stats: add checks for drop reason counters

Leaving checks for stream reassembly aside as those were already added
by another commit.

Related to Task #6230
Task #6571

diff --git a/tests/exception-policy-applayer-01/suricata.yaml b/tests/exception-policy-applayer-01/suricata.yaml
index dfccb8afa643b645d9977f7c442e1fc612fbbf3b..aa46e9763db8e3a36d9fafbc42727277508111a3 100644 (file)
--- a/tests/exception-policy-applayer-01/suricata.yaml
+++ b/tests/exception-policy-applayer-01/suricata.yaml
@@ -20,6 +20,8 @@ outputs:
             flows: all       # start or all: 'start' logs only a single drop
                              # per flow direction. All logs each dropped pkt.
         - flow
+        - stats
+
 action-order:
   - pass
   - drop

diff --git a/tests/exception-policy-applayer-01/test.yaml b/tests/exception-policy-applayer-01/test.yaml
index 1a210454e2b18aff09af7953d8803e0b7af823ed..d4d09ebaf442644621f08a0101f600df1886d9ec 100644 (file)
--- a/tests/exception-policy-applayer-01/test.yaml
+++ b/tests/exception-policy-applayer-01/test.yaml
@@ -48,3 +48,9 @@ checks:
       match:
         event_type: flow
         flow.action: drop
+  - filter:
+      min-version: 7
+      count: 1
+      match:
+        event_type: stats
+        stats.ips.drop_reason.applayer_error: 1

diff --git a/tests/exception-policy-defrag-01/suricata.yaml b/tests/exception-policy-defrag-01/suricata.yaml
index dfccb8afa643b645d9977f7c442e1fc612fbbf3b..aa46e9763db8e3a36d9fafbc42727277508111a3 100644 (file)
--- a/tests/exception-policy-defrag-01/suricata.yaml
+++ b/tests/exception-policy-defrag-01/suricata.yaml
@@ -20,6 +20,8 @@ outputs:
             flows: all       # start or all: 'start' logs only a single drop
                              # per flow direction. All logs each dropped pkt.
         - flow
+        - stats
+
 action-order:
   - pass
   - drop

diff --git a/tests/exception-policy-defrag-01/test.yaml b/tests/exception-policy-defrag-01/test.yaml
index 22be53c71c05f0610cb84c49a21d615ddcbddc00..9daab62979598e5e4b6442cd0e30f3ca766d27b1 100644 (file)
--- a/tests/exception-policy-defrag-01/test.yaml
+++ b/tests/exception-policy-defrag-01/test.yaml
@@ -34,3 +34,9 @@ checks:
         event_type: flow
         flow.action: drop
         proto: ICMP
+  - filter:
+      min-version: 7
+      count: 1
+      match:
+        event_type: stats
+        stats.ips.drop_reason.defrag_memcap: 1

diff --git a/tests/exception-policy-midstream-02/suricata.yaml b/tests/exception-policy-midstream-02/suricata.yaml
index d4e75dae9886189d49ff95c93235daa1f2bb33fe..c390fff3b79ef101673a517e8b271b436d42dd04 100644 (file)
--- a/tests/exception-policy-midstream-02/suricata.yaml
+++ b/tests/exception-policy-midstream-02/suricata.yaml
@@ -17,3 +17,4 @@ outputs:
             flows: start     # start or all: 'start' logs only a single drop
                              # per flow direction. All logs each dropped pkt.
         - flow
+        - stats

diff --git a/tests/exception-policy-midstream-02/test.yaml b/tests/exception-policy-midstream-02/test.yaml
index 79fe323b31f544b9f965eb8a0184286904195f18..83a2f4671a005733b2412d0ed408f43f6cd85717 100644 (file)
--- a/tests/exception-policy-midstream-02/test.yaml
+++ b/tests/exception-policy-midstream-02/test.yaml
@@ -24,3 +24,9 @@ checks:
       count: 0
       match:
         event_type: anomaly
+  - filter:
+      min-version: 7
+      count: 1
+      match:
+        event_type: stats
+        stats.ips.drop_reason.stream_midstream: 1

diff --git a/tests/exception-policy-simulated-flow-memcap/test.yaml b/tests/exception-policy-simulated-flow-memcap/test.yaml
index 11632c687ede8169242c28f2b9424a87189381f3..2429daf06aefc24dd7f75aabcbef9853e86c72ad 100644 (file)
--- a/tests/exception-policy-simulated-flow-memcap/test.yaml
+++ b/tests/exception-policy-simulated-flow-memcap/test.yaml
@@ -30,3 +30,9 @@ checks:
       match:
         event_type: stats
         stats.tcp.midstream_pickups: 1
+  - filter:
+      min-version: 7
+      count: 1
+      match:
+        event_type: stats
+        stats.ips.drop_reason.flow_memcap: 1

diff --git a/tests/exception-policy-stream-ssn-memcap-01/suricata.yaml b/tests/exception-policy-stream-ssn-memcap-01/suricata.yaml
index dfccb8afa643b645d9977f7c442e1fc612fbbf3b..aa46e9763db8e3a36d9fafbc42727277508111a3 100644 (file)
--- a/tests/exception-policy-stream-ssn-memcap-01/suricata.yaml
+++ b/tests/exception-policy-stream-ssn-memcap-01/suricata.yaml
@@ -20,6 +20,8 @@ outputs:
             flows: all       # start or all: 'start' logs only a single drop
                              # per flow direction. All logs each dropped pkt.
         - flow
+        - stats
+
 action-order:
   - pass
   - drop

diff --git a/tests/exception-policy-stream-ssn-memcap-01/test.yaml b/tests/exception-policy-stream-ssn-memcap-01/test.yaml
index 830934f48e4c4ebb68ba8cc18507e205539ddc04..88576cade7a7dbc031efc0fd372035c31a847495 100644 (file)
--- a/tests/exception-policy-stream-ssn-memcap-01/test.yaml
+++ b/tests/exception-policy-stream-ssn-memcap-01/test.yaml
@@ -47,3 +47,9 @@ checks:
       match:
         event_type: flow
         flow.action: drop
+  - filter:
+      min-version: 7
+      count: 1
+      match:
+        event_type: stats
+        stats.ips.drop_reason.stream_memcap: 1