From: Juliana Fajardini Date: Tue, 24 Jun 2025 19:01:11 +0000 (-0300) Subject: tests: update for exceptions stats counters X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F2620%2Fhead;p=thirdparty%2Fsuricata-verify.git tests: update for exceptions stats counters Related to backport ticket Task #6509 --- diff --git a/tests/exception-policy-applayer-01/suricata.yaml b/tests/exception-policy-applayer-01/suricata.yaml index f78de69fe..0f00268ae 100644 --- a/tests/exception-policy-applayer-01/suricata.yaml +++ b/tests/exception-policy-applayer-01/suricata.yaml @@ -4,6 +4,8 @@ stats: enabled: yes interval: 8 + exception-policy: + global-stats: true outputs: - eve-log: diff --git a/tests/exception-policy-applayer-01/test.yaml b/tests/exception-policy-applayer-01/test.yaml index 35c8f7f25..77b3b4b27 100644 --- a/tests/exception-policy-applayer-01/test.yaml +++ b/tests/exception-policy-applayer-01/test.yaml @@ -53,12 +53,13 @@ checks: event_type: stats stats.ips.drop_reason.applayer_error: 1 - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: stats stats.exception_policy.app_layer.error.drop_flow: 1 stats.exception_policy.app_layer.error.pass_flow: 0 + not-has-key: stats.app_layer.error.tls.exception_policy.drop_flow - filter: min-version: 8 count: 1 diff --git a/tests/exception-policy-applayer-02/suricata.yaml b/tests/exception-policy-applayer-02/suricata.yaml index aedf26e36..d4e88fb3e 100644 --- a/tests/exception-policy-applayer-02/suricata.yaml +++ b/tests/exception-policy-applayer-02/suricata.yaml @@ -37,4 +37,5 @@ stats: enabled: yes interval: 8 exception-policy: + global-stats: true per-app-proto-errors: true diff --git a/tests/exception-policy-applayer-02/test.yaml b/tests/exception-policy-applayer-02/test.yaml index a45b97e5a..774f5fc4e 100644 --- a/tests/exception-policy-applayer-02/test.yaml +++ b/tests/exception-policy-applayer-02/test.yaml @@ -42,12 +42,13 @@ checks: event_type: flow flow.action: drop - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: stats stats.app_layer.error.tls.exception_policy.pass_packet: 1 stats.app_layer.error.tls.exception_policy.drop_packet: 0 + stats.exception_policy.app_layer.error.pass_packet: 1 - filter: min-version: 8 count: 1 diff --git a/tests/exception-policy-applayer-03/suricata.yaml b/tests/exception-policy-applayer-03/suricata.yaml index 2f6b63692..cc8b6a128 100644 --- a/tests/exception-policy-applayer-03/suricata.yaml +++ b/tests/exception-policy-applayer-03/suricata.yaml @@ -41,4 +41,5 @@ stats: enabled: yes interval: 8 exception-policy: + global-stats: true per-app-proto-errors: true diff --git a/tests/exception-policy-applayer-03/test.yaml b/tests/exception-policy-applayer-03/test.yaml index 62d916e01..286599722 100644 --- a/tests/exception-policy-applayer-03/test.yaml +++ b/tests/exception-policy-applayer-03/test.yaml @@ -1,5 +1,5 @@ requires: - min-version: 8 + min-version: 7.0.12 features: - DEBUG pcap: ../bittorrent-dht/input.pcap @@ -72,6 +72,7 @@ checks: stats.exception_policy.app_layer.error.pass_packet: 1 stats.exception_policy.app_layer.error.drop_packet: 0 - filter: + min-version: 8 count: 1 match: event_type: flow diff --git a/tests/exception-policy-default-01/suricata.yaml b/tests/exception-policy-default-01/suricata.yaml index a84c70055..a582aac66 100644 --- a/tests/exception-policy-default-01/suricata.yaml +++ b/tests/exception-policy-default-01/suricata.yaml @@ -1,6 +1,10 @@ %YAML 1.1 --- +stats: + exception-policy: + global-stats: true + outputs: - eve-log: enabled: yes diff --git a/tests/exception-policy-default-01/test.yaml b/tests/exception-policy-default-01/test.yaml index 4391585ae..a1f731d09 100644 --- a/tests/exception-policy-default-01/test.yaml +++ b/tests/exception-policy-default-01/test.yaml @@ -29,3 +29,9 @@ checks: event_type: flow not-has-key: flow.exception_policy[0].target not-has-key: flow.exception_policy[0].policy + - filter: + min-version: 7.0.12 + count: 1 + match: + event_type: stats + not-has-key: stats.exception_policy diff --git a/tests/exception-policy-default-03/suricata.yaml b/tests/exception-policy-default-03/suricata.yaml index 1c39e6c37..5a86dcd0f 100644 --- a/tests/exception-policy-default-03/suricata.yaml +++ b/tests/exception-policy-default-03/suricata.yaml @@ -1,6 +1,9 @@ %YAML 1.1 --- +stats: + enabled: true + outputs: - eve-log: enabled: yes @@ -23,6 +26,7 @@ outputs: header: X-Forwarded-For - flow - http + - stats - drop: alerts: yes flows: all diff --git a/tests/exception-policy-default-03/test.yaml b/tests/exception-policy-default-03/test.yaml index c244dda35..2cddd8c16 100644 --- a/tests/exception-policy-default-03/test.yaml +++ b/tests/exception-policy-default-03/test.yaml @@ -43,3 +43,17 @@ checks: event_type: flow flow.exception_policy[0].target: "stream_midstream" flow.exception_policy[0].policy: "drop_flow" + - filter: + min-version: 8 + count: 1 + match: + event_type: stats + stats.exception_policy.tcp.midstream.drop_flow: 1 + # in Suricata 7, the exception policy stats counters can be disabled + - filter: + min-version: 7.0.12 + lt-version: 8 + count: 1 + match: + event_type: stats + not-has-key: stats.exception_policy diff --git a/tests/exception-policy-defrag-01/suricata.yaml b/tests/exception-policy-defrag-01/suricata.yaml index aa46e9763..ed429c882 100644 --- a/tests/exception-policy-defrag-01/suricata.yaml +++ b/tests/exception-policy-defrag-01/suricata.yaml @@ -22,6 +22,10 @@ outputs: - flow - stats +stats: + exception-policy: + global-stats: true + action-order: - pass - drop diff --git a/tests/exception-policy-defrag-01/test.yaml b/tests/exception-policy-defrag-01/test.yaml index 9c0ceabf5..2750a7ff0 100644 --- a/tests/exception-policy-defrag-01/test.yaml +++ b/tests/exception-policy-defrag-01/test.yaml @@ -39,7 +39,7 @@ checks: event_type: stats stats.ips.drop_reason.defrag_memcap: 1 - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: stats diff --git a/tests/exception-policy-master-switch/exception-policy-master-switch-01/suricata.yaml b/tests/exception-policy-master-switch/exception-policy-master-switch-01/suricata.yaml index c615582f8..db6536fe9 100644 --- a/tests/exception-policy-master-switch/exception-policy-master-switch-01/suricata.yaml +++ b/tests/exception-policy-master-switch/exception-policy-master-switch-01/suricata.yaml @@ -34,3 +34,7 @@ outputs: filename: stats.log append: yes +stats: + exception-policy: + global-stats: true + diff --git a/tests/exception-policy-master-switch/exception-policy-master-switch-01/test.yaml b/tests/exception-policy-master-switch/exception-policy-master-switch-01/test.yaml index acc59148c..e072344d6 100644 --- a/tests/exception-policy-master-switch/exception-policy-master-switch-01/test.yaml +++ b/tests/exception-policy-master-switch/exception-policy-master-switch-01/test.yaml @@ -43,7 +43,7 @@ checks: flow.exception_policy[0].target: "stream_midstream" flow.exception_policy[0].policy: "drop_flow" - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: stats diff --git a/tests/exception-policy-master-switch/exception-policy-master-switch-04/suricata.yaml b/tests/exception-policy-master-switch/exception-policy-master-switch-04/suricata.yaml index 1f3898223..07c578942 100644 --- a/tests/exception-policy-master-switch/exception-policy-master-switch-04/suricata.yaml +++ b/tests/exception-policy-master-switch/exception-policy-master-switch-04/suricata.yaml @@ -1,6 +1,10 @@ %YAML 1.1 --- +stats: + exception-policy: + global-stats: true + outputs: - eve-log: enabled: yes @@ -23,6 +27,7 @@ outputs: header: X-Forwarded-For - flow - http + - stats - drop: alerts: yes flows: all diff --git a/tests/exception-policy-master-switch/exception-policy-master-switch-04/test.yaml b/tests/exception-policy-master-switch/exception-policy-master-switch-04/test.yaml index eeb36937d..b907f784c 100644 --- a/tests/exception-policy-master-switch/exception-policy-master-switch-04/test.yaml +++ b/tests/exception-policy-master-switch/exception-policy-master-switch-04/test.yaml @@ -33,3 +33,9 @@ checks: event_type: flow flow.exception_policy[0].target: "stream_midstream" flow.exception_policy[0].policy: "pass_flow" + - filter: + min-version: 7.0.12 + count: 1 + match: + event_type: stats + stats.exception_policy.tcp.midstream.pass_flow: 1 diff --git a/tests/exception-policy-master-switch/exception-policy-master-switch-06/suricata.yaml b/tests/exception-policy-master-switch/exception-policy-master-switch-06/suricata.yaml index 17e07b85a..8a29066ec 100644 --- a/tests/exception-policy-master-switch/exception-policy-master-switch-06/suricata.yaml +++ b/tests/exception-policy-master-switch/exception-policy-master-switch-06/suricata.yaml @@ -1,6 +1,10 @@ %YAML 1.1 --- +stats: + exception-policy: + global-stats: true + outputs: - eve-log: enabled: yes @@ -23,6 +27,7 @@ outputs: header: X-Forwarded-For - flow - http + - stats - drop: alerts: yes flows: all diff --git a/tests/exception-policy-master-switch/exception-policy-master-switch-06/test.yaml b/tests/exception-policy-master-switch/exception-policy-master-switch-06/test.yaml index 756bfb638..79cd4cced 100644 --- a/tests/exception-policy-master-switch/exception-policy-master-switch-06/test.yaml +++ b/tests/exception-policy-master-switch/exception-policy-master-switch-06/test.yaml @@ -43,3 +43,10 @@ checks: event_type: flow flow.exception_policy[0].target: "stream_midstream" flow.exception_policy[0].policy: "ignore" + - filter: + min-version: 7.0.12 + count: 1 + match: + event_type: stats + stats.exception_policy.tcp.reassembly.drop_flow: 0 + not-has-key: stats.exception_policy.tcp.midstream diff --git a/tests/exception-policy-master-switch/exception-policy-master-switch-07/suricata.yaml b/tests/exception-policy-master-switch/exception-policy-master-switch-07/suricata.yaml index bd9e2147b..c5bbe3e8a 100644 --- a/tests/exception-policy-master-switch/exception-policy-master-switch-07/suricata.yaml +++ b/tests/exception-policy-master-switch/exception-policy-master-switch-07/suricata.yaml @@ -1,6 +1,10 @@ %YAML 1.1 --- +stats: + exception-policy: + global-stats: true + outputs: - eve-log: enabled: yes @@ -23,6 +27,7 @@ outputs: header: X-Forwarded-For - flow - http + - stats - drop: alerts: yes flows: all diff --git a/tests/exception-policy-master-switch/exception-policy-master-switch-07/test.yaml b/tests/exception-policy-master-switch/exception-policy-master-switch-07/test.yaml index 756bfb638..6a59a209c 100644 --- a/tests/exception-policy-master-switch/exception-policy-master-switch-07/test.yaml +++ b/tests/exception-policy-master-switch/exception-policy-master-switch-07/test.yaml @@ -43,3 +43,10 @@ checks: event_type: flow flow.exception_policy[0].target: "stream_midstream" flow.exception_policy[0].policy: "ignore" + - filter: + min-version: 7.0.12 + count: 1 + match: + event_type: stats + not-has-key: stats.exception_policy.tcp.midstream + diff --git a/tests/exception-policy-midstream-01/suricata.yaml b/tests/exception-policy-midstream-01/suricata.yaml index 6ffa252bb..9d62a8033 100644 --- a/tests/exception-policy-midstream-01/suricata.yaml +++ b/tests/exception-policy-midstream-01/suricata.yaml @@ -3,6 +3,8 @@ stats: enabled: yes + exception-policy: + global-stats: true outputs: - eve-log: diff --git a/tests/exception-policy-midstream-01/test.yaml b/tests/exception-policy-midstream-01/test.yaml index 26fbcf3b9..05a9a9b70 100644 --- a/tests/exception-policy-midstream-01/test.yaml +++ b/tests/exception-policy-midstream-01/test.yaml @@ -19,7 +19,7 @@ checks: match: event_type: http - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: stats diff --git a/tests/exception-policy-midstream-02/suricata.yaml b/tests/exception-policy-midstream-02/suricata.yaml index c390fff3b..b463dd27c 100644 --- a/tests/exception-policy-midstream-02/suricata.yaml +++ b/tests/exception-policy-midstream-02/suricata.yaml @@ -1,6 +1,10 @@ %YAML 1.1 --- +stats: + exception-policy: + global-stats: true + outputs: - eve-log: enabled: yes diff --git a/tests/exception-policy-midstream-02/test.yaml b/tests/exception-policy-midstream-02/test.yaml index 9b8caa054..2c69d0954 100644 --- a/tests/exception-policy-midstream-02/test.yaml +++ b/tests/exception-policy-midstream-02/test.yaml @@ -31,7 +31,7 @@ checks: event_type: stats stats.ips.drop_reason.stream_midstream: 1 - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: stats diff --git a/tests/exception-policy-midstream-04/suricata.yaml b/tests/exception-policy-midstream-04/suricata.yaml index e318821f8..bf3a180c2 100644 --- a/tests/exception-policy-midstream-04/suricata.yaml +++ b/tests/exception-policy-midstream-04/suricata.yaml @@ -1,6 +1,10 @@ %YAML 1.1 --- +stats: + exception-policy: + global-stats: true + outputs: - eve-log: enabled: yes diff --git a/tests/exception-policy-midstream-04/test.yaml b/tests/exception-policy-midstream-04/test.yaml index 0b71f0462..e47c1333d 100644 --- a/tests/exception-policy-midstream-04/test.yaml +++ b/tests/exception-policy-midstream-04/test.yaml @@ -20,7 +20,7 @@ checks: match: event_type: http - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: stats diff --git a/tests/exception-policy-midstream-05/suricata.yaml b/tests/exception-policy-midstream-05/suricata.yaml index 64b32f334..b994fe2b7 100644 --- a/tests/exception-policy-midstream-05/suricata.yaml +++ b/tests/exception-policy-midstream-05/suricata.yaml @@ -1,6 +1,10 @@ %YAML 1.1 --- +stats: + exception-policy: + global-stats: true + outputs: - eve-log: enabled: yes diff --git a/tests/exception-policy-midstream-05/test.yaml b/tests/exception-policy-midstream-05/test.yaml index 56304546c..4fbba7bea 100644 --- a/tests/exception-policy-midstream-05/test.yaml +++ b/tests/exception-policy-midstream-05/test.yaml @@ -19,7 +19,7 @@ checks: match: event_type: http - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: stats diff --git a/tests/exception-policy-midstream-06/suricata.yaml b/tests/exception-policy-midstream-06/suricata.yaml index ca0134c6b..4f94ed11e 100644 --- a/tests/exception-policy-midstream-06/suricata.yaml +++ b/tests/exception-policy-midstream-06/suricata.yaml @@ -1,6 +1,10 @@ %YAML 1.1 --- +stats: + exception-policy: + global-stats: true + outputs: - eve-log: enabled: yes diff --git a/tests/exception-policy-midstream-06/test.yaml b/tests/exception-policy-midstream-06/test.yaml index 03122264c..084613b0f 100644 --- a/tests/exception-policy-midstream-06/test.yaml +++ b/tests/exception-policy-midstream-06/test.yaml @@ -17,7 +17,7 @@ checks: event_type: flow flow.action: drop - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: stats diff --git a/tests/exception-policy-reject-action-01/suricata.yaml b/tests/exception-policy-reject-action-01/suricata.yaml index d672946e9..d8f4722e9 100644 --- a/tests/exception-policy-reject-action-01/suricata.yaml +++ b/tests/exception-policy-reject-action-01/suricata.yaml @@ -8,6 +8,11 @@ outputs: - alert: - flow - http + - stats - drop: alerts: yes flows: all + +stats: + exception-policy: + global-stats: true diff --git a/tests/exception-policy-reject-action-01/test.yaml b/tests/exception-policy-reject-action-01/test.yaml index 5809415d0..a1cda30d1 100644 --- a/tests/exception-policy-reject-action-01/test.yaml +++ b/tests/exception-policy-reject-action-01/test.yaml @@ -25,3 +25,9 @@ checks: event_type: flow flow.exception_policy[0].target: "stream_midstream" flow.exception_policy[0].policy: "reject" + - filter: + min-version: 7.0.12 + count: 1 + match: + event_type: stats + stats.exception_policy.tcp.midstream.reject: 1 diff --git a/tests/exception-policy-simulated-flow-memcap/suricata.yaml b/tests/exception-policy-simulated-flow-memcap/suricata.yaml index 6baf208c7..e9aab5f9a 100644 --- a/tests/exception-policy-simulated-flow-memcap/suricata.yaml +++ b/tests/exception-policy-simulated-flow-memcap/suricata.yaml @@ -3,6 +3,8 @@ stats: enabled: yes + exception-policy: + global-stats: true outputs: - eve-log: diff --git a/tests/exception-policy-simulated-flow-memcap/test.yaml b/tests/exception-policy-simulated-flow-memcap/test.yaml index d297e0d28..56fac5be2 100644 --- a/tests/exception-policy-simulated-flow-memcap/test.yaml +++ b/tests/exception-policy-simulated-flow-memcap/test.yaml @@ -33,7 +33,7 @@ checks: event_type: stats stats.ips.drop_reason.flow_memcap: 1 - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: stats diff --git a/tests/exception-policy-stream-reassembly-memcap-01/suricata.yaml b/tests/exception-policy-stream-reassembly-memcap-01/suricata.yaml index 1c09123ac..30bc85d71 100644 --- a/tests/exception-policy-stream-reassembly-memcap-01/suricata.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-01/suricata.yaml @@ -3,6 +3,8 @@ stats: enabled: yes + exception-policy: + global-stats: true outputs: - eve-log: diff --git a/tests/exception-policy-stream-reassembly-memcap-01/test.yaml b/tests/exception-policy-stream-reassembly-memcap-01/test.yaml index 8e59d36b7..ad59cf1c8 100644 --- a/tests/exception-policy-stream-reassembly-memcap-01/test.