diff --git a/testing/btest/Baseline/scripts.base.frameworks.logging.ascii-logdir/ssh-filtered.log b/testing/btest/Baseline/scripts.base.frameworks.logging.ascii-logdir/ssh-filtered.log
new file mode 100644
index 0000000000..981cb7e1dc
--- /dev/null
+++ b/testing/btest/Baseline/scripts.base.frameworks.logging.ascii-logdir/ssh-filtered.log
@@ -0,0 +1,13 @@
+### BTest baseline data generated by btest-diff. Do not edit. Use "btest -U/-u" to update. Requires BTest >= 0.63.
+PREFIX<>separator |
+PREFIX<>set_separator|,
+PREFIX<>empty_field|EMPTY
+PREFIX<>unset_field|NOT-SET
+PREFIX<>path|ssh
+PREFIX<>fields|t|id.orig_h|id.orig_p|id.resp_h|id.resp_p|status|country|b
+PREFIX<>types|time|addr|port|addr|port|string|string|bool
+XXXXXXXXXX.XXXXXX|1.2.3.4|1234|2.3.4.5|80|success|unknown|NOT-SET
+XXXXXXXXXX.XXXXXX|1.2.3.4|1234|2.3.4.5|80|NOT-SET|US|NOT-SET
+XXXXXXXXXX.XXXXXX|1.2.3.4|1234|2.3.4.5|80|failure|UK|NOT-SET
+XXXXXXXXXX.XXXXXX|1.2.3.4|1234|2.3.4.5|80|NOT-SET|BR|NOT-SET
+XXXXXXXXXX.XXXXXX|1.2.3.4|1234|2.3.4.5|80|failure|EMPTY|T
diff --git a/testing/btest/scripts/base/frameworks/logging/ascii-logdir.zeek b/testing/btest/scripts/base/frameworks/logging/ascii-logdir.zeek
new file mode 100644
index 0000000000..91190980ca
--- /dev/null
+++ b/testing/btest/scripts/base/frameworks/logging/ascii-logdir.zeek
@@ -0,0 +1,39 @@
+#
+# @TEST-EXEC: mkdir logdir
+# @TEST-EXEC: zeek -b %INPUT LogAscii::logdir=logdir
+# @TEST-EXEC: cat logdir/ssh.log | grep -v PREFIX.*20..- >ssh-filtered.log
+# @TEST-EXEC: btest-diff ssh-filtered.log
+
+redef LogAscii::output_to_stdout = F;
+redef LogAscii::separator = "|";
+redef LogAscii::empty_field = "EMPTY";
+redef LogAscii::unset_field = "NOT-SET";
+redef LogAscii::meta_prefix = "PREFIX<>";
+
+module SSH;
+
+export {
+	redef enum Log::ID += { LOG };
+
+	type Log: record {
+		t: time;
+		id: conn_id; # Will be rolled out into individual columns.
+		status: string &optional;
+		country: string &default="unknown";
+		b: bool &optional;
+	} &log;
+}
+
+event zeek_init()
+{
+	Log::create_stream(SSH::LOG, [$columns=Log]);
+
+    local cid = [$orig_h=1.2.3.4, $orig_p=1234/tcp, $resp_h=2.3.4.5, $resp_p=80/tcp];
+
+	Log::write(SSH::LOG, [$t=network_time(), $id=cid, $status="success"]);
+	Log::write(SSH::LOG, [$t=network_time(), $id=cid, $country="US"]);
+	Log::write(SSH::LOG, [$t=network_time(), $id=cid, $status="failure", $country="UK"]);
+	Log::write(SSH::LOG, [$t=network_time(), $id=cid, $country="BR"]);
+	Log::write(SSH::LOG, [$t=network_time(), $id=cid, $b=T, $status="failure", $country=""]);
+
+}