Adapt zeek-aux btests to zeek structure

This updates Baselines, changes paths to scripts and log files, adds TEST-DOC annotations, and various other cleanups that make the zeek-aux tests more like the rest of the zeek tests.
2025-10-02 06:38:20 +00:00 · 2025-08-11 10:17:05 -07:00 · 2025-08-11 10:17:05 -07:00 · d7ba381d12
commit d7ba381d12
parent 7887451a66
61 changed files with 311 additions and 326 deletions
--- a/testing/btest/zeek-aux/zeek-cut/time-header.test
+++ b/testing/btest/zeek-aux/zeek-cut/time-header.test
@ -1,30 +1,30 @@
-# Test zeek-cut with both time conversion and show header options.
+# @TEST-DOC: Test zeek-cut with both time conversion and show header options.
 #

 # Time format string does not affect the header timestamps.
-# @TEST-EXEC: cat $LOGS/test.log | zeek-cut -C -U "%H %M %y %m %d" > utc-fmt
-# @TEST-EXEC: btest-diff utc-fmt
+# @TEST-EXEC: cat ${ZEEK_AUX_LOGS}/test.log | zeek-cut -C -U "%H %M %y %m %d" > utc-fmt
+# @TEST-EXEC: TEST_DIFF_CANONIFIER= btest-diff utc-fmt

 # Log file uses non-default field separator.
-# @TEST-EXEC: cat $LOGS/conncomma.log | zeek-cut -C -d proto ts id.orig_h > nondefault-separator
-# @TEST-EXEC: btest-diff nondefault-separator
+# @TEST-EXEC: cat ${ZEEK_AUX_LOGS}/conncomma.log | zeek-cut -C -d proto ts id.orig_h > nondefault-separator
+# @TEST-EXEC: TEST_DIFF_CANONIFIER= btest-diff nondefault-separator

 # Field separator changes between two log files.
-# @TEST-EXEC: cat $LOGS/conn.log $LOGS/conncomma.log | zeek-cut -C -d proto ts id.orig_h > different-field-separator
-# @TEST-EXEC: btest-diff different-field-separator
+# @TEST-EXEC: cat ${ZEEK_AUX_LOGS}/conn.log ${ZEEK_AUX_LOGS}/conncomma.log | zeek-cut -C -d proto ts id.orig_h > different-field-separator
+# @TEST-EXEC: TEST_DIFF_CANONIFIER= btest-diff different-field-separator

 # Column order changes between two log files.
-# @TEST-EXEC: cat $LOGS/conn.log $LOGS/conntimelast.log | zeek-cut -C -d proto ts id.orig_h > different-col-order
-# @TEST-EXEC: btest-diff different-col-order
+# @TEST-EXEC: cat ${ZEEK_AUX_LOGS}/conn.log ${ZEEK_AUX_LOGS}/conntimelast.log | zeek-cut -C -d proto ts id.orig_h > different-col-order
+# @TEST-EXEC: TEST_DIFF_CANONIFIER= btest-diff different-col-order

 # One file has timestamps and one file does not.
-# @TEST-EXEC: cat $LOGS/conn.log $LOGS/onecolumn.log | zeek-cut -C -d ts id.orig_h > missing-ts-one-file
-# @TEST-EXEC: btest-diff missing-ts-one-file
+# @TEST-EXEC: cat ${ZEEK_AUX_LOGS}/conn.log ${ZEEK_AUX_LOGS}/onecolumn.log | zeek-cut -C -d ts id.orig_h > missing-ts-one-file
+# @TEST-EXEC: TEST_DIFF_CANONIFIER= btest-diff missing-ts-one-file

 # Specify ts twice.
-# @TEST-EXEC: cat $LOGS/conn.log | zeek-cut -C -d ts id.orig_h ts > ts-twice
-# @TEST-EXEC: btest-diff ts-twice
+# @TEST-EXEC: cat ${ZEEK_AUX_LOGS}/conn.log | zeek-cut -C -d ts id.orig_h ts > ts-twice
+# @TEST-EXEC: TEST_DIFF_CANONIFIER= btest-diff ts-twice

 # File has more than one time column.
-# @TEST-EXEC: cat $LOGS/multiple-times.log | zeek-cut -C -d proto ts2 ts1 > multiple-times
-# @TEST-EXEC: btest-diff multiple-times
+# @TEST-EXEC: cat ${ZEEK_AUX_LOGS}/multiple-times.log | zeek-cut -C -d proto ts2 ts1 > multiple-times
+# @TEST-EXEC: TEST_DIFF_CANONIFIER= btest-diff multiple-times