Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-09 10:08:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge remote branch 'origin/master' into topic/bernhard/hyperloglog

Browse source 
Conflicts:
	src/3rdparty
This commit is contained in:
Bernhard Amann 2013-08-26 12:53:13 -07:00
commit 74f96d22ef
232 changed files with 9163 additions and 148274 deletions
Download patch file Download diff file Expand all files Collapse all files

4
testing/btest/scripts/base/frameworks/input/basic.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
redef exit_only_after_terminate = T;
@ -50,13 +50,13 @@ event bro_init()
outfile = open("../out");
# first read in the old stuff into the table...
Input::add_table([$source="../input.log", $name="ssh", $idx=Idx, $val=Val, $destination=servers]);
Input::remove("ssh");
}
event Input::end_of_data(name: string, source:string)
{
print outfile, servers;
print outfile, to_count(servers[-42]$ns); # try to actually use a string. If null-termination is wrong this will fail.
Input::remove("ssh");
close(outfile);
terminate();
}

4
testing/btest/scripts/base/frameworks/input/bignumber.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
redef exit_only_after_terminate = T;
@ -31,12 +31,12 @@ event bro_init()
outfile = open("../out");
# first read in the old stuff into the table...
Input::add_table([$source="../input.log", $name="ssh", $idx=Idx, $val=Val, $destination=servers]);
Input::remove("ssh");
}
event Input::end_of_data(name: string, source:string)
{
print outfile, servers;
Input::remove("ssh");
close(outfile);
terminate();
}

4
testing/btest/scripts/base/frameworks/input/binary.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
redef exit_only_after_terminate = T;
@ -39,6 +39,7 @@ event line(description: Input::EventDescription, tpe: Input::Event, a: string, b
try = try + 1;
if ( try == 3 )
{
Input::remove("input");
close(outfile);
terminate();
}
@ -49,5 +50,4 @@ event bro_init()
try = 0;
outfile = open("../out");
Input::add_event([$source="../input.log", $name="input", $fields=Val, $ev=line, $want_record=F]);
Input::remove("input");
}

2
testing/btest/scripts/base/frameworks/input/empty-values-hashing.bro
View file

@ -2,7 +2,7 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: sleep 2
# @TEST-EXEC: cp input2.log input.log
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
@TEST-START-FILE input1.log

4
testing/btest/scripts/base/frameworks/input/emptyvals.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
@TEST-START-FILE input.log
@ -34,12 +34,12 @@ event bro_init()
outfile = open("../out");
# first read in the old stuff into the table...
Input::add_table([$source="../input.log", $name="ssh", $idx=Idx, $val=Val, $destination=servers]);
Input::remove("ssh");
}
event Input::end_of_data(name: string, source:string)
{
print outfile, servers;
Input::remove("ssh");
close(outfile);
terminate();
}

4
testing/btest/scripts/base/frameworks/input/event.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
@TEST-START-FILE input.log
@ -39,12 +39,12 @@ event bro_init()
{
outfile = open("../out");
Input::add_event([$source="../input.log", $name="input", $fields=Val, $ev=line, $want_record=F]);
Input::remove("input");
}
event Input::end_of_data(name: string, source:string)
{
print outfile, "End-of-data";
Input::remove("input");
close(outfile);
terminate();
}

4
testing/btest/scripts/base/frameworks/input/invalidnumbers.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
# @TEST-EXEC: sed 1d .stderr > .stderrwithoutfirstline
# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff .stderrwithoutfirstline
@ -35,11 +35,11 @@ event bro_init()
outfile = open("../out");
# first read in the old stuff into the table...
Input::add_table([$source="../input.log", $name="ssh", $idx=Idx, $val=Val, $destination=servers]);
Input::remove("ssh");
}
event Input::end_of_data(name: string, source:string)
{
print outfile, servers;
Input::remove("ssh");
terminate();
}

