Test case for a dynamic log writer.

cmake

@@ -1 +1 @@
-Subproject commit fb67896d2c3fe61c6479e78c3e9b12de8637be87
+Subproject commit f2e8ba6b90b3a2da9f1f77c55d0e718c25376bbb

testing/btest/Baseline/plugins.writer/output

@@ -0,0 +1,22 @@
+Demo::Foo - A Foo test logging writer (dynamic, version 1.0)
+    [Writer] Foo (Log::WRITER_FOO)
+
+===
+[packet_filter] 1406831942.605829|bro|ip or not ip|T|T
+[conn] 1340213005.165293|CXWv6p3arKYeMETxOg|10.0.0.55|53994|60.190.189.214|8124|tcp|-|4.314406|0|0|S0|-|0|S|5|320|0|0|
+[tunnel] 1340213015.276495|-|10.0.0.55|0|60.190.189.214|8124|Tunnel::SOCKS|Tunnel::DISCOVER
+[socks] 1340213015.276495|CjhGID4nQcgTWjvg4c|10.0.0.55|53994|60.190.189.214|8124|5|-|succeeded|-|www.osnews.com|80|192.168.0.31|-|2688
+[http] 1340213019.013158|CjhGID4nQcgTWjvg4c|10.0.0.55|53994|60.190.189.214|8124|1|GET|www.osnews.com|/images/printer2.gif|http://www.osnews.com/|Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20100101 Firefox/10.0.2|0|0|304|Not Modified|-|-|-||-|-|-|-|-|-|-
+[http] 1340213019.013426|CjhGID4nQcgTWjvg4c|10.0.0.55|53994|60.190.189.214|8124|2|GET|www.osnews.com|/img2/shorturl.jpg|http://www.osnews.com/|Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20100101 Firefox/10.0.2|0|0|304|Not Modified|-|-|-||-|-|-|-|-|-|-
+[http] 1340213019.580162|CjhGID4nQcgTWjvg4c|10.0.0.55|53994|60.190.189.214|8124|3|GET|www.osnews.com|/images/icons/9.gif|http://www.osnews.com/|Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20100101 Firefox/10.0.2|0|0|304|Not Modified|-|-|-||-|-|-|-|-|-|-
+[http] 1340213020.155861|CjhGID4nQcgTWjvg4c|10.0.0.55|53994|60.190.189.214|8124|4|GET|www.osnews.com|/images/icons/26.gif|http://www.osnews.com/|Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20100101 Firefox/10.0.2|0|1368|200|OK|-|-|-||-|-|-|-|-|FBtZ7y1ppK8iIeY622|image/gif
+[files] 1340213020.732581|FBtZ7y1ppK8iIeY622|60.190.189.214|10.0.0.55|CjhGID4nQcgTWjvg4c|HTTP|0||image/gif|-|0.000000|-|F|1368|1368|0|0|F|-|-|-|-|-
+[http] 1340213020.732963|CjhGID4nQcgTWjvg4c|10.0.0.55|53994|60.190.189.214|8124|5|GET|www.osnews.com|/images/icons/17.gif|http://www.osnews.com/|Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20100101 Firefox/10.0.2|0|0|304|Not Modified|-|-|-||-|-|-|-|-|-|-
+[http] 1340213021.300269|CjhGID4nQcgTWjvg4c|10.0.0.55|53994|60.190.189.214|8124|6|GET|www.osnews.com|/images/left.gif|http://www.osnews.com/|Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20100101 Firefox/10.0.2|0|0|304|Not Modified|-|-|-||-|-|-|-|-|-|-
+[conn] 1340213010.582723|CjhGID4nQcgTWjvg4c|10.0.0.55|53994|60.190.189.214|8124|tcp|http,socks|13.839419|3860|2934|SF|-|0|ShADadfF|23|5080|20|3986|
+[http] 1340213021.861584|CjhGID4nQcgTWjvg4c|10.0.0.55|53994|60.190.189.214|8124|7|GET|www.osnews.com|/images/icons/32.gif|http://www.osnews.com/|Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:10.0.2) Gecko/20100101 Firefox/10.0.2|0|0|304|Not Modified|-|-|-||-|-|-|-|-|-|-
+[conn] 1340213048.780152|CCvvfg3TEfuqmmG4bh|10.0.0.55|53994|60.190.189.214|8124|tcp|-|-|-|-|SH|-|0|F|1|52|0|0|
+[conn] 1340213097.272764|CsRx2w45OKnoww6xl4|10.0.0.55|53994|60.190.189.214|8124|tcp|-|-|-|-|SH|-|0|F|1|52|0|0|
+[conn] 1340213162.160367|CRJuHdVW0XPVINV8a|10.0.0.55|53994|60.190.189.214|8124|tcp|-|-|-|-|SH|-|0|F|1|52|0|0|
+[conn] 1340213226.561757|CPbrpk1qSsw6ESzHV4|10.0.0.55|53994|60.190.189.214|8124|tcp|-|-|-|-|SH|-|0|F|1|52|0|0|
+[conn] 1340213290.981995|C6pKV8GSxOnSLghOa|10.0.0.55|53994|60.190.189.214|8124|tcp|-|-|-|-|SH|-|0|F|1|52|0|0|

