Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Add btest for unknown_protocols.log

Browse source
This commit is contained in:
Jan Grashoefer 2024-12-10 14:54:19 +01:00
parent 9228f0ff9f
commit 1805afe5d9
2 changed files with 17 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

11
testing/btest/Baseline/core.unknown-protocol-log/unknown_protocols.log Normal file
View file

@ -0,0 +1,11 @@
### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
#separator \x09
#set_separator ,
#empty_field (empty)
#unset_field -
#path unknown_protocols
#open XXXX-XX-XX-XX-XX-XX
#fields ts analyzer protocol_id protocol_id_num first_bytes analyzer_history
#types time string string count string vector[string]
XXXXXXXXXX.XXXXXX ETHERNET 0x88cc 35020 02070400222d81db1004 ETHERNET
#close XXXX-XX-XX-XX-XX-XX

6
testing/btest/core/unknown-protocol-log.zeek Normal file
View file

@ -0,0 +1,6 @@
# @TEST-EXEC: zeek -b -r $TRACES/lldp.pcap %INPUT
# @TEST-EXEC: btest-diff unknown_protocols.log
@load misc/unknown-protocols
redef record UnknownProtocol::Info$protocol_id_num += { &log };