run.py: allow matches on substrings in yaml

author Shivani Bhardwaj <shivanib134@gmail.com>

Wed, 14 Jun 2023 12:27:08 +0000 (17:57 +0530)

committer Jason Ish <jason.ish@oisf.net>

Tue, 20 Jun 2023 16:30:42 +0000 (10:30 -0600)
author Shivani Bhardwaj <shivanib134@gmail.com>
Wed, 14 Jun 2023 12:27:08 +0000 (17:57 +0530)
committer Jason Ish <jason.ish@oisf.net>
Tue, 20 Jun 2023 16:30:42 +0000 (10:30 -0600)
diff --git a/run.py b/run.py

index 8e2f1acee041a5b2c45198d81456d6ae0c541cf4..6c69623bca72e9cdae0a2958f22275ac5a0256b2 100755 (executable)
--- a/run.py
+++ b/run.py
@@ -390,7 +390,10 @@ def find_value(name, obj):
                  return len(obj)
              except:
                  return -1
-
+        if part == "__find":
+            # Return full obj on __find and do a substring find in caller
+            # where the expected is also available
+            break
          name = None
          index = None
          m = re.match("^(.*)\[(\d+)\]$", part)
@@ -560,6 +563,9 @@ class FilterCheck:
              else:
                  val = find_value(key, event)
                  if val != expected:
+                    if key.endswith("__find"):
+                        if val.find(expected) != -1:
+                            return True
                      if str(val) == str(expected):
                          print("Different types but same string", type(val), val, type(expected), expected)
                          return False
author	Shivani Bhardwaj <shivanib134@gmail.com>
	Wed, 14 Jun 2023 12:27:08 +0000 (17:57 +0530)
committer	Jason Ish <jason.ish@oisf.net>
	Tue, 20 Jun 2023 16:30:42 +0000 (10:30 -0600)