mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 06:38:20 +00:00
0c875220e9
In the past, we used a default canonifier, which removes everything that looks like a timestamp from log files. The goal of this is to prevent logs from changing, e.g., due to local system times ending up in log files. This, however, also has the side-effect of removing information that is parsed from protocols which probably should be part of our tests. There is at least one test (1999 certificates) where the entire test output was essentially removed by the canonifier. GH-4521 was similarly masked by this. This commit changes the default canonifier, so that only the first timestamp in a line is removed. This should skip timestamps that are likely to change while keeping timestamps that are parsed from protocol information. A pass has been made over the tests, with some additional adjustments for cases which require the old canonifier. There are some cases in which we probably could go further and not remove timestamps at all - that, however, seems like a follow-up project. |
||
|---|---|---|
| .. | ||
| benchmark/broker | ||
| btest | ||
| builtin-plugins | ||
| coverage | ||
| external | ||
| scripts | ||
| .gitignore | ||
| CMakeLists.txt | ||
| Makefile | ||
| README | ||
This directory contains suites for testing for Zeek's correct
operation:
btest/
An ever-growing set of small unit tests testing Zeek's
functionality.
external/
A framework for downloading additional test sets that run more
complex Zeek configuration on larger traces files. Due to their
size, these are not included directly. See the README for more
information.
scripts/
Helpers scripts used by some tests.