diff --git a/testing/btest/Baseline/scripts.base.frameworks.input.sqlite.error/cmpfile b/testing/btest/Baseline/scripts.base.frameworks.input.sqlite.error/cmpfile new file mode 100644 index 0000000000..adea6b6a0d --- /dev/null +++ b/testing/btest/Baseline/scripts.base.frameworks.input.sqlite.error/cmpfile @@ -0,0 +1,6 @@ +>>> +error: ../ssh/Input::READER_SQLITE: Init failed +error: ../ssh/Input::READER_SQLITE: Required field vh not found after SQLite statement +error: ../ssh/Input::READER_SQLITE: SQLite call failed: no such column: g +error: ../ssh/Input::READER_SQLITE: terminating thread +received termination signal diff --git a/testing/btest/Baseline/scripts.base.frameworks.logging.sqlite.error/.stderr b/testing/btest/Baseline/scripts.base.frameworks.logging.sqlite.error/.stderr new file mode 100644 index 0000000000..96565881d3 --- /dev/null +++ b/testing/btest/Baseline/scripts.base.frameworks.logging.sqlite.error/.stderr @@ -0,0 +1,3 @@ +ssh/Log::WRITER_SQLITE: dbname configuration option not found. Defaulting to path ssh +error: ssh/Log::WRITER_SQLITE: SQLite call failed: table ssh has no column named f +error: ssh/Log::WRITER_SQLITE: terminating thread diff --git a/testing/btest/scripts/base/frameworks/input/sqlite/basic.bro b/testing/btest/scripts/base/frameworks/input/sqlite/basic.bro index a484a035de..c416e15fce 100644 --- a/testing/btest/scripts/base/frameworks/input/sqlite/basic.bro +++ b/testing/btest/scripts/base/frameworks/input/sqlite/basic.bro @@ -1,3 +1,7 @@ +# +# @TEST-REQUIRES: has-reader SQLite +# @TEST-GROUP: sqlite +# # @TEST-EXEC: cat conn.sql | sqlite3 conn.sqlite # @TEST-EXEC: btest-bg-run bro bro -b %INPUT # @TEST-EXEC: btest-bg-wait -k 5 diff --git a/testing/btest/scripts/base/frameworks/input/sqlite/error.bro b/testing/btest/scripts/base/frameworks/input/sqlite/error.bro new file mode 100644 index 0000000000..b7159aaca8 --- /dev/null +++ b/testing/btest/scripts/base/frameworks/input/sqlite/error.bro @@ -0,0 +1,98 @@ +# @TEST-EXEC: cat ssh.sql | sqlite3 ssh.sqlite +# +# @TEST-GROUP: sqlite +# +# @TEST-EXEC: btest-bg-run bro bro -b %INPUT +# @TEST-EXEC: btest-bg-wait -k 5 +# @TEST-EXEC: sed '1d' .stderr | sort > cmpfile +# @TEST-EXEC: btest-diff cmpfile + +@TEST-START-FILE ssh.sql +PRAGMA foreign_keys=OFF; +BEGIN TRANSACTION; +CREATE TABLE ssh ( +'b' boolean, +'i' integer, +'e' text, +'c' integer, +'p' integer, +'sn' text, +'a' text, +'d' double precision, +'t' double precision, +'iv' double precision, +'s' text, +'sc' text, +'ss' text, +'se' text, +'vc' text, +'vs' text, +'vn' text +); +INSERT INTO "ssh" VALUES(1,-42,'SSH::LOG',21,123,'10.0.0.0/24','1.2.3.4',3.14,1.35837684939385390286e+09,100.0,'hurz','2,4,1,3','CC,AA,BB','(empty)','10,20,30','', null); +COMMIT; +@TEST-END-FILE + +redef exit_only_after_terminate = T; + +module SSH; + +export { + redef enum Log::ID += { LOG }; + + type Log: record { + b: bool; + i: int; + e: Log::ID; + c: count; + p: port; + sn: subnet; + a: addr; + d: double; + t: time; + iv: interval; + s: string; + sc: set[count]; + ss: set[string]; + se: set[string]; + vc: vector of count; + vs: vector of string; + vh: vector of string &optional; + } &log; +} + + +global outfile: file; + +event line(description: Input::EventDescription, tpe: Input::Event, p: SSH::Log) + { + print outfile, p; + + print outfile, |p$se|; + print outfile, |p$vs|; + } + +event term_me() + { + terminate(); + } + +event bro_init() + { + local config_strings: table[string] of string = { + ["query"] = "select * from ssh;", + ["dbname"] = "ssh" + }; + + local config_strings2: table[string] of string = { + ["query"] = "select b, g, h from ssh;", + ["dbname"] = "ssh" + }; + + outfile = open("../out"); + Input::add_event([$source="../ssh", $name="ssh", $fields=SSH::Log, $ev=line, $reader=Input::READER_SQLITE, $want_record=T, $config=config_strings]); + Input::add_event([$source="../ssh", $name="ssh2", $fields=SSH::Log, $ev=line, $reader=Input::READER_SQLITE, $want_record=T, $config=config_strings2]); + + schedule +1secs { term_me() }; + + } diff --git a/testing/btest/scripts/base/frameworks/input/sqlite/port.bro