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-01/test.yaml @@ -48,10 +48,12 @@ checks: event_type: flow flow.action: drop - filter: + min-version: 7.0.12 count: 1 match: event_type: stats stats.ips.drop_reason.stream_reassembly: 1 + stats.exception_policy.tcp.reassembly.drop_flow: 1 - filter: min-version: 8 count: 1 diff --git a/tests/exception-policy-stream-reassembly-memcap-02/suricata.yaml b/tests/exception-policy-stream-reassembly-memcap-02/suricata.yaml index dfccb8afa..67c3f4f34 100644 --- a/tests/exception-policy-stream-reassembly-memcap-02/suricata.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-02/suricata.yaml @@ -1,6 +1,10 @@ %YAML 1.1 --- +stats: + exception-policy: + global-stats: true + outputs: - eve-log: enabled: yes @@ -20,6 +24,7 @@ outputs: flows: all # start or all: 'start' logs only a single drop # per flow direction. All logs each dropped pkt. - flow + - stats action-order: - pass - drop diff --git a/tests/exception-policy-stream-reassembly-memcap-02/test.yaml b/tests/exception-policy-stream-reassembly-memcap-02/test.yaml index 0a027ae19..95e257d04 100644 --- a/tests/exception-policy-stream-reassembly-memcap-02/test.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-02/test.yaml @@ -41,3 +41,10 @@ checks: flow.exception_policy[0].policy: "pass_flow" flow.exception_policy[1].target: "app_layer_error" flow.exception_policy[1].policy: "ignore" + - filter: + min-version: 7.0.12 + count: 1 + match: + event_type: stats + stats.exception_policy.tcp.reassembly.pass_flow: 1 + not-has-key: stats.app_layer.error.tls.exception_policy diff --git a/tests/exception-policy-stream-reassembly-memcap-03/suricata.yaml b/tests/exception-policy-stream-reassembly-memcap-03/suricata.yaml index dfccb8afa..ed429c882 100644 --- a/tests/exception-policy-stream-reassembly-memcap-03/suricata.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-03/suricata.yaml @@ -20,6 +20,12 @@ outputs: flows: all # start or all: 'start' logs only a single drop # per flow direction. All logs each dropped pkt. - flow + - stats + +stats: + exception-policy: + global-stats: true + action-order: - pass - drop diff --git a/tests/exception-policy-stream-reassembly-memcap-03/test.yaml b/tests/exception-policy-stream-reassembly-memcap-03/test.yaml index 6756a2ee1..0ceed1d6a 100644 --- a/tests/exception-policy-stream-reassembly-memcap-03/test.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-03/test.yaml @@ -37,3 +37,9 @@ checks: event_type: flow flow.exception_policy[0].target: "stream_reassembly_memcap" flow.exception_policy[0].policy: "bypass" + - filter: + min-version: 7.0.12 + count: 1 + match: + event_type: stats + stats.exception_policy.tcp.reassembly.bypass: 1 diff --git a/tests/exception-policy-stream-reassembly-memcap-04/suricata.yaml b/tests/exception-policy-stream-reassembly-memcap-04/suricata.yaml index aac4c605a..626211544 100644 --- a/tests/exception-policy-stream-reassembly-memcap-04/suricata.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-04/suricata.yaml @@ -1,6 +1,10 @@ %YAML 1.1 --- +stats: + exception-policy: + global-stats: true + outputs: - eve-log: enabled: yes diff --git a/tests/exception-policy-stream-reassembly-memcap-04/test.yaml b/tests/exception-policy-stream-reassembly-memcap-04/test.yaml index 8e59d36b7..d13ce3bdf 100644 --- a/tests/exception-policy-stream-reassembly-memcap-04/test.