]> git.ipfire.org Git - thirdparty/suricata-verify.git/commitdiff
projects / thirdparty / suricata-verify.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: eb357ad)
tests: http.start add transform test
authorVictor Julien <victor@inliniac.net>
Mon, 18 Jan 2021 07:21:47 +0000 (08:21 +0100)
committerVictor Julien <victor@inliniac.net>
Mon, 18 Jan 2021 07:21:47 +0000 (08:21 +0100)
tests/http-sticky-start/test.rules patch | blob | blame | history
tests/http-sticky-start/test.yaml patch | blob | blame | history

diff --git a/tests/http-sticky-start/test.rules b/tests/http-sticky-start/test.rules
index accf51b7fe99de843ecab6ffb47d5dcdcd86e660..0236b8cf1a8f99b271355545ac5e28a29e9a487c 100644 (file)
--- a/tests/http-sticky-start/test.rules
+++ b/tests/http-sticky-start/test.rules
@@ -1 +1,2 @@
 alert http any any -> any any (flow:to_server; http.start; content:"GET"; depth:3; content:"Host:"; distance:0; sid:1;)
+alert http any any -> any any (flow:to_server; http.start; strip_whitespace; content:"GET"; depth:3; content:"Host:"; distance:0; sid:2;)
diff --git a/tests/http-sticky-start/test.yaml b/tests/http-sticky-start/test.yaml
index bc454bbcc3f75ca148eff653f4131d3466f634fc..55d83ede44f169d4a11280f412b7366d730ee4db 100644 (file)
--- a/tests/http-sticky-start/test.yaml
+++ b/tests/http-sticky-start/test.yaml
@@ -9,3 +9,8 @@ checks:
       match:
         event_type: alert
         alert.signature_id: 1
+  - filter:
+      count: 3
+      match:
+        event_type: alert
+        alert.signature_id: 2
Mirror of https://github.com/OISF/suricata-verify.git