Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-12 11:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

BIT-1410: Add btest

Browse source
This commit is contained in:
Vlad Grigorescu 2015-06-01 20:49:04 -05:00
parent 05ea2d43c7
commit 847b16442b
3 changed files with 27 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

12
testing/btest/Baseline/scripts.base.protocols.smtp.attachment/files.log Normal file
View file

@ -0,0 +1,12 @@
#separator \x09
#set_separator ,
#empty_field (empty)
#unset_field -
#path files
#open 2015-06-02-01-46-30
#fields ts fuid tx_hosts rx_hosts conn_uids source depth analyzers mime_type filename duration local_orig is_orig seen_bytes total_bytes missing_bytes overflow_bytes timedout parent_fuid
#types time string set[addr] set[addr] set[string] string count set[string] string string interval bool bool count count count count bool string
1254722770.692743 Fel9gs4OtNEV6gUJZ5 10.10.1.4 74.53.140.153 CXWv6p3arKYeMETxOg SMTP 3 (empty) text/plain - 0.000000 - T 77 - 0 0 F -
1254722770.692743 Ft4M3f2yMvLlmwtbq9 10.10.1.4 74.53.140.153 CXWv6p3arKYeMETxOg SMTP 4 (empty) text/html - 0.000061 - T 1868 - 0 0 F -
1254722770.692804 FL9Y0d45OI4LpS6fmh 10.10.1.4 74.53.140.153 CXWv6p3arKYeMETxOg SMTP 5 (empty) text/plain NEWS.txt 1.165512 - T 10809 - 0 0 F -
#close 2015-06-02-01-46-31

10
testing/btest/Baseline/scripts.base.protocols.smtp.attachment/smtp.log Normal file
View file

@ -0,0 +1,10 @@
#separator \x09
#set_separator ,
#empty_field (empty)
#unset_field -
#path smtp
#open 2015-06-02-01-46-30
#fields ts uid id.orig_h id.orig_p id.resp_h id.resp_p trans_depth helo mailfrom rcptto date from to reply_to msg_id in_reply_to subject x_originating_ip first_received second_received last_reply path user_agent tls fuids
#types time string addr port addr port count string string set[string] string string set[string] string string string string addr string string string vector[addr] string bool vector[string]
1254722768.219663 CXWv6p3arKYeMETxOg 10.10.1.4 1470 74.53.140.153 25 1 GP <gurpartap@patriots.in> <raj_deol2002in@yahoo.co.in> Mon, 5 Oct 2009 11:36:07 +0530 "Gurpartap Singh" <gurpartap@patriots.in> <raj_deol2002in@yahoo.co.in> - <000301ca4581$ef9e57f0$cedb07d0$@in> - SMTP - - - 250 OK id=1Mugho-0003Dg-Un 74.53.140.153,10.10.1.4 Microsoft Office Outlook 12.0 F Fel9gs4OtNEV6gUJZ5,Ft4M3f2yMvLlmwtbq9,FL9Y0d45OI4LpS6fmh
#close 2015-06-02-01-46-31

5
testing/btest/scripts/base/protocols/smtp/attachment.test Normal file
View file

@ -0,0 +1,5 @@
# @TEST-EXEC: bro -b -r $TRACES/smtp.trace %INPUT
# @TEST-EXEC: btest-diff smtp.log
# @TEST-EXEC: btest-diff files.log
@load base/protocols/smtp