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-04/test.yaml @@ -59,3 +59,9 @@ checks: event_type: flow flow.exception_policy[0].target: "stream_reassembly_memcap" flow.exception_policy[0].policy: "drop_flow" + - filter: + min-version: 7.0.12 + count: 1 + match: + event_type: stats + stats.exception_policy.tcp.reassembly.drop_flow: 1 diff --git a/tests/exception-policy-stream-reassembly-memcap-05/suricata.yaml b/tests/exception-policy-stream-reassembly-memcap-05/suricata.yaml index aac4c605a..626211544 100644 --- a/tests/exception-policy-stream-reassembly-memcap-05/suricata.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-05/suricata.yaml @@ -1,6 +1,10 @@ %YAML 1.1 --- +stats: + exception-policy: + global-stats: true + outputs: - eve-log: enabled: yes diff --git a/tests/exception-policy-stream-reassembly-memcap-05/test.yaml b/tests/exception-policy-stream-reassembly-memcap-05/test.yaml index 70a1e56fb..7ffe07f20 100644 --- a/tests/exception-policy-stream-reassembly-memcap-05/test.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-05/test.yaml @@ -62,3 +62,10 @@ checks: flow.exception_policy[0].policy: "drop_packet" flow.exception_policy[1].target: "app_layer_error" flow.exception_policy[1].policy: "ignore" + - filter: + min-version: 7.0.12 + count: 1 + match: + event_type: stats + stats.exception_policy.tcp.reassembly.drop_packet: 1 + not-has-key: stats.exception_policy.app_layer.error diff --git a/tests/exception-policy-stream-reassembly-memcap-06/suricata.yaml b/tests/exception-policy-stream-reassembly-memcap-06/suricata.yaml index 8894da2d2..37a8865a9 100644 --- a/tests/exception-policy-stream-reassembly-memcap-06/suricata.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-06/suricata.yaml @@ -1,6 +1,10 @@ %YAML 1.1 --- +stats: + exception-policy: + global-stats: true + outputs: - eve-log: enabled: yes diff --git a/tests/exception-policy-stream-reassembly-memcap-06/test.yaml b/tests/exception-policy-stream-reassembly-memcap-06/test.yaml index ab4c833c4..e34e39cd2 100644 --- a/tests/exception-policy-stream-reassembly-memcap-06/test.yaml +++ b/tests/exception-policy-stream-reassembly-memcap-06/test.yaml @@ -48,7 +48,7 @@ checks: event_type: flow flow.action: drop - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: stats @@ -62,3 +62,10 @@ checks: flow.exception_policy[0].policy: "pass_packet" flow.exception_policy[1].target: "app_layer_error" flow.exception_policy[1].policy: "ignore" + - filter: + min-version: 7.0.12 + count: 1 + match: + event_type: stats + stats.exception_policy.tcp.reassembly.pass_packet: 1 + not-has-key: stats.exception_policy.app_layer.error diff --git a/tests/exception-policy-stream-ssn-memcap-01/suricata.yaml b/tests/exception-policy-stream-ssn-memcap-01/suricata.yaml index aa46e9763..73c956016 100644 --- a/tests/exception-policy-stream-ssn-memcap-01/suricata.yaml +++ b/tests/exception-policy-stream-ssn-memcap-01/suricata.yaml @@ -1,6 +1,10 @@ %YAML 1.1 --- +stats: + exception-policy: + global-stats: true + outputs: - eve-log: enabled: yes diff --git a/tests/exception-policy-stream-ssn-memcap-01/test.yaml b/tests/exception-policy-stream-ssn-memcap-01/test.yaml index 2fbb4b9b2..4726fa032 100644 --- a/tests/exception-policy-stream-ssn-memcap-01/test.yaml +++ b/tests/exception-policy-stream-ssn-memcap-01/test.yaml @@ -52,7 +52,7 @@ checks: event_type: stats stats.ips.drop_reason.stream_memcap: 1 - filter: - min-version: 8 + min-version: 7.0.12 count: 1 match: event_type: stats