Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-11 02:58:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

spicy-redis: Begin Spicy Redis analyzer

Browse source
This commit is contained in:
Evan Typanski 2024-09-19 13:55:55 -04:00
parent 897b1546a2
commit 4210e62e57
15 changed files with 383 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
testing/btest/scripts/base/protocols/redis/availability.zeek Normal file
View file

@ -0,0 +1,3 @@
# @TEST-DOC: Check that the RESP analyzer is available.
#
# @TEST-EXEC: zeek -NN | grep -Eqi 'ANALYZER_SPICY_RESP'

11
testing/btest/scripts/base/protocols/redis/standalone.spicy Normal file
View file

@ -0,0 +1,11 @@
# @TEST-DOC: Test parsing behavior of RESP.
#
# @TEST-EXEC: spicyc ${DIST}/analyzer/resp.spicy -j -d -o resp.hlto
#
# TODO: A lot of tests are possible from the docs and having them would be nice.
# But, a lot of characters ($, -, etc.) cause problems with TEST_EXEC. ugh.
# @TEST-EXEC: printf "+OK\x0d\x0a" | spicy-dump -p RESP::Data resp.hlto >>output 2>&1
# @TEST-EXEC: printf ":1000\x0d\x0a" | spicy-dump -p RESP::Data resp.hlto >>output 2>&1
# @TEST-EXEC: printf ":-1000\x0d\x0a" | spicy-dump -p RESP::Data resp.hlto >>output 2>&1
# @TEST-EXEC: printf ":+1000\x0d\x0a" | spicy-dump -p RESP::Data resp.hlto >>output 2>&1
# @TEST-EXEC: TEST_DIFF_CANONIFIER= btest-diff output

10
testing/btest/scripts/base/protocols/redis/trace.zeek Normal file
View file

@ -0,0 +1,10 @@
# @TEST-DOC: Test Zeek parsing a trace file through the RESP analyzer.
#
# @TEST-EXEC: zeek -Cr $TRACES/redis/loop-redis.trace base/protocols/redis %INPUT >output
# @TEST-EXEC: btest-diff output
# @TEST-EXEC: btest-diff resp.log
event RESP::data(c: connection, payload: RESP::RESPData)
{
print fmt("Testing RESP: %s", payload);
}