4
testing/btest/scripts/base/frameworks/input/invalidtext.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
# @TEST-EXEC: sed 1d .stderr > .stderrwithoutfirstline
# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff .stderrwithoutfirstline
@ -33,11 +33,11 @@ event bro_init()
outfile = open("../out");
# first read in the old stuff into the table...
Input::add_table([$source="../input.log", $name="ssh", $idx=Idx, $val=Val, $destination=servers]);
Input::remove("ssh");
}
event Input::end_of_data(name: string, source:string)
{
print outfile, servers;
Input::remove("ssh");
terminate();
}

1
testing/btest/scripts/base/frameworks/input/missing-file.bro
View file

@ -23,5 +23,4 @@ event bro_init()
try = 0;
outfile = open("../out");
Input::add_event([$source="does-not-exist.dat", $name="input", $fields=Val, $ev=line, $want_record=F]);
Input::remove("input");
}

4
testing/btest/scripts/base/frameworks/input/onecolumn-norecord.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
@TEST-START-FILE input.log
@ -32,12 +32,12 @@ event bro_init()
{
outfile = open("../out");
Input::add_table([$source="../input.log", $name="input", $idx=Idx, $val=Val, $destination=servers, $want_record=F]);
Input::remove("input");
}
event Input::end_of_data(name: string, source: string)
{
print outfile, servers;
Input::remove("input");
close(outfile);
terminate();
}

4
testing/btest/scripts/base/frameworks/input/onecolumn-record.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
@TEST-START-FILE input.log
@ -32,12 +32,12 @@ event bro_init()
{
outfile = open("../out");
Input::add_table([$name="input", $source="../input.log", $idx=Idx, $val=Val, $destination=servers]);
Input::remove("input");
}
event Input::end_of_data(name: string, source: string)
{
print outfile, servers;
Input::remove("input");
close(outfile);
terminate();
}

4
testing/btest/scripts/base/frameworks/input/optional.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
@TEST-START-FILE input.log
@ -42,12 +42,12 @@ event bro_init()
Input::add_table([$source="../input.log", $name="input", $idx=Idx, $val=Val, $destination=servers,
$pred(typ: Input::Event, left: Idx, right: Val) = { right$notb = !right$b; return T; }
]);
Input::remove("input");
}
event Input::end_of_data(name: string, source: string)
{
print outfile, servers;
Input::remove("input");
close(outfile);
terminate();
}

4
testing/btest/scripts/base/frameworks/input/port.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
@TEST-START-FILE input.log
@ -37,7 +37,6 @@ event bro_init()
print outfile, servers[1.2.3.5];
if ( 1.2.3.6 in servers )
print outfile, servers[1.2.3.6];
Input::remove("input");
}
event Input::end_of_data(name: string, source: string)
@ -45,6 +44,7 @@ event Input::end_of_data(name: string, source: string)
print outfile, servers[1.2.3.4];
print outfile, servers[1.2.3.5];
print outfile, servers[1.2.3.6];
Input::remove("input");
close(outfile);
terminate();
}

4
testing/btest/scripts/base/frameworks/input/predicate-stream.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
#
# only difference from predicate.bro is, that this one uses a stream source.
@ -59,6 +59,7 @@ event line(description: Input::TableDescription, tpe: Input::Event, left: Idx, r
print outfile, "VALID";
if ( 7 in servers )
print outfile, "VALID";
Input::remove("input");
close(outfile);
terminate();
}
@ -71,6 +72,5 @@ event bro_init()
Input::add_table([$source="../input.log", $mode=Input::STREAM, $name="input", $idx=Idx, $val=Val, $destination=servers, $want_record=F, $ev=line,
$pred(typ: Input::Event, left: Idx, right: bool) = { return right; }
]);
Input::remove("input");
}

4
testing/btest/scripts/base/frameworks/input/predicate.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
@TEST-START-FILE input.log
@ -41,7 +41,6 @@ event bro_init()
Input::add_table([$source="../input.log", $name="input", $idx=Idx, $val=Val, $destination=servers, $want_record=F,
$pred(typ: Input::Event, left: Idx, right: bool) = { return right; }
]);
Input::remove("input");
}
event Input::end_of_data(name: string, source: string)
@ -60,6 +59,7 @@ event Input::end_of_data(name: string, source: string)
print outfile, "VALID";
if ( 7 in servers )
print outfile, "VALID";
Input::remove("input");
close(outfile);
terminate();
}