b/testing/btest/scripts/base/frameworks/input/sqlite/port.bro index 39401a8290..2bc931304b 100644 --- a/testing/btest/scripts/base/frameworks/input/sqlite/port.bro +++ b/testing/btest/scripts/base/frameworks/input/sqlite/port.bro @@ -1,3 +1,6 @@ +# +# @TEST-GROUP: sqlite +# # @TEST-EXEC: cat port.sql | sqlite3 port.sqlite # @TEST-EXEC: btest-bg-run bro bro -b %INPUT # @TEST-EXEC: btest-bg-wait -k 5 diff --git a/testing/btest/scripts/base/frameworks/input/sqlite/types.bro b/testing/btest/scripts/base/frameworks/input/sqlite/types.bro index a325100964..e9d3534e21 100644 --- a/testing/btest/scripts/base/frameworks/input/sqlite/types.bro +++ b/testing/btest/scripts/base/frameworks/input/sqlite/types.bro @@ -1,4 +1,7 @@ # @TEST-EXEC: cat ssh.sql | sqlite3 ssh.sqlite +# +# @TEST-GROUP: sqlite +# # @TEST-EXEC: btest-bg-run bro bro -b %INPUT # @TEST-EXEC: btest-bg-wait -k 5 # @TEST-EXEC: btest-diff out diff --git a/testing/btest/scripts/base/frameworks/logging/sqlite/error.bro b/testing/btest/scripts/base/frameworks/logging/sqlite/error.bro new file mode 100644 index 0000000000..27193250a4 --- /dev/null +++ b/testing/btest/scripts/base/frameworks/logging/sqlite/error.bro @@ -0,0 +1,106 @@ +# +# @TEST-REQUIRES: has-writer SQLite +# @TEST-GROUP: sqlite +# +# @TEST-EXEC: cat ssh.sql | sqlite3 ssh.sqlite +# @TEST-EXEC: bro -b %INPUT +# @TEST-EXEC: btest-diff .stderr +# +# Testing all possible types. +# + +@TEST-START-FILE ssh.sql +PRAGMA foreign_keys=OFF; +BEGIN TRANSACTION; +CREATE TABLE ssh ( +'b' boolean, +'i' integer, +'e' text, +'c' integer, +'p' integer, +'sn' text, +'a' text, +'d' double precision, +'t' double precision, +'iv' double precision, +'s' text, +'sc' text, +'ss' text, +'se' text, +'vc' text, +'ve' text +); +INSERT INTO "ssh" VALUES(1,-42,'SSH::LOG',21,123,'10.0.0.0/24','1.2.3.4',3.14,1.36859359634203600879e+09,100.0,'hurz','2,4,1,3','CC,AA,BB','(empty)','10,20,30','(empty)'); +COMMIT; +@TEST-END-FILE + + + +redef LogSQLite::unset_field = "(unset)"; + +module SSH; + +export { + redef enum Log::ID += { LOG }; + + type Log: record { + b: bool; + i: int; + e: Log::ID; + c: count; + p: port; + sn: subnet; + a: addr; + d: double; + t: time; + iv: interval; + s: string; + sc: set[count]; + ss: set[string]; + se: set[string]; + vc: vector of count; + ve: vector of string; + f: function(i: count) : string; + } &log; +} + +function foo(i : count) : string + { + if ( i > 0 ) + return "Foo"; + else + return "Bar"; + } + +event bro_init() +{ + Log::create_stream(SSH::LOG, [$columns=Log]); + Log::remove_filter(SSH::LOG, "default"); + + local filter: Log::Filter = [$name="sqlite", $path="ssh", $writer=Log::WRITER_SQLITE]; + Log::add_filter(SSH::LOG, filter); + + local empty_set: set[string]; + local empty_vector: vector of string; + + Log::write(SSH::LOG, [ + $b=T, + $i=-42, + $e=SSH::LOG, + $c=21, + $p=123/tcp, + $sn=10.0.0.1/24, + $a=1.2.3.4, + $d=3.14, + $t=network_time(), + $iv=100secs, + $s="hurz", + $sc=set(1,2,3,4), + $ss=set("AA", "BB", "CC"), + $se=empty_set, + $vc=vector(10, 20, 30), + $ve=empty_vector, + $f=foo + ]); +} + diff --git a/testing/btest/scripts/base/frameworks/logging/sqlite/types.bro b/testing/btest/scripts/base/frameworks/logging/sqlite/types.bro index d27717aaaf..a6a1c04b02 100644 --- a/testing/btest/scripts/base/frameworks/logging/sqlite/types.bro +++ b/testing/btest/scripts/base/frameworks/logging/sqlite/types.bro @@ -1,5 +1,5 @@ # -# @TEST-REQUIRES: has-writer SQLite && which sqlite3 +# @TEST-REQUIRES: has-writer SQLite # @TEST-GROUP: sqlite # # @TEST-EXEC: bro -b %INPUT diff --git a/testing/btest/scripts/base/frameworks/logging/sqlite/wikipedia.bro b/testing/btest/scripts/base/frameworks/logging/sqlite/wikipedia.bro index 90ea7b226a..3a7e5ab787 100644 --- a/testing/btest/scripts/base/frameworks/logging/sqlite/wikipedia.bro +++ b/testing/btest/scripts/base/frameworks/logging/sqlite/wikipedia.bro @@ -1,5 +1,5 @@ # -# @TEST-REQUIRES: has-writer SQLite && which sqlite3 +# @TEST-REQUIRES: has-writer SQLite # @TEST-GROUP: sqlite # # @TEST-EXEC: bro -r $TRACES/wikipedia.trace Log::default_writer=Log::WRITER_SQLITE