requires:
min-version: 5.0.0
+ lt-version: 7
features:
- HAVE_LIBJANSSON
-alert udp any any -> any any (msg:"TEST SUCCESFULL - dsize/offset INVALID combination "; dsize:50; content:"AA"; offset:100; sid:6666661; rev:1;)
+alert udp any any -> any any (msg:"TEST SUCCESFUL - dsize/offset INVALID combination "; dsize:50; content:"AA"; offset:100; sid:6666661; rev:1;)
requires:
min-version: 5.0.0
+ lt-version: 7
features:
- HAVE_LIBJANSSON
${SRCDIR}/src/suricata --set classification-file="${SRCDIR}/classification.config" --set reference-config-file="${SRCDIR}/reference.config" -l ${OUTPUT_DIR} -c ${TEST_DIR}/suricata.yaml -r ${TEST_DIR}/ -S ${TEST_DIR}/test.rules
checks:
- # check that we have the following entres in eve.json
+ # check that we have the following entries in eve.json
# match 1 specific rule load failure reason
- filter:
count: 1
event_type: engine
engine.message: "signature can't match as content length 2 with offset 100 (=102) is bigger than dsize 50."
+
- filter:
count: 1
match:
-alert udp any any -> any any (msg:"TEST SUCCESFULL - dsize/offset INVALID combination "; dsize:5<>10; content:"AAAA"; offset:8; sid:6666665; rev:1;)
+alert udp any any -> any any (msg:"TEST SUCCESFUL - dsize/offset INVALID combination "; dsize:5<>10; content:"AAAA"; offset:8; sid:6666665; rev:1;)
requires:
min-version: 5.0.0
+ lt-version: 7
features:
- HAVE_LIBJANSSON
${SRCDIR}/src/suricata --set classification-file="${SRCDIR}/classification.config" --set reference-config-file="${SRCDIR}/reference.config" -l ${OUTPUT_DIR} -c ${TEST_DIR}/suricata.yaml -r ${TEST_DIR}/ -S ${TEST_DIR}/test.rules
checks:
- # check that we have the following entres in eve.json
+ # check that we have the following entries in eve.json
# match 1 specific rule load failure reason
- filter:
count: 1
requires:
min-version: 5.0.0
+ lt-version: 7
features:
- HAVE_LIBJANSSON