4
testing/btest/scripts/base/frameworks/input/predicatemodify.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
@TEST-START-FILE input.log
@ -45,12 +45,12 @@ event bro_init()
return T;
}
]);
Input::remove("input");
}
event Input::end_of_data(name: string, source: string)
{
print outfile, servers;
Input::remove("input");
close(outfile);
terminate();
}

2
testing/btest/scripts/base/frameworks/input/predicatemodifyandreread.bro
View file

@ -8,7 +8,7 @@
# @TEST-EXEC: cp input4.log input.log
# @TEST-EXEC: sleep 2
# @TEST-EXEC: cp input5.log input.log
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
#

4
testing/btest/scripts/base/frameworks/input/predicaterefusesecondsamerecord.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
# Ok, this one tests a fun case.
@ -42,12 +42,12 @@ event bro_init()
Input::add_table([$source="../input.log", $name="input", $idx=Idx, $val=Val, $destination=servers,
$pred(typ: Input::Event, left: Idx, right: Val) = { if ( right$confidence > 90 ) { return T; } return F; }
]);
Input::remove("input");
}
event Input::end_of_data(name: string, source: string)
{
print outfile, servers;
Input::remove("input");
close(outfile);
terminate();
}

4
testing/btest/scripts/base/frameworks/input/raw/basic.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
@TEST-START-FILE input.log
@ -32,6 +32,7 @@ event line(description: Input::EventDescription, tpe: Input::Event, s: string)
try = try + 1;
if ( try == 8 )
{
Input::remove("input");
close(outfile);
terminate();
}
@ -42,5 +43,4 @@ event bro_init()
try = 0;
outfile = open("../out");
Input::add_event([$source="../input.log", $reader=Input::READER_RAW, $mode=Input::STREAM, $name="input", $fields=Val, $ev=line, $want_record=F]);
Input::remove("input");
}

4
testing/btest/scripts/base/frameworks/input/raw/execute.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: cat out.tmp | sed 's/^ *//g' >out
# @TEST-EXEC: btest-diff out
@ -27,6 +27,7 @@ event line(description: Input::EventDescription, tpe: Input::Event, s: string)
print outfile, description;
print outfile, tpe;
print outfile, s;
Input::remove("input");
close(outfile);
terminate();
}
@ -35,5 +36,4 @@ event bro_init()
{
outfile = open("../out.tmp");
Input::add_event([$source="wc -l ../input.log |", $reader=Input::READER_RAW, $name="input", $fields=Val, $ev=line, $want_record=F]);
Input::remove("input");
}

57
testing/btest/scripts/base/frameworks/input/raw/executestdin.bro
View file

@ -1,13 +1,19 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 15
# @TEST-EXEC: btest-diff test.txt
# @TEST-EXEC: btest-diff out
# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-sort btest-diff out
redef exit_only_after_terminate = T;
@load base/frameworks/communication # let network-time run. otherwise there are no heartbeats...
global outfile: file;
global try: count;
global processes_finished: count = 0;
global n: count = 0;
global total_processes: count = 0;
global config_strings: table[string] of string = {
["stdin"] = "hello\nthere\1\2\3\4\5\1\2\3yay"
};
module A;
@ -17,27 +23,46 @@ type Val: record {
event line(description: Input::EventDescription, tpe: Input::Event, s: string)
{
print outfile, description;
print outfile, tpe;
print outfile, tpe, description$source, description$name;
print outfile, s;
try = try + 1;
if ( try == 2 )
}
event InputRaw::process_finished(name: string, source:string, exit_code:count, signal_exit:bool)
{
print "process_finished", name, source;
Input::remove(name);
++processes_finished;
if ( processes_finished == total_processes )
{
Input::remove("input2");
close(outfile);
terminate();
}
}
function more_input(name_prefix: string)
{
local name = fmt("%s%d", name_prefix, n);
config_strings["stdin"] += fmt("%d", n);
++n;
++total_processes;
Input::add_event([$source="cat |",
$reader=Input::READER_RAW, $mode=Input::STREAM,
$name=name, $fields=Val, $ev=line, $want_record=F,
$config=config_strings]);
}
event bro_init()
{
local config_strings: table[string] of string = {
["stdin"] = "hello\nthere\1\2\3\4\5\1\2\3yay"
#["stdin"] = "yay"
};
try = 0;
outfile = open("../out");
Input::add_event([$source="cat > ../test.txt |", $reader=Input::READER_RAW, $mode=Input::STREAM, $name="input", $fields=Val, $ev=line, $want_record=F, $config=config_strings]);
Input::add_event([$source="cat |", $reader=Input::READER_RAW, $mode=Input::STREAM, $name="input2", $fields=Val, $ev=line, $want_record=F, $config=config_strings]);
++total_processes;
Input::add_event([$source="cat > ../test.txt |",
$reader=Input::READER_RAW, $mode=Input::STREAM,
$name="input", $fields=Val, $ev=line, $want_record=F,
$config=config_strings]);
more_input("input");
more_input("input");
more_input("input");
more_input("input");
more_input("input");
}

