Basic cross-referencing UIDs between files, btests, and baselines.

Also includes appropriate btest-rst-cmd directives with titles.
2025-10-09 18:18:19 +00:00 · 2013-05-07 13:33:38 -04:00 · 2013-05-07 13:33:38 -04:00 · 4aa51e7608
commit 4aa51e7608
parent 5734d7fe25
5 changed files with 61 additions and 5 deletions
--- a/testing/btest/Baseline/doc.manual.using_bro_sandbox_02/conn.log
+++ b/testing/btest/Baseline/doc.manual.using_bro_sandbox_02/conn.log
@ -0,0 +1,15 @@
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	conn
+#open	2013-05-07-14-38-27
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	proto	service	duration	orig_bytes	resp_bytes	conn_state	local_orig	missed_bytes	history	orig_pkts	orig_ip_bytes	resp_pkts	resp_ip_bytes	tunnel_parents
+#types	time	string	addr	port	addr	port	enum	string	interval	count	count	string	bool	count	string	count	count	count	count	table[string]
+1320329757.771503	j4u32Pc5bif	10.0.2.15	49286	192.150.187.43	80	tcp	http	15.161537	2899	1127	S2	-	0	ShADadF	20	3719	19	1891	(empty)
+1320329757.771262	nQcgTWjvg4c	10.0.2.15	49285	192.150.187.43	80	tcp	http	15.161772	889	377	S2	-	0	ShADadF	8	1229	8	701	(empty)
+1320329757.761327	arKYeMETxOg	10.0.2.15	49283	192.150.187.43	80	tcp	http	15.168898	459	189	S2	-	0	ShADadF	5	679	4	353	(empty)
+1320329757.458867	UWkUyAuUGXf	10.0.2.15	49282	192.150.187.43	80	tcp	http	15.471378	1824	751	S2	-	0	ShADadF	12	2324	13	1275	(empty)
+1320329757.761638	k6kgXLOoSKl	10.0.2.15	49284	192.150.187.43	80	tcp	http	15.168613	898	376	S2	-	0	ShADadF	8	1238	8	700	(empty)
+1320329757.771755	TEfuqmmG4bh	10.0.2.15	49287	192.150.187.43	80	tcp	http	15.161267	900	376	S2	-	0	ShADadF	8	1240	8	700	(empty)
+#close	2013-05-07-14-38-27
--- a/testing/btest/Baseline/doc.manual.using_bro_sandbox_02/http.log
+++ b/testing/btest/Baseline/doc.manual.using_bro_sandbox_02/http.log
@ -0,0 +1,26 @@
+#separator \x09
+#set_separator	,
+#empty_field	(empty)
+#unset_field	-
+#path	http
+#open	2013-05-07-14-38-27
+#fields	ts	uid	id.orig_h	id.orig_p	id.resp_h	id.resp_p	trans_depth	method	host	uri	referrer	user_agent	request_body_len	response_body_len	status_code	status_msg	info_code	info_msg	filename	tags	username	password	proxied	mime_type	md5	extraction_file
+#types	time	string	addr	port	addr	port	count	string	string	string	string	string	count	count	count	string	count	string	string	table[enum]	string	string	table[string]	string	string	file
+1320329757.460004	UWkUyAuUGXf	10.0.2.15	49282	192.150.187.43	80	1	GET	bro-ids.org	/	-	Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.106 Safari/535.2	0	0	304	Not Modified	-	-	-	(empty)	-	-	-	-	-	-
+1320329757.772457	UWkUyAuUGXf	10.0.2.15	49282	192.150.187.43	80	2	GET	bro-ids.org	/css/pygments.css	http://bro-ids.org/	Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.106 Safari/535.2	0	0	304	Not Modified	-	-	-	(empty)	-	-	-	-	-	-
+1320329757.874406	UWkUyAuUGXf	10.0.2.15	49282	192.150.187.43	80	3	GET	bro-ids.org	/js/jquery.zrssfeed.js	http://bro-ids.org/	Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.106 Safari/535.2	0	0	304	Not Modified	-	-	-	(empty)	-	-	-	-	-	-
+1320329757.775110	k6kgXLOoSKl	10.0.2.15	49284	192.150.187.43	80	1	GET	bro-ids.org	/css/960.css	http://bro-ids.org/	Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.106 Safari/535.2	0	0	304	Not Modified	-	-	-	(empty)	-	-	-	-	-	-
+1320329757.776072	TEfuqmmG4bh	10.0.2.15	49287	192.150.187.43	80	1	GET	bro-ids.org	/js/jquery.cycle.all.min.js	http://bro-ids.org/	Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.106 Safari/535.2	0	0	304	Not Modified	-	-	-	(empty)	-	-	-	-	-	-
