mirror of
https://github.com/zeek/zeek.git
synced 2025-10-07 17:18:20 +00:00
Merge remote-tracking branch 'origin/master' into topic/seth/metrics-merge
This commit is contained in:
Seth Hall
commit
f8be65ca56
111 changed files with 1596 additions and 810 deletions
|
|
@ -1,7 +1,9 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff out
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
@TEST-START-FILE input.log
|
||||
#separator \x09
|
||||
#path ssh
|
||||
|
|
|
|||
|
|
@ -1,7 +1,9 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff out
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
@TEST-START-FILE input.log
|
||||
#separator \x09
|
||||
#fields i c
|
||||
|
|
|
|||
|
|
@ -1,7 +1,9 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff out
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
redef InputAscii::separator = "|";
|
||||
redef InputAscii::set_separator = ",";
|
||||
redef InputAscii::empty_field = "(empty)";
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
# @TEST-EXEC: cp input1.log input.log
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: sleep 2
|
||||
# @TEST-EXEC: cp input2.log input.log
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
|
|
@ -20,6 +20,10 @@
|
|||
2 TEST TEST
|
||||
@TEST-END-FILE
|
||||
|
||||
@load base/frameworks/communication # let network-time run
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
module A;
|
||||
|
||||
type Idx: record {
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff out
|
||||
|
||||
|
|
@ -11,6 +11,8 @@ T 1
|
|||
- 2
|
||||
@TEST-END-FILE
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
|
||||
redef InputAscii::empty_field = "EMPTY";
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff out
|
||||
|
||||
|
|
@ -16,6 +16,8 @@
|
|||
7 T
|
||||
@TEST-END-FILE
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
|
||||
module A;
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: cat out.tmp | sed 's/^ *//g' >out
|
||||
# @TEST-EXEC: btest-diff out
|
||||
|
|
@ -14,6 +14,8 @@ sdf
|
|||
3rw43wRRERLlL#RWERERERE.
|
||||
@TEST-END-FILE
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
|
||||
type Val: record {
|
||||
|
|
|
|||
|
|
@ -1,8 +1,8 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff out
|
||||
# @TEST-EXEC: sed 1d .stderr > .stderrwithoutfirstline
|
||||
# @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-abspath | $SCRIPTS/diff-remove-timestamps" btest-diff .stderrwithoutfirstline
|
||||
# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff .stderrwithoutfirstline
|
||||
|
||||
@TEST-START-FILE input.log
|
||||
#separator \x09
|
||||
|
|
@ -14,6 +14,8 @@ Justtext 1
|
|||
9223372036854775800 -18446744073709551612
|
||||
@TEST-END-FILE
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
|
||||
module A;
|
||||
|
|
|
|||
|
|
@ -1,8 +1,8 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff out
|
||||
# @TEST-EXEC: sed 1d .stderr > .stderrwithoutfirstline
|
||||
# @TEST-EXEC: TEST_DIFF_CANONIFIER="$SCRIPTS/diff-remove-abspath | $SCRIPTS/diff-remove-timestamps" btest-diff .stderrwithoutfirstline
|
||||
# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-remove-abspath btest-diff .stderrwithoutfirstline
|
||||
|
||||
@TEST-START-FILE input.log
|
||||
#separator \x09
|
||||
|
|
@ -12,6 +12,8 @@
|
|||
5
|
||||
@TEST-END-FILE
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
|
||||
module A;
|
||||
|
|
|
|||
|
|
@ -1,7 +1,9 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff bro/.stderr
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
global try: count;
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff out
|
||||
|
||||
|
|
@ -10,6 +10,8 @@
|
|||
T -42
|
||||
@TEST-END-FILE
