_h = 1.2.3.4;
+
+	assert lookup_connection_analyzer_id(wrong_cid, Analyzer::ANALYZER_HTTP) == 0;
+	}