dns txt test

author Jason Ish <ish@unx.ca>

Thu, 8 Jun 2017 19:01:09 +0000 (13:01 -0600)

committer Jason Ish <ish@unx.ca>

Thu, 8 Jun 2017 19:01:09 +0000 (13:01 -0600)
author Jason Ish <ish@unx.ca>
Thu, 8 Jun 2017 19:01:09 +0000 (13:01 -0600)
committer Jason Ish <ish@unx.ca>
Thu, 8 Jun 2017 19:01:09 +0000 (13:01 -0600)
diff --git a/dns-udp-eve-log-txt/README.md b/dns-udp-eve-log-txt/README.md

new file mode 100644 (file)

index 0000000..5a1c088
--- /dev/null
+++ b/dns-udp-eve-log-txt/README.md
@@ -0,0 +1,2 @@
+Test that a TXT record is extracted and logged correctly to Eve.
+
diff --git a/dns-udp-eve-log-txt/check.sh b/dns-udp-eve-log-txt/check.sh

new file mode 100755 (executable)

index 0000000..d8a9ef6
--- /dev/null
+++ b/dns-udp-eve-log-txt/check.sh
@@ -0,0 +1,9 @@
+#! /bin/sh
+
+set -e
+
+txt=$(cat output/eve.json | \
+         jq -c 'select(.dns.type == "answer") | select(.dns.rrtype == "TXT") | .dns.rdata')
+test "${txt}" = '"v=spf1 include:_spf.google.com ~all"'
+
+
diff --git a/dns-udp-eve-log-txt/dns-txt-google.com.pcap b/dns-udp-eve-log-txt/dns-txt-google.com.pcap

new file mode 100644 (file)

index 0000000..edb238e

Binary files /dev/null and b/dns-udp-eve-log-txt/dns-txt-google.com.pcap differ
author	Jason Ish <ish@unx.ca>
	Thu, 8 Jun 2017 19:01:09 +0000 (13:01 -0600)
committer	Jason Ish <ish@unx.ca>
	Thu, 8 Jun 2017 19:01:09 +0000 (13:01 -0600)
dns-udp-eve-log-txt/README.md	[new file with mode: 0644]	patch \| blob
dns-udp-eve-log-txt/check.sh	[new file with mode: 0755]	patch \| blob
dns-udp-eve-log-txt/dns-txt-google.com.pcap	[new file with mode: 0644]	patch \| blob