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
|
||||
redef InputAscii::empty_field = "EMPTY";
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff out
|
||||
|
||||
|
|
@ -10,6 +10,8 @@
|
|||
T -42
|
||||
@TEST-END-FILE
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
|
||||
redef InputAscii::empty_field = "EMPTY";
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff out
|
||||
|
||||
|
|
@ -16,6 +16,8 @@
|
|||
7 T
|
||||
@TEST-END-FILE
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
|
||||
redef InputAscii::empty_field = "EMPTY";
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff out
|
||||
|
||||
|
|
@ -9,6 +9,8 @@
|
|||
1.2.3.6 30 unknown
|
||||
@TEST-END-FILE
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
|
||||
redef InputAscii::empty_field = "EMPTY";
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff out
|
||||
#
|
||||
|
|
@ -20,6 +20,8 @@
|
|||
7 T
|
||||
@TEST-END-FILE
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
|
||||
redef InputAscii::empty_field = "EMPTY";
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff out
|
||||
|
||||
|
|
@ -16,6 +16,8 @@
|
|||
7 T
|
||||
@TEST-END-FILE
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
|
||||
redef InputAscii::empty_field = "EMPTY";
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff out
|
||||
|
||||
|
|
@ -11,6 +11,8 @@
|
|||
2 T test2 idx2
|
||||
@TEST-END-FILE
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
|
||||
redef InputAscii::empty_field = "EMPTY";
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
# @TEST-EXEC: cp input1.log input.log
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: sleep 2
|
||||
# @TEST-EXEC: cp input2.log input.log
|
||||
# @TEST-EXEC: sleep 2
|
||||
|
|
@ -55,6 +55,10 @@
|
|||
1 T test1 idx1
|
||||
@TEST-END-FILE
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
@load base/frameworks/communication # let network-time run
|
||||
|
||||
redef InputAscii::empty_field = "EMPTY";
|
||||
|
||||
module A;
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff out
|
||||
|
||||
|
|
@ -14,6 +14,8 @@ need-to-know 8c864306-d21a-37b1-8705-746a786719bf medium 95 1342569600 1.228.83.
|
|||
need-to-know 8c864306-d21a-37b1-8705-746a786719bf medium 65 1342656000 1.228.83.33 - - 9318 HANARO-AS Hanaro Telecom Inc. 1.224.0.0/13 apnic KR spam infrastructure spamming;malware domain public http://reputation.alienvault.com/reputation.generic
|
||||
@TEST-END-FILE
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
|
||||
redef InputAscii::empty_field = "EMPTY";
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff out
|
||||
|
||||
|
|
@ -13,6 +13,8 @@ sdf
|
|||
3rw43wRRERLlL#RWERERERE.
|
||||
@TEST-END-FILE
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
global try: count;
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-sort btest-diff out
|
||||
|
||||
|
|
@ -10,6 +10,8 @@
|
|||
1 T
|
||||
@TEST-END-FILE
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
global try: count;
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
# @TEST-EXEC: cp input1.log input.log
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: sleep 2
|
||||
# @TEST-EXEC: cp input2.log input.log
|
||||
# @TEST-EXEC: sleep 2
|
||||
|
|
@ -56,7 +56,9 @@ F -48 SSH::LOG 21 123 10.0.0.0/24 1.2.3.4 3.14 1315801931.273616 100.000000 hurz
|
|||
@TEST-END-FILE
|
||||
|
||||
@load base/protocols/ssh
|
||||
@load base/frameworks/communication # let network-time run
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
redef InputAscii::empty_field = "EMPTY";
|
||||
|
||||
module A;
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff out
|
||||
|
||||
|
|
@ -13,6 +13,8 @@ sdf
|
|||
3rw43wRRERLlL#RWERERERE.