+1320329757.776421	nQcgTWjvg4c	10.0.2.15	49285	192.150.187.43	80	1	GET	bro-ids.org	/js/jquery.tweet.js	http://bro-ids.org/	Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.106 Safari/535.2	0	0	304	Not Modified	-	-	-	(empty)	-	-	-	-	-	-
+1320329757.776240	j4u32Pc5bif	10.0.2.15	49286	192.150.187.43	80	1	GET	bro-ids.org	/js/jquery.fancybox-1.3.4.pack.js	http://bro-ids.org/	Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.106 Safari/535.2	0	0	304	Not Modified	-	-	-	(empty)	-	-	-	-	-	-
+1320329757.775251	arKYeMETxOg	10.0.2.15	49283	192.150.187.43	80	1	GET	bro-ids.org	/css/bro-ids.css	http://bro-ids.org/	Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.106 Safari/535.2	0	0	304	Not Modified	-	-	-	(empty)	-	-	-	-	-	-
+1320329757.975651	UWkUyAuUGXf	10.0.2.15	49282	192.150.187.43	80	4	GET	bro-ids.org	/js/jquery.tableofcontents.js	http://bro-ids.org/	Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.106 Safari/535.2	0	0	304	Not Modified	-	-	-	(empty)	-	-	-	-	-	-
+1320329757.979943	k6kgXLOoSKl	10.0.2.15	49284	192.150.187.43	80	2	GET	bro-ids.org	/js/superfish.js	http://bro-ids.org/	Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.106 Safari/535.2	0	0	304	Not Modified	-	-	-	(empty)	-	-	-	-	-	-
+1320329757.985656	TEfuqmmG4bh	10.0.2.15	49287	192.150.187.43	80	2	GET	bro-ids.org	/js/hoverIntent.js	http://bro-ids.org/	Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.106 Safari/535.2	0	0	304	Not Modified	-	-	-	(empty)	-	-	-	-	-	-
+1320329757.989904	nQcgTWjvg4c	10.0.2.15	49285	192.150.187.43	80	2	GET	bro-ids.org	/js/general.js	http://bro-ids.org/	Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.106 Safari/535.2	0	0	304	Not Modified	-	-	-	(empty)	-	-	-	-	-	-
+1320329757.991315	j4u32Pc5bif	10.0.2.15	49286	192.150.187.43	80	2	GET	bro-ids.org	/js/jquery.collapse.js	http://bro-ids.org/	Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.106 Safari/535.2	0	0	304	Not Modified	-	-	-	(empty)	-	-	-	-	-	-
+1320329758.172397	j4u32Pc5bif	10.0.2.15	49286	192.150.187.43	80	3	GET	bro-ids.org	/css/print.css	http://bro-ids.org/	Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.106 Safari/535.2	0	0	304	Not Modified	-	-	-	(empty)	-	-	-	-	-	-
+1320329759.998388	j4u32Pc5bif	10.0.2.15	49286	192.150.187.43	80	4	GET	bro-ids.org	/documentation/index.html	http://bro-ids.org/	Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.106 Safari/535.2	0	0	304	Not Modified	-	-	-	(empty)	-	-	-	-	-	-
+1320329760.146412	j4u32Pc5bif	10.0.2.15	49286	192.150.187.43	80	5	GET	bro-ids.org	/js/breadcrumbs.js	http://bro-ids.org/documentation/index.html	Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.106 Safari/535.2	0	0	304	Not Modified	-	-	-	(empty)	-	-	-	-	-	-
+1320329762.971726	j4u32Pc5bif	10.0.2.15	49286	192.150.187.43	80	6	GET	bro-ids.org	/documentation/reporting-problems.html	http://bro-ids.org/documentation/index.html	Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.2 (KHTML, like Gecko) Chrome/15.0.874.106 Safari/535.2	0	0	304	Not Modified	-	-	-	(empty)	-	-	-	-	-	-
+#close	2013-05-07-14-38-27
--- a/testing/btest/Traces/workshop_2011_browse.trace
+++ b/testing/btest/Traces/workshop_2011_browse.trace
--- a/testing/btest/doc/manual/using_bro_sandbox_02
+++ b/testing/btest/doc/manual/using_bro_sandbox_02
@ -0,0 +1,4 @@
+# @TEST-EXEC: bro -r ${TRACES}/workshop_2011_browse.trace
+# @TEST-EXEC: btest-diff conn.log
+# @TEST-EXEC: btest-diff http.log
+