]> git.ipfire.org Git - thirdparty/suricata-verify.git/commitdiff
projects / thirdparty / suricata-verify.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 441e1ca)
pgsql: add tests for copy-out mode 2419/head
authorJuliana Fajardini <jufajardini@oisf.net>
Wed, 2 Apr 2025 23:48:09 +0000 (16:48 -0700)
committerVictor Julien <victor@inliniac.net>
Sat, 5 Apr 2025 06:11:39 +0000 (08:11 +0200)
Task #4854

tests/pgsql/pgsql-copy-data-out/input.pcap [new file with mode: 0644] patch | blob
tests/pgsql/pgsql-copy-data-out/suricata.yaml [new file with mode: 0644] patch | blob
tests/pgsql/pgsql-copy-data-out/test.yaml [new file with mode: 0644] patch | blob

diff --git a/tests/pgsql/pgsql-copy-data-out/input.pcap b/tests/pgsql/pgsql-copy-data-out/input.pcap
new file mode 100644 (file)
index 0000000..9618ef9
Binary files /dev/null and b/tests/pgsql/pgsql-copy-data-out/input.pcap differ
diff --git a/tests/pgsql/pgsql-copy-data-out/suricata.yaml b/tests/pgsql/pgsql-copy-data-out/suricata.yaml
new file mode 100644 (file)
index 0000000..bade989
--- /dev/null
+++ b/tests/pgsql/pgsql-copy-data-out/suricata.yaml
@@ -0,0 +1,18 @@
+%YAML 1.1
+---
+
+outputs:
+  - eve-log:
+      enabled: yes
+      filetype: regular
+      filename: eve.json
+      types:
+        - pgsql:
+            passwords: false
+
+app-layer:
+  protocols:
+    pgsql:
+      enabled: yes
+      stream-depth: 0
+
diff --git a/tests/pgsql/pgsql-copy-data-out/test.yaml b/tests/pgsql/pgsql-copy-data-out/test.yaml
new file mode 100644 (file)
index 0000000..7bb7d63
--- /dev/null
+++ b/tests/pgsql/pgsql-copy-data-out/test.yaml
@@ -0,0 +1,21 @@
+requires:
+  min-version: 8
+
+args:
+- -k none
+
+checks:
+- filter:
+    count: 5
+    match:
+      event_type: pgsql
+- filter:
+    count: 1
+    match:
+      event_type: pgsql
+      pgsql.request.simple_query: "COPY (SELECT * FROM rules WHERE source = 'tgreen/hunting' LIMIT 5) TO STDOUT"
+      pgsql.response.command_completed: COPY 5
+      pgsql.response.copy_data_out.row_count: 5
+      pgsql.response.copy_data_out.data_size: 2779
+      pgsql.tx_id: 4
+      proto: TCP
Mirror of https://github.com/OISF/suricata-verify.git