mirror of
https://github.com/zeek/zeek.git
synced 2025-10-03 15:18:20 +00:00
15d74ac081
Mostly trying to standardize the way tests sleep for arbitrary amounts of time to make it easier to tell at which particular point the unit test actually may need the timeout interval increased (or else debugged further).
89 lines
2.5 KiB
Text
89 lines
2.5 KiB
Text
# @TEST-EXEC: cp input1.log input.log
|
|
# @TEST-EXEC: btest-bg-run bro bro -b %INPUT
|
|
# @TEST-EXEC: $SCRIPTS/wait-for-file bro/got1 5 || (btest-bg-wait -k 1 && false)
|
|
# @TEST-EXEC: cat input2.log >> input.log
|
|
# @TEST-EXEC: $SCRIPTS/wait-for-file bro/got2 5 || (btest-bg-wait -k 1 && false)
|
|
# @TEST-EXEC: cat input3.log >> input.log
|
|
# @TEST-EXEC: btest-bg-wait 10
|
|
# @TEST-EXEC: btest-diff out
|
|
|
|
@TEST-START-FILE input1.log
|
|
#separator \x09
|
|
#path ssh
|
|
#fields b i e c p sn a d t iv s sc ss se vc ve f
|
|
#types bool int enum count port subnet addr double time interval string table table table vector vector func
|
|
T -42 SSH::LOG 21 123 10.0.0.0/24 1.2.3.4 3.14 1315801931.273616 100.000000 hurz 2,4,1,3 CC,AA,BB EMPTY 10,20,30 EMPTY SSH::foo\x0a{ \x0aif (0 < SSH::i) \x0a\x09return (Foo);\x0aelse\x0a\x09return (Bar);\x0a\x0a}
|
|
@TEST-END-FILE
|
|
@TEST-START-FILE input2.log
|
|
T -43 SSH::LOG 21 123 10.0.0.0/24 1.2.3.4 3.14 1315801931.273616 100.000000 hurz 2,4,1,3 CC,AA,BB EMPTY 10,20,30 EMPTY SSH::foo\x0a{ \x0aif (0 < SSH::i) \x0a\x09return (Foo);\x0aelse\x0a\x09return (Bar);\x0a\x0a}
|
|
@TEST-END-FILE
|
|
@TEST-START-FILE input3.log
|
|
F -43 SSH::LOG 21 123 10.0.0.0/24 1.2.3.4 3.14 1315801931.273616 100.000000 hurz 2,4,1,3 CC,AA,BB EMPTY 10,20,30 EMPTY SSH::foo\x0a{ \x0aif (0 < SSH::i) \x0a\x09return (Foo);\x0aelse\x0a\x09return (Bar);\x0a\x0a}
|
|
@TEST-END-FILE
|
|
|
|
@load base/protocols/ssh
|
|
redef exit_only_after_terminate = T;
|
|
|
|
redef InputAscii::empty_field = "EMPTY";
|
|
|
|
module A;
|
|
|
|
type Idx: record {
|
|
i: int;
|
|
};
|
|
|
|
type Val: record {
|
|
b: bool;
|
|
e: Log::ID;
|
|
c: count;
|
|
p: port;
|
|
sn: subnet;
|
|
a: addr;
|
|
d: double;
|
|
t: time;
|
|
iv: interval;
|
|
s: string;
|
|
sc: set[count];
|
|
ss: set[string];
|
|
se: set[string];
|
|
vc: vector of int;
|
|
ve: vector of int;
|
|
};
|
|
|
|
global servers: table[int] of Val = table();
|
|
|
|
global outfile: file;
|
|
|
|
global try: count;
|
|
|
|
event line(description: Input::TableDescription, tpe: Input::Event, left: Idx, right: Val)
|
|
{
|
|
print outfile, "============EVENT============";
|
|
print outfile, tpe;
|
|
print outfile, left;
|
|
print outfile, right;
|
|
print outfile, "============SERVERS============";
|
|
print outfile, servers;
|
|
|
|
try = try + 1;
|
|
|
|
if ( try == 1 )
|
|
system("touch got1");
|
|
else if ( try == 2 )
|
|
system("touch got2");
|
|
else if ( try == 3 )
|
|
{
|
|
print outfile, "done";
|
|
close(outfile);
|
|
Input::remove("input");
|
|
terminate();
|
|
}
|
|
}
|
|
|
|
event bro_init()
|
|
{
|
|
outfile = open("../out");
|
|
try = 0;
|
|
# first read in the old stuff into the table...
|
|
Input::add_table([$source="../input.log", $mode=Input::STREAM, $name="ssh", $idx=Idx, $val=Val, $destination=servers, $ev=line]);
|
|
}
|