2
testing/btest/scripts/base/frameworks/input/raw/executestream.bro
View file

@ -4,7 +4,7 @@
# @TEST-EXEC: cat input2.log >> input.log
# @TEST-EXEC: sleep 3
# @TEST-EXEC: cat input3.log >> input.log
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
redef exit_only_after_terminate = T;

4
testing/btest/scripts/base/frameworks/input/raw/long.bro
View file

@ -1,6 +1,6 @@
# @TEST-EXEC: dd if=/dev/zero of=input.log bs=8193 count=1
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
#
# this test should be longer than one block-size. to test behavior of input-reader if it has to re-allocate stuff.
@ -23,6 +23,7 @@ event line(description: Input::EventDescription, tpe: Input::Event, s: string)
try = try + 1;
if ( try == 1 )
{
Input::remove("input");
close(outfile);
terminate();
}
@ -33,5 +34,4 @@ event bro_init()
try = 0;
outfile = open("../out");
Input::add_event([$source="../input.log", $reader=Input::READER_RAW, $mode=Input::STREAM, $name="input", $fields=Val, $ev=line, $want_record=F]);
Input::remove("input");
}

4
testing/btest/scripts/base/frameworks/input/raw/rereadraw.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
@TEST-START-FILE input.log
@ -32,6 +32,7 @@ event line(description: Input::EventDescription, tpe: Input::Event, s: string)
try = try + 1;
if ( try == 16 )
{
Input::remove("input");
close(outfile);
terminate();
}
@ -43,5 +44,4 @@ event bro_init()
outfile = open("../out");
Input::add_event([$source="../input.log", $reader=Input::READER_RAW, $mode=Input::REREAD, $name="input", $fields=Val, $ev=line, $want_record=F]);
Input::force_update("input");
Input::remove("input");
}

15
testing/btest/scripts/base/frameworks/input/raw/stderr.bro
View file

@ -1,8 +1,9 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
redef exit_only_after_terminate = T;
@load base/frameworks/communication # let network-time run. otherwise there are no heartbeats...
type Val: record {
s: string;
@ -37,12 +38,15 @@ event line(description: Input::EventDescription, tpe: Input::Event, s: string, i
}
}
global n = 0;
event Input::end_of_data(name: string, source:string)
{
print outfile, "End of Data event";
print outfile, name;
terminate(); # due to the current design, end_of_data will be called after process_finshed and all line events.
# this could potentially change
++n;
if ( n == 2 )
terminate();
}
event InputRaw::process_finished(name: string, source:string, exit_code:count, signal_exit:bool)
@ -51,6 +55,9 @@ event InputRaw::process_finished(name: string, source:string, exit_code:count, s
print outfile, name;
if ( exit_code != 0 )
print outfile, "Exit code != 0";
++n;
if ( n == 2 )
terminate();
}
event bro_init()
@ -62,5 +69,5 @@ event bro_init()
outfile = open("../out");
try = 0;
Input::add_event([$source="ls .. ../nonexistant ../nonexistant2 ../nonexistant3 |", $reader=Input::READER_RAW, $name="input", $fields=Val, $ev=line, $want_record=F, $config=config_strings]);
Input::add_event([$source="ls .. ../nonexistant ../nonexistant2 ../nonexistant3 |", $reader=Input::READER_RAW, $name="input", $fields=Val, $ev=line, $want_record=F, $config=config_strings, $mode=Input::STREAM]);
}