|
||||
@TEST-END-FILE
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
global try: count;
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-sort btest-diff out
|
||||
|
||||
|
|
@ -13,6 +13,8 @@
|
|||
192.168.17.42
|
||||
@TEST-END-FILE
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
|
||||
redef InputAscii::empty_field = "EMPTY";
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-sort btest-diff out
|
||||
|
||||
|
|
@ -10,6 +10,8 @@
|
|||
|
||||
redef InputAscii::set_separator = "|";
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
|
||||
module A;
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: TEST_DIFF_CANONIFIER=$SCRIPTS/diff-sort btest-diff out
|
||||
|
||||
|
|
@ -13,6 +13,9 @@
|
|||
6
|
||||
@TEST-END-FILE
|
||||
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
|
||||
module A;
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
# @TEST-EXEC: cp input1.log input.log
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: sleep 3
|
||||
# @TEST-EXEC: cat input2.log >> input.log
|
||||
# @TEST-EXEC: sleep 3
|
||||
|
|
@ -22,6 +22,7 @@ F -43 SSH::LOG 21 123 10.0.0.0/24 1.2.3.4 3.14 1315801931.273616 100.000000 hurz
|
|||
@TEST-END-FILE
|
||||
|
||||
@load base/protocols/ssh
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
redef InputAscii::empty_field = "EMPTY";
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
# @TEST-EXEC: cp input1.log input.log
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: sleep 3
|
||||
# @TEST-EXEC: cat input2.log >> input.log
|
||||
# @TEST-EXEC: sleep 3
|
||||
|
|
@ -7,6 +7,8 @@
|
|||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff out
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
@TEST-START-FILE input1.log
|
||||
sdfkh:KH;fdkncv;ISEUp34:Fkdj;YVpIODhfDF
|
||||
@TEST-END-FILE
|
||||
|
|
@ -24,6 +26,8 @@ sdf
|
|||
3rw43wRRERLlL#RWERERERE.
|
||||
@TEST-END-FILE
|
||||
|
||||
@load base/frameworks/communication # let network-time run
|
||||
|
||||
module A;
|
||||
|
||||
type Val: record {
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff out
|
||||
|
||||
|
|
@ -11,6 +11,7 @@ T -42 SSH::LOG 21 123 10.0.0.0/24 1.2.3.4 3.14 1315801931.273616 100.000000 hurz
|
|||
@TEST-END-FILE
|
||||
|
||||
@load base/protocols/ssh
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
global try: count;
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff out
|
||||
|
||||
|
|
@ -11,6 +11,7 @@ T -42 SSH::LOG 21 123 10.0.0.0/24 1.2.3.4 3.14 1315801931.273616 100.000000 hurz
|
|||
@TEST-END-FILE
|
||||
|
||||
@load base/protocols/ssh
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff out
|
||||
|
||||
|
|
@ -16,6 +16,8 @@
|
|||
7 T
|
||||
@TEST-END-FILE
|
||||
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
global try: count;
|
||||
|
||||
|
|
|
|||
|
|
@ -1,5 +1,5 @@
|
|||
# @TEST-EXEC: cp input1.log input.log
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: sleep 5
|
||||
# @TEST-EXEC: cp input3.log input.log
|
||||
# @TEST-EXEC: btest-bg-wait -k 10
|
||||
|
|
@ -31,6 +31,7 @@ F -44 SSH::LOG 21 123 10.0.0.0/24 1.2.3.4 3.14 1315801931.273616 100.000000 hurz
|
|||
@TEST-END-FILE
|
||||
|
||||
@load base/protocols/ssh
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
redef InputAscii::empty_field = "EMPTY";
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
# @TEST-EXEC: btest-bg-run bro bro -b --pseudo-realtime -r $TRACES/socks.trace %INPUT
|
||||
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
||||
# @TEST-EXEC: btest-bg-wait -k 5
|
||||
# @TEST-EXEC: btest-diff out
|
||||
|
||||
|
|
@ -11,6 +11,7 @@ whatever T -42 SSH::LOG 21 123 10.0.0.0/24 1.2.3.4 3.14 1315801931.273616 100.00
|
|||
@TEST-END-FILE
|
||||
|
||||
@load base/protocols/ssh
|
||||
redef exit_only_after_terminate = T;
|
||||
|
||||
global outfile: file;
|
||||
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue