zeek/testing at 6d19c49efe57f3e72d7716bc28d35fd5490cc548 - Mirror/zeek

mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00

History

Arne Welzel 6d19c49efe intel/seen/file-names: Use file_over_new_connection() The seen/file-names script relies on f$info$filename to be populated. For HTTP and other network protocols, however, this field is only populated during file_over_new_connection() that's running after file_new(). Use the file_new() event only for files without connections and file_over_new_connection() implies that f$conns is populated, anyway. Special case SMB to avoid finding files twice, because there's a custom implementation in seen/smb-filenames.zeek. Fixes #2647		2023-01-10 10:10:28 +01:00
..
benchmark/broker	Port Zeek to latest Broker API	2022-04-27 23:02:27 +02:00
btest	intel/seen/file-names: Use file_over_new_connection()	2023-01-10 10:10:28 +01:00
coverage	Spelling testing	2022-11-16 20:05:03 -05:00
external	Bump cluster testsuite to pull in get-id-value robustness fixes	2022-12-12 19:51:26 -08:00
scripts	spelling: repetitions	2022-11-18 10:26:33 -05:00
.gitignore
CMakeLists.txt	Install Zeek's btest tooling with the distribution	2021-03-11 13:00:15 -08:00
Makefile
README	More bro-to-zeek renaming in the unit tests	2019-05-16 02:27:54 -05:00

README

This directory contains suites for testing for Zeek's correct
operation:

    btest/
        An ever-growing set of small unit tests testing Zeek's
        functionality.

    external/
        A framework for downloading additional test sets that run more
        complex Zeek configuration on larger traces files. Due to their
        size, these are not included directly. See the README for more
        information. 

    scripts/
        Helpers scripts used by some tests.