diff --git a/testing/btest/Baseline/core.unknown-protocol-log/unknown_protocols.log b/testing/btest/Baseline/core.unknown-protocol-log/unknown_protocols.log
new file mode 100644
index 0000000000..fd78878bea
--- /dev/null
+++ b/testing/btest/Baseline/core.unknown-protocol-log/unknown_protocols.log
@@ -0,0 +1,11 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	unknown_protocols
+#open XXXX-XX-XX-XX-XX-XX
+#fields	ts	analyzer	protocol_id	protocol_id_num	first_bytes	analyzer_history
+#types	time	string	string	count	string	vector[string]
+XXXXXXXXXX.XXXXXX	ETHERNET	0x88cc	35020	02070400222d81db1004	ETHERNET
+#close XXXX-XX-XX-XX-XX-XX
diff --git a/testing/btest/core/unknown-protocol-log.zeek b/testing/btest/core/unknown-protocol-log.zeek
new file mode 100644
index 0000000000..c059e1314c
--- /dev/null
+++ b/testing/btest/core/unknown-protocol-log.zeek
@@ -0,0 +1,6 @@
+# @TEST-EXEC: zeek -b -r $TRACES/lldp.pcap %INPUT
+# @TEST-EXEC: btest-diff unknown_protocols.log
+
+@load misc/unknown-protocols
+
+redef record UnknownProtocol::Info$protocol_id_num += { &log };