2
testing/btest/scripts/base/frameworks/input/raw/streamraw.bro
View file

@ -4,7 +4,7 @@
# @TEST-EXEC: cat input2.log >> input.log
# @TEST-EXEC: sleep 3
# @TEST-EXEC: cat input3.log >> input.log
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
redef exit_only_after_terminate = T;

6
testing/btest/scripts/base/frameworks/input/repeat.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-sort btest-diff out
@TEST-START-FILE input.log
@ -36,10 +36,7 @@ event bro_init()
try = 0;
outfile = open("../out");
for ( i in one_to_32 )
{
Input::add_table([$source="../input.log", $name=fmt("input%d", i), $idx=Idx, $val=Val, $destination=destination, $want_record=F]);
Input::remove(fmt("input%d", i));
}
}
event Input::end_of_data(name: string, source: string)
@ -47,6 +44,7 @@ event Input::end_of_data(name: string, source: string)
print outfile, name;
print outfile, source;
print outfile, destination;
Input::remove(name);
try = try + 1;
if ( try == 32 )
{

2
testing/btest/scripts/base/frameworks/input/reread.bro
View file

@ -8,7 +8,7 @@
# @TEST-EXEC: cp input4.log input.log
# @TEST-EXEC: sleep 2
# @TEST-EXEC: cp input5.log input.log
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
@TEST-START-FILE input1.log

4
testing/btest/scripts/base/frameworks/input/set.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-sort btest-diff out
@TEST-START-FILE input.log
@ -32,12 +32,12 @@ event bro_init()
outfile = open("../out");
# first read in the old stuff into the table...
Input::add_table([$source="../input.log", $name="ssh", $idx=Idx, $destination=servers]);
Input::remove("ssh");
}
event Input::end_of_data(name: string, source:string)
{
print outfile, servers;
Input::remove("ssh");
close(outfile);
terminate();
}

4
testing/btest/scripts/base/frameworks/input/setseparator.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-sort btest-diff out
@TEST-START-FILE input.log
@ -32,12 +32,12 @@ event bro_init()
outfile = open("../out");
# first read in the old stuff into the table...
Input::add_table([$source="../input.log", $name="ssh", $idx=Idx, $val=Val, $destination=servers]);
Input::remove("ssh");
}
event Input::end_of_data(name: string, source:string)
{
print outfile, servers;
Input::remove("ssh");
close(outfile);
terminate();
}

4
testing/btest/scripts/base/frameworks/input/setspecialcases.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-sort btest-diff out
@TEST-START-FILE input.log
@ -36,12 +36,12 @@ event bro_init()
outfile = open("../out");
# first read in the old stuff into the table...
Input::add_table([$source="../input.log", $name="ssh", $idx=Idx, $val=Val, $destination=servers]);
Input::remove("ssh");
}
event Input::end_of_data(name: string, source:string)
{
print outfile, servers;
Input::remove("ssh");
close(outfile);
terminate();
}

2
testing/btest/scripts/base/frameworks/input/sqlite/basic.bro
View file

@ -3,7 +3,7 @@
#
# @TEST-EXEC: cat conn.sql | sqlite3 conn.sqlite
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
@TEST-START-FILE conn.sql

