mirror of
https://github.com/zeek/zeek.git
synced 2025-10-02 06:38:20 +00:00
7967a5b0aa
- Use `-b` most everywhere, it will save time. - Start some intel tests upon the input file being fully read instead of at an arbitrary time. - Improve termination condition for some sumstats/cluster tests. - Filter uninteresting output from some supervisor tests. - Test for `notice_policy.log` is no longer needed.
28 lines
744 B
Text
28 lines
744 B
Text
# @TEST-EXEC: zeek -b %INPUT >output
|
|
# @TEST-EXEC: btest-diff output
|
|
|
|
@load base/utils/thresholds
|
|
|
|
redef default_notice_thresholds = { 2, 4, 6, 8, 10 };
|
|
const my_thresholds: vector of count = { 2, 4, 6, 8, 10 };
|
|
const loop_v: vector of count = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 };
|
|
global track_count: TrackCount;
|
|
|
|
for ( i in loop_v )
|
|
{
|
|
print fmt("Iteration: %s, threshold check: %s", i,
|
|
check_threshold(my_thresholds, track_count));
|
|
print track_count;
|
|
++track_count$n;
|
|
}
|
|
|
|
track_count$n = 0; track_count$index = 0;
|
|
|
|
print "====================================";
|
|
for ( i in loop_v )
|
|
{
|
|
print fmt("Iteration: %s, threshold check: %s", i,
|
|
default_check_threshold(track_count));
|
|
print track_count;
|
|
++track_count$n;
|
|
}
|