testing/btest/plugins/writer-plugin/CMakeLists.txt

@@ -0,0 +1,17 @@
+
+project(Bro-Plugin-Demo-Foo)
+
+cmake_minimum_required(VERSION 2.6.3)
+
+if ( NOT BRO_DIST )
+    message(FATAL_ERROR "BRO_DIST not set")
+endif ()
+
+set(CMAKE_MODULE_PATH ${BRO_DIST}/cmake)
+
+include(BroPlugin)
+
+bro_plugin_begin(Demo Foo)
+bro_plugin_cc(src/Plugin.cc)
+bro_plugin_cc(src/Foo.cc)
+bro_plugin_end()

testing/btest/plugins/writer-plugin/src/Foo.cc

@@ -0,0 +1,31 @@
+
+#include "Foo.h"
+
+using namespace logging;
+using namespace writer;
+
+bool Foo::DoInit(const WriterInfo& info, int num_fields,
+	    const threading::Field* const * fields)
+	{
+	desc.EnableEscaping();
+	desc.AddEscapeSequence("|");
+    threading::formatter::Ascii::SeparatorInfo sep_info("|", ",", "-", "");
+    formatter = new threading::formatter::Ascii(this, sep_info);
+    path = info.path;
+
+	return true;
+	}
+
+bool Foo::DoWrite(int num_fields, const threading::Field* const* fields,
+                   threading::Value** vals)
+	{
+	desc.Clear();
+
+	if ( ! formatter->Describe(&desc, num_fields, fields, vals) )
+		return false;
+
+    printf("[%s] %s\n", path.c_str(), desc.Description());
+
+    return true;
+	}
+

testing/btest/plugins/writer-plugin/src/Foo.h

@@ -0,0 +1,39 @@
+
+#ifndef BRO_PLUGIN_DEMO_FOO_H
+#define BRO_PLUGIN_DEMO_FOO_H
+
+#include "logging/WriterBackend.h"
+#include "threading/formatters/Ascii.h"
+
+namespace logging { namespace writer {
+
+class Foo : public WriterBackend {
+public:
+	Foo(WriterFrontend* frontend) : WriterBackend(frontend)	{}
+	~Foo()	{};
+
+	static WriterBackend* Instantiate(WriterFrontend* frontend)
+		{ return new Foo(frontend); }
+
+protected:
+	virtual bool DoInit(const WriterInfo& info, int num_fields,
+			    const threading::Field* const * fields);
+
+	virtual bool DoWrite(int num_fields, const threading::Field* const* fields,
+			     threading::Value** vals);
+	virtual bool DoSetBuf(bool enabled)	{ return true; }
+	virtual bool DoRotate(const char* rotated_path, double open,
+			      double close, bool terminating) { return true; }
+	virtual bool DoFlush(double network_time)	{ return true; }
+	virtual bool DoFinish(double network_time)	{ return true; }
+	virtual bool DoHeartbeat(double network_time, double current_time)	{ return true; }
+
+private:
+    string path;
+	ODesc desc;
+	threading::formatter::Formatter* formatter;
+};
+
+} }
+
+#endif

testing/btest/plugins/writer-plugin/src/Plugin.cc

@@ -0,0 +1,19 @@
+#include "Plugin.h"
+
+#include "Foo.h"
+
+namespace plugin { namespace Demo_Foo { Plugin plugin; } }
+
+using namespace plugin::Demo_Foo;
+
+plugin::Configuration Plugin::Configure()
+	{
+	AddComponent(new ::logging::Component("Foo", ::logging::writer::Foo::Instantiate));
+
+	plugin::Configuration config;
+	config.name = "Demo::Foo";
+	config.description = "A Foo test logging writer";
+	config.version.major = 1;
+	config.version.minor = 0;
+	return config;
+	}

testing/btest/plugins/writer-plugin/src/Plugin.h

@@ -0,0 +1,22 @@
+
+#ifndef BRO_PLUGIN_DEMO_FOO
+#define BRO_PLUGIN_DEMO_FOO
+
+#include <plugin/Plugin.h>
+
+namespace plugin {
+namespace Demo_Foo {
+
+class Plugin : public ::plugin::Plugin
+{
+protected:
+	// Overridden from plugin::Plugin.
+	virtual plugin::Configuration Configure();
+};
+
+extern Plugin plugin;
+
+}
+}
+
+#endif

testing/btest/plugins/writer.bro

@@ -0,0 +1,8 @@
+# @TEST-EXEC: ${DIST}/aux/bro-aux/plugin-support/init-plugin Demo Foo
+# @TEST-EXEC: cp -r %DIR/writer-plugin/* .
+# @TEST-EXEC: make BRO=${DIST}
+# @TEST-EXEC: BRO_PLUGIN_PATH=`pwd` bro -NN Demo::Foo >>output
+# @TEST-EXEC: echo === >>output
+# @TEST-EXEC: BRO_PLUGIN_PATH=`pwd` bro -r $TRACES/socks.trace Log::default_writer=Log::WRITER_FOO %INPUT >>output
+# @TEST-EXEC: TEST_DIFF_CANONIFIER= btest-diff output
+