Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-09 18:18:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge remote-tracking branch 'origin/master' into topic/seth/log-framework-ext

Browse source
This commit is contained in:
Seth Hall 2016-08-10 10:28:04 -04:00
commit a60ce35103
885 changed files with 141119 additions and 120109 deletions
Download patch file Download diff file Expand all files Collapse all files

29
testing/btest/scripts/base/frameworks/logging/ascii-double.bro Normal file
View file

@ -0,0 +1,29 @@
#
# @TEST-EXEC: bro -b %INPUT
# @TEST-EXEC: btest-diff test.log
#
# Make sure we do not write out scientific notation for doubles.
module Test;
export {
redef enum Log::ID += { LOG };
type Info: record {
d: double &log;
};
}
event bro_init()
{
Log::create_stream(Test::LOG, [$columns=Info]);
Log::write(Test::LOG, [$d=2153226000.0]);
Log::write(Test::LOG, [$d=2153226000.1]);
Log::write(Test::LOG, [$d=2153226000.123456789]);
Log::write(Test::LOG, [$d=1.0]);
Log::write(Test::LOG, [$d=1.1]);
Log::write(Test::LOG, [$d=1.123456789]);
Log::write(Test::LOG, [$d=1.1234]);
Log::write(Test::LOG, [$d=3.14e15]);
}

24
testing/btest/scripts/base/frameworks/logging/ascii-escape-empty-str.bro Normal file
View file

@ -0,0 +1,24 @@
#
# @TEST-EXEC: bro -b %INPUT
# @TEST-EXEC: btest-diff test.log
redef LogAscii::empty_field = "EMPTY";
module test;
export {
redef enum Log::ID += { LOG };
type Log: record {
ss: set[string];
} &log;
}
event bro_init()
{
Log::create_stream(test::LOG, [$columns=Log]);
Log::write(test::LOG, [
$ss=set("EMPTY")
]);
}

90
testing/btest/scripts/base/frameworks/logging/sqlite/simultaneous-writes.bro Normal file
View file

@ -0,0 +1,90 @@
# Test simultaneous writes to the same database file.
#
# @TEST-REQUIRES: which sqlite3
# @TEST-REQUIRES: has-writer Bro::SQLiteWriter
# @TEST-GROUP: sqlite
#
# @TEST-EXEC: bro -b %INPUT
# @TEST-EXEC: sqlite3 ssh.sqlite 'select * from ssh' > ssh.select
# @TEST-EXEC: sqlite3 ssh.sqlite 'select * from sshtwo' >> ssh.select
# @TEST-EXEC: btest-diff ssh.select
#
# Testing all possible types.
redef LogSQLite::unset_field = "(unset)";
module SSH;
export {
redef enum Log::ID += { LOG, LOG2 };
type Log: record {
b: bool;
i: int;
e: Log::ID;
c: count;
p: port;
sn: subnet;
a: addr;
d: double;
t: time;
iv: interval;
s: string;
sc: set[count];
ss: set[string];
se: set[string];
vc: vector of count;
ve: vector of string;
f: function(i: count) : string;
} &log;
}
function foo(i : count) : string
{
if ( i > 0 )
return "Foo";
else
return "Bar";
}
event bro_init()
{
Log::create_stream(SSH::LOG, [$columns=Log]);
Log::create_stream(SSH::LOG2, [$columns=Log]);
Log::remove_filter(SSH::LOG, "default");
Log::remove_filter(SSH::LOG2, "default");
local filter: Log::Filter = [$name="sqlite", $path="ssh", $config=table(["tablename"] = "ssh"), $writer=Log::WRITER_SQLITE];
Log::add_filter(SSH::LOG, filter);
local filter2 = copy(filter);
filter2$name = "sqlite2";
filter2$config = table(["tablename"] = "sshtwo");
Log::add_filter(SSH::LOG2, filter2);
local empty_set: set[string];
local empty_vector: vector of string;
local out = [
$b=T,
$i=-42,
$e=SSH::LOG,
$c=21,
$p=123/tcp,
$sn=10.0.0.1/24,
$a=1.2.3.4,
$d=3.14,
$t=network_time(),
$iv=100secs,
$s="hurz",
$sc=set(1,2,3,4),
$ss=set("AA", "BB", "CC"),
$se=empty_set,
$vc=vector(10, 20, 30),
$ve=empty_vector,
$f=foo
];
Log::write(SSH::LOG, out);
Log::write(SSH::LOG2, out);
}