mirror of
https://github.com/zeek/zeek.git
synced 2025-10-08 17:48:21 +00:00
1f64bb2870
This adds a flag to enable using the storage framework instead of Broker stores, plus a btest for both broker and the the storage framework.
58 lines
2.4 KiB
Text
58 lines
2.4 KiB
Text
# @TEST-DOC: A basic test of the known-services script's logging and asset_tracking options
|
|
|
|
# Don't run for C++ scripts because there's no script to compile.
|
|
# @TEST-REQUIRES: test "${ZEEK_USE_CPP}" != "1"
|
|
|
|
# @TEST-EXEC: zeek -r $TRACES/var-services-std-ports.trace %INPUT Known::service_tracking=LOCAL_HOSTS
|
|
# @TEST-EXEC: mv known_services.log knownservices-local.log
|
|
# @TEST-EXEC: btest-diff knownservices-local.log
|
|
|
|
# @TEST-EXEC: zeek -r $TRACES/var-services-std-ports.trace %INPUT Known::service_tracking=REMOTE_HOSTS
|
|
# @TEST-EXEC: mv known_services.log knownservices-remote.log
|
|
# @TEST-EXEC: btest-diff knownservices-remote.log
|
|
|
|
# @TEST-EXEC: zeek -r $TRACES/var-services-std-ports.trace %INPUT Known::service_tracking=ALL_HOSTS
|
|
# @TEST-EXEC: mv known_services.log knownservices-all.log
|
|
# @TEST-EXEC: btest-diff knownservices-all.log
|
|
|
|
# @TEST-EXEC: zeek -r $TRACES/var-services-std-ports.trace %INPUT Known::service_tracking=NO_HOSTS
|
|
# @TEST-EXEC: test '!' -e known_services.log
|
|
|
|
# @TEST-EXEC: zeek -r $TRACES/var-services-std-ports.trace %INPUT broker-store-config.zeek
|
|
# @TEST-EXEC: mv known_services.log knownservices-broker-store.log
|
|
# @TEST-EXEC: btest-diff knownservices-broker-store.log
|
|
|
|
# @TEST-EXEC: zeek -r $TRACES/var-services-std-ports.trace %INPUT storage-framework-config.zeek
|
|
# @TEST-EXEC: mv known_services.log knownservices-storage-framework.log
|
|
# @TEST-EXEC: btest-diff knownservices-storage-framework.log
|
|
|
|
# @TEST-EXEC: cat knownservices-broker-store.log | $SCRIPTS/diff-remove-timestamps > broker-store.log
|
|
# @TEST-EXEC: cat knownservices-storage-framework.log | $SCRIPTS/diff-remove-timestamps > storage-framework.log
|
|
# @TEST-EXEC: diff broker-store.log storage-framework.log > logs-diff.txt
|
|
# @TEST-EXEC: btest-diff logs-diff.txt
|
|
|
|
@load protocols/conn/known-services
|
|
|
|
redef Site::local_nets += {172.16.238.0/24};
|
|
|
|
# @TEST-START-FILE broker-store-config.zeek
|
|
|
|
redef Known::service_tracking=ALL_HOSTS;
|
|
redef Known::use_service_store=T;
|
|
redef Known::use_storage_framework=F;
|
|
|
|
# @TEST-END-FILE
|
|
|
|
# @TEST-START-FILE storage-framework-config.zeek
|
|
|
|
@load policy/frameworks/storage/backend/sqlite
|
|
|
|
redef Known::service_tracking=ALL_HOSTS;
|
|
redef Known::use_service_store=T;
|
|
redef Known::use_storage_framework=T;
|
|
|
|
redef Known::service_store_backend_type = Storage::STORAGE_BACKEND_SQLITE;
|
|
redef Known::service_store_backend_options = [ $sqlite = [
|
|
$database_path="test.sqlite", $table_name=Known::service_store_prefix ]];
|
|
|
|
# @TEST-END-FILE
|