Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-03 23:28:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Updated tests; removed net type from type conversion code.

Browse source
This commit is contained in:
Gilbert Clark gc355804@ohio.edu 2011-08-30 11:40:50 -07:00
parent 5b6329577f
commit 728c0b5b35
7 changed files with 26 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

2
src/LogWriterAscii.cc
View file

@ -54,8 +54,6 @@ static string _GetBroTypeString(const LogField *field)
return "double"; return "double";
case TYPE_SUBNET: case TYPE_SUBNET:
return "subnet"; return "subnet";
case TYPE_NET:
return "net";
case TYPE_ADDR: case TYPE_ADDR:
return "addr"; return "addr";
case TYPE_ENUM: case TYPE_ENUM:

6
testing/btest/Baseline/core.print-bpf-filters-ipv4/conn.log
View file

@ -1,5 +1,5 @@
# separator \x09 # separator \x09
# fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig missed_bytes history # fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes
# types time string addr port addr port enum string interval count count string bool count string # types time string addr port addr port enum string interval count count string bool count string count count count count
# path conn # path conn
1128727435.450898 UWkUyAuUGXf 141.42.64.125 56730 125.190.109.199 80 tcp http 1.73330307006836 98 9417 SF - 0 ShADdFaf 1128727435.450898 UWkUyAuUGXf 141.42.64.125 56730 125.190.109.199 80 tcp http 1.73330307006836 98 9417 SF - 0 ShADdFaf 12 710 10 9945

10
testing/btest/Baseline/core.vlan-mpls/conn.log
View file

@ -1,7 +1,7 @@
# separator \x09 # separator \x09
# fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig missed_bytes history # fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p proto service duration orig_bytes resp_bytes conn_state local_orig missed_bytes history orig_pkts orig_ip_bytes resp_pkts resp_ip_bytes
# types time string addr port addr port enum string interval count count string bool count string # types time string addr port addr port enum string interval count count string bool count string count count count count
# path conn # path conn
952109346.874907 UWkUyAuUGXf 10.1.2.1 11001 10.34.0.1 23 tcp - 2.10255992412567 25 0 SH - 0 - 952109346.874907 UWkUyAuUGXf 10.1.2.1 11001 10.34.0.1 23 tcp - 2.10255992412567 25 0 SH - 0 - 11 280 0 0
1128727435.450898 56gKBmhBBB6 141.42.64.125 56730 125.190.109.199 80 tcp http 1.73330307006836 98 9417 SF - 0 ShADdFaf 1128727435.450898 56gKBmhBBB6 141.42.64.125 56730 125.190.109.199 80 tcp http 1.73330307006836 98 9417 SF - 0 ShADdFaf 12 710 10 9945
1278600802.069419 50da4BEzauh 10.20.80.1 50343 10.0.0.15 80 tcp - 0.00415205955505371 9 3429 SF - 0 ShADadfF 1278600802.069419 50da4BEzauh 10.20.80.1 50343 10.0.0.15 80 tcp - 0.00415205955505371 9 3429 SF - 0 ShADadfF 7 361 7 3801

7
testing/btest/Baseline/scripts.base.frameworks.logging.remote-types/receiver.test.log
View file

@ -1,2 +1,5 @@
# b i e c p sn a d t iv s sc ss se vc ve # separator \x09
T -42 Test::TEST 21 123 10.0.0.0/24 1.2.3.4 3.14 1313623666.027768 100.0 hurz 2,4,1,3 CC,AA,BB EMPTY 10,20,30 EMPTY # fields b i e c p sn a d t iv s sc ss se vc ve
# types bool int enum count port subnet addr double time interval string table table table vector vector
# path test
T -42 Test::TEST 21 123 10.0.0.0/24 1.2.3.4 3.14 1314729588.035807 100.0 hurz 2,4,1,3 CC,AA,BB EMPTY 10,20,30 EMPTY

BIN
testing/btest/Baseline/scripts.base.frameworks.logging.types/ssh.log
View file

Binary file not shown.

11
testing/btest/Baseline/scripts.base.frameworks.metrics.basic/metrics.log
View file

@ -1,4 +1,7 @@
# ts metric_id filter_name index.host index.str index.network value # separator \x09
1313430544.678529 TEST_METRIC foo-bar 6.5.4.3 - - 2 # fields ts metric_id filter_name index.host index.str index.network value
1313430544.678529 TEST_METRIC foo-bar 1.2.3.4 - - 3 # types time enum string addr string subnet count
1313430544.678529 TEST_METRIC foo-bar 7.2.1.5 - - 1 # path metrics
1314729506.922865 TEST_METRIC foo-bar 6.5.4.3 - - 2
1314729506.922865 TEST_METRIC foo-bar 1.2.3.4 - - 3
1314729506.922865 TEST_METRIC foo-bar 7.2.1.5 - - 1

9
testing/btest/Baseline/scripts.base.frameworks.metrics.notice/notice.log
View file

@ -1,3 +1,6 @@
# ts uid id.orig_h id.orig_p id.resp_h id.resp_p note msg sub src dst p n peer_descr actions policy_items dropped remote_location.country_code remote_location.region remote_location.city remote_location.latitude remote_location.longitude metric_index.host metric_index.str metric_index.network # separator \x09
1313685819.326521 - - - - - Test_Notice Threshold crossed by metric_index(host=1.2.3.4) 3/2 - 1.2.3.4 - - 3 bro Notice::ACTION_LOG 4 - - - - - - 1.2.3.4 - - # fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p note msg sub src dst p n peer_descr actions policy_items dropped remote_location.country_code remote_location.region remote_location.city remote_location.latitude remote_location.longitude metric_index.host metric_index.str metric_index.network
1313685819.326521 - - - - - Test_Notice Threshold crossed by metric_index(host=6.5.4.3) 2/2 - 6.5.4.3 - - 2 bro Notice::ACTION_LOG 4 - - - - - - 6.5.4.3 - - # types time string addr port addr port enum string string addr addr port count string table table bool string string string double double addr string subnet
# path notice
1314729528.972185 - - - - - Test_Notice Threshold crossed by metric_index(host=1.2.3.4) 3/2 - 1.2.3.4 - - 3 bro Notice::ACTION_LOG 4 - - - - - - 1.2.3.4 - -
1314729528.972185 - - - - - Test_Notice Threshold crossed by metric_index(host=6.5.4.3) 2/2 - 6.5.4.3 - - 2 bro Notice::ACTION_LOG 4 - - - - - - 6.5.4.3 - -