From: Philippe Antoine <contact@catenacyber.fr>
Date: Wed, 29 Jun 2022 19:23:47 +0000 (+0200)
Subject: snmp: adds rule check about snmp.usm keyword
X-Git-Tag: suricata-5.0.10~4
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=aabe621c77b72a063bb922d71051bd4e80c87068;p=thirdparty%2Fsuricata-verify.git

snmp: adds rule check about snmp.usm keyword
---

diff --git a/tests/snmp-v3-encrypted/min7.rules b/tests/snmp-v3-encrypted/min7.rules
new file mode 100644
index 000000000..adc6ce18a
--- /dev/null
+++ b/tests/snmp-v3-encrypted/min7.rules
@@ -0,0 +1 @@
+alert snmp any any -> any any (snmp.usm; content:"admin"; sid:1;)
diff --git a/tests/snmp-v3-encrypted/test.yaml b/tests/snmp-v3-encrypted/test.yaml
index 2f51f296b..d823bb6dd 100644
--- a/tests/snmp-v3-encrypted/test.yaml
+++ b/tests/snmp-v3-encrypted/test.yaml
@@ -29,3 +29,9 @@ checks:
        event_type: snmp
        snmp.pdu_type: encrypted
        snmp.version: 3
+ - filter:
+     min-version: 7
+     count: 8
+     match:
+       event_type: alert
+       alert.signature_id: 1