4
testing/btest/scripts/base/frameworks/input/sqlite/error.bro
View file

@ -3,7 +3,7 @@
# @TEST-GROUP: sqlite
#
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: sed '1d' .stderr | sort > cmpfile
# @TEST-EXEC: btest-diff cmpfile
@ -93,6 +93,6 @@ event bro_init()
Input::add_event([$source="../ssh", $name="ssh", $fields=SSH::Log, $ev=line, $reader=Input::READER_SQLITE, $want_record=T, $config=config_strings]);
Input::add_event([$source="../ssh", $name="ssh2", $fields=SSH::Log, $ev=line, $reader=Input::READER_SQLITE, $want_record=T, $config=config_strings2]);
schedule +1secs { term_me() };
schedule +3secs { term_me() };
}

2
testing/btest/scripts/base/frameworks/input/sqlite/port.bro
View file

@ -3,7 +3,7 @@
#
# @TEST-EXEC: cat port.sql | sqlite3 port.sqlite
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
@TEST-START-FILE port.sql

2
testing/btest/scripts/base/frameworks/input/sqlite/types.bro
View file

@ -3,7 +3,7 @@
# @TEST-GROUP: sqlite
#
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
@TEST-START-FILE ssh.sql

2
testing/btest/scripts/base/frameworks/input/stream.bro
View file

@ -4,7 +4,7 @@
# @TEST-EXEC: cat input2.log >> input.log
# @TEST-EXEC: sleep 3
# @TEST-EXEC: cat input3.log >> input.log
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
@TEST-START-FILE input1.log

4
testing/btest/scripts/base/frameworks/input/subrecord-event.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
@TEST-START-FILE input.log
@ -58,6 +58,7 @@ event line(description: Input::EventDescription, tpe: Input::Event, value: Val)
try = try + 1;
if ( try == 1 )
{
Input::remove("ssh");
close(outfile);
terminate();
}
@ -68,5 +69,4 @@ event bro_init()
try = 0;
outfile = open("../out");
Input::add_event([$source="../input.log", $name="ssh", $fields=Val, $ev=line, $want_record=T]);
Input::remove("ssh");
}

4
testing/btest/scripts/base/frameworks/input/subrecord.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
@TEST-START-FILE input.log
@ -56,12 +56,12 @@ event bro_init()
outfile = open("../out");
# first read in the old stuff into the table...
Input::add_table([$source="../input.log", $name="ssh", $idx=Idx, $val=Val, $destination=servers]);
Input::remove("ssh");
}
event Input::end_of_data(name: string, source:string)
{
print outfile, servers;
Input::remove("ssh");
close(outfile);
terminate();
}

4
testing/btest/scripts/base/frameworks/input/tableevent.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
@TEST-START-FILE input.log
@ -41,6 +41,7 @@ event line(description: Input::TableDescription, tpe: Input::Event, left: Idx, r
try = try + 1;
if ( try == 7 )
{
Input::remove("input");
close(outfile);
terminate();
}
@ -51,5 +52,4 @@ event bro_init()
try = 0;
outfile = open("../out");
Input::add_table([$source="../input.log", $name="input", $idx=Idx, $val=Val, $destination=destination, $want_record=F,$ev=line]);
Input::remove("input");
}

2
testing/btest/scripts/base/frameworks/input/twotables.bro
View file

@ -2,7 +2,7 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: sleep 5
# @TEST-EXEC: cp input3.log input.log
# @TEST-EXEC: btest-bg-wait -k 10
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff event.out
# @TEST-EXEC: btest-diff pred1.out
# @TEST-EXEC: btest-diff pred2.out

4
testing/btest/scripts/base/frameworks/input/unsupported_types.bro
View file

@ -1,5 +1,5 @@
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
# @TEST-EXEC: btest-bg-wait -k 5
# @TEST-EXEC: btest-bg-wait 10
# @TEST-EXEC: btest-diff out
@TEST-START-FILE input.log
@ -50,12 +50,12 @@ event bro_init()
outfile = open("../out");
# first read in the old stuff into the table...
Input::add_table([$source="../input.log", $name="ssh", $idx=Idx, $val=Val, $destination=servers]);
Input::remove("ssh");
}
event Input::end_of_data(name: string, source:string)
{
print outfile, servers;
Input::remove("ssh");
close(outfile);
terminate();
}