]> git.ipfire.org Git - thirdparty/suricata-verify.git/commitdiff
projects / thirdparty / suricata-verify.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3771766)
dns-udp-eve-log-aaaa-only: v2 and v3 tests
authorJason Ish <jason.ish@oisf.net>
Thu, 4 Jul 2024 21:39:05 +0000 (15:39 -0600)
committerVictor Julien <victor@inliniac.net>
Tue, 9 Jul 2024 10:15:24 +0000 (12:15 +0200)
tests/dns/dns-udp-eve-log-aaaa-only/README.md [moved from tests/dns-udp-eve-log-aaaa-only/README.md with 100% similarity] patch | blob | blame | history
tests/dns/dns-udp-eve-log-aaaa-only/suricata.yaml [moved from tests/dns-udp-eve-log-aaaa-only/suricata.yaml with 100% similarity] patch | blob | blame | history
tests/dns/dns-udp-eve-log-aaaa-only/test.yaml [new file with mode: 0644] patch | blob
tests/dns/v2/dns-udp-eve-log-aaaa-only/README.md [new file with mode: 0644] patch | blob
tests/dns/v2/dns-udp-eve-log-aaaa-only/suricata.yaml [new file with mode: 0644] patch | blob
tests/dns/v2/dns-udp-eve-log-aaaa-only/test.yaml [moved from tests/dns-udp-eve-log-aaaa-only/test.yaml with 68% similarity] patch | blob | blame | history

diff --git a/tests/dns/dns-udp-eve-log-aaaa-only/test.yaml b/tests/dns/dns-udp-eve-log-aaaa-only/test.yaml
new file mode 100644 (file)
index 0000000..4acf178
--- /dev/null
+++ b/tests/dns/dns-udp-eve-log-aaaa-only/test.yaml
@@ -0,0 +1,21 @@
+pcap: ../../dns-udp-eve-log-query-only-v1/dns-udp-google.com-a-aaaa-mx.pcap
+
+requires:
+  min-version: 8
+
+checks:
+  - filter:
+      count: 1
+      match:
+        dns.type: request
+        dns.queries[0].rrtype: AAAA
+  - filter:
+      count: 1
+      match:
+        dns.type: response
+        dns.answers[0].rrtype: AAAA
+        dns.answers.__len: 1
+  - filter:
+      count: 0
+      match:
+        dns.rrtype: A
diff --git a/tests/dns/v2/dns-udp-eve-log-aaaa-only/README.md b/tests/dns/v2/dns-udp-eve-log-aaaa-only/README.md
new file mode 100644 (file)
index 0000000..88649bf
--- /dev/null
+++ b/tests/dns/v2/dns-udp-eve-log-aaaa-only/README.md
@@ -0,0 +1,2 @@
+Test custom eve DNS logging by configuring it to log only AAAA
+records, and verifying that only AAAA records are logged.
diff --git a/tests/dns/v2/dns-udp-eve-log-aaaa-only/suricata.yaml b/tests/dns/v2/dns-udp-eve-log-aaaa-only/suricata.yaml
new file mode 100644 (file)
index 0000000..7dfe440
--- /dev/null
+++ b/tests/dns/v2/dns-udp-eve-log-aaaa-only/suricata.yaml
@@ -0,0 +1,12 @@
+%YAML 1.1
+---
+
+outputs:
+  - eve-log:
+      enabled: yes
+      filetype: regular
+      filename: eve.json
+      types:
+        - dns:
+            version: 2
+            types: [aaaa]
diff --git a/tests/dns-udp-eve-log-aaaa-only/test.yaml b/tests/dns/v2/dns-udp-eve-log-aaaa-only/test.yaml
similarity index 68%
rename from tests/dns-udp-eve-log-aaaa-only/test.yaml
rename to tests/dns/v2/dns-udp-eve-log-aaaa-only/test.yaml
index c20ca32736aeed09920d0c4d40ae8c2215527fa4..4b4c8c7844eea536125c3f95e272faa7ecbebdf7 100644 (file)
--- a/tests/dns-udp-eve-log-aaaa-only/test.yaml
+++ b/tests/dns/v2/dns-udp-eve-log-aaaa-only/test.yaml
@@ -1,8 +1,4 @@
-pcap: ../dns-udp-eve-log-query-only-v1/dns-udp-google.com-a-aaaa-mx.pcap
-
-requires:
-  features:
-    - HAVE_LIBJANSSON
+pcap: ../../../dns-udp-eve-log-query-only-v1/dns-udp-google.com-a-aaaa-mx.pcap
 
 checks:
   - filter:
Mirror of https://github.com/OISF/suricata-verify.git