Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-03 15:18:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/testing/btest/scripts/policy/frameworks/software/version-changes.zeek

39 lines
985 B
Text
Raw Blame History

# @TEST-EXEC: zeek -b %INPUT
# @TEST-EXEC: btest-diff software.log
# @TEST-EXEC: btest-diff notice.log
@load base/frameworks/software
@load policy/frameworks/software/version-changes
const fake_software_name = "my_fake_software";
redef Software::asset_tracking = ALL_HOSTS;
redef Software::interesting_version_changes += {fake_software_name};
global versions: vector of string = vector("1.0.0", "1.1.0", "1.2.0", "1.0.0");
global version_index = 0;
global c = 0;
event new_software()
{
local v = versions[version_index];
local cid = conn_id($orig_h = 127.0.0.1, $orig_p = 22/tcp,
$resp_h = 127.0.0.1, $resp_p = 22/tcp, $proto = 6);
local si = Software::Info($name=fake_software_name,
$unparsed_version=fmt("%s %s", fake_software_name, v),
$host=127.0.0.1);
Software::found(cid, si);
++version_index;
++c;
if ( version_index >= |versions| )
version_index = 0;
if ( c < 10 )
event new_software();
}
event zeek_init()
{
event new_software();
}
Reference in a new issue View git blame Copy permalink