Add a test that detects changes in the list of all Bro log files

2025-10-02 14:48:21 +00:00 · 2014-09-26 22:06:56 -05:00 · 2014-09-26 22:06:56 -05:00 · 6dc4863d81
commit 6dc4863d81
parent 16c70a5179
2 changed files with 87 additions and 0 deletions
--- a/testing/btest/Baseline/coverage.find-bro-logs/out
+++ b/testing/btest/Baseline/coverage.find-bro-logs/out
@ -0,0 +1,42 @@
+app_stats
+barnyard2
+capture_loss
+cluster
+communication
+conn
+dhcp
+dnp3
+dns
+dpd
+files
+ftp
+http
+intel
+irc
+known_certs
+known_devices
+known_hosts
+known_modbus
+known_services
+loaded_scripts
+modbus
+modbus_register_change
+notice
+notice_alarm
+packet_filter
+radius
+reporter
+signatures
+smtp
+snmp
+socks
+software
+ssh
+ssl
+stats
+syslog
+traceroute
+tunnel
+unified2
+weird
+x509
--- a/testing/btest/coverage/find-bro-logs.test
+++ b/testing/btest/coverage/find-bro-logs.test
@ -0,0 +1,45 @@
+# This test is intended to help keep Bro's reference documentation up-to-date.
+# If this test fails, then it indicates that the set of all the log filenames
+# that Bro could potentially create (with the scripts included with Bro) has
+# changed.  In that case, the reference documentation listing all Bro log files
+# should be checked and updated if necessary.
+
+# @TEST-EXEC: bash %INPUT
+# @TEST-EXEC: btest-diff out
+
+BROSCRIPTS=${DIST}/scripts
+
+# For a given Bro script, look for a call to "create_stream".  If found,
+# extract the log ID (adding the module name if necessary), and print the
+# log ID and script filename.
+cat << '_EOF_' > find_logid.awk
+/module[ ]+[A-Za-z0-9_]/ {
+    mod = $2
+    if ( substr(mod, length(mod), 1) == ";" ) {
+        mod = substr(mod, 1, length(mod)-1)
+    }
+}
+
+/Log::create_stream/ {
+    if ( substr($1, 1, 1) != "#" ) {
+        x = index($1, "(")
+        logid = substr($1, x+1, length($1)-x-1)
+        if ( logid == "LOG" ) {
+            printf "%s::", mod
+        }
+        printf "%s", logid
+        printf " %s\n", FILENAME
+    }
+}
+_EOF_
+
+find ${BROSCRIPTS} -type f -exec awk -f find_logid.awk {} \; > out.logid
+
+# For each log ID, have Bro convert it to the corresponding log filename
+# using the default mechanism for generating a log filename (we must load
+# all Bro scripts so that all log IDs are defined).
+awk '{print $1}' out.logid | while read logid; do
+    bro ${BROSCRIPTS}/test-all-policy.bro -e "print Log::default_path_func(${logid}, \"\", 0);" >> out.tmp
+done
+
+grep -v WARNING out.tmp | sort -u > out