From adcc978f14faa1c3a2df555da8ad5ff2c15bf6c8 Mon Sep 17 00:00:00 2001
From: Seth Hall <seth@icir.org>
Date: Wed, 13 Apr 2016 00:44:02 -0400
Subject: [PATCH] Add a file entropy test.

---
 .../scripts.base.files.entropy.basic/.stdout        |  1 +
 testing/btest/scripts/base/files/entropy/basic.test | 13 +++++++++++++
 2 files changed, 14 insertions(+)
 create mode 100644 testing/btest/Baseline/scripts.base.files.entropy.basic/.stdout
 create mode 100644 testing/btest/scripts/base/files/entropy/basic.test

diff --git a/testing/btest/Baseline/scripts.base.files.entropy.basic/.stdout b/testing/btest/Baseline/scripts.base.files.entropy.basic/.stdout
new file mode 100644
index 0000000000..0682a357e8
--- /dev/null
+++ b/testing/btest/Baseline/scripts.base.files.entropy.basic/.stdout
@@ -0,0 +1 @@
+[entropy=4.950189, chi_square=63750.814665, mean=80.496493, monte_carlo_pi=4.0, serial_correlation=0.395907]
diff --git a/testing/btest/scripts/base/files/entropy/basic.test b/testing/btest/scripts/base/files/entropy/basic.test
new file mode 100644
index 0000000000..2b867eb8cb
--- /dev/null
+++ b/testing/btest/scripts/base/files/entropy/basic.test
@@ -0,0 +1,13 @@
+# @TEST-EXEC: bro -r $TRACES/http/get.trace %INPUT
+# @TEST-EXEC: btest-diff .stdout
+
+
+event file_new(f: fa_file)
+	{
+	Files::add_analyzer(f, Files::ANALYZER_ENTROPY);
+	}
+
+event file_entropy(f: fa_file, ent: entropy_test_result)
+	{
+	print ent;
+	}
\ No newline at end of file