From 3f87048840c053677c2f331ddbee77ccf2bbac04 Mon Sep 17 00:00:00 2001
From: Jeff Lucovsky <jeff@lucovsky.org>
Date: Sun, 23 Feb 2020 14:55:22 -0500
Subject: [PATCH] tests: Add tests for issue 3490

---
 tests/bug-3490/test.rules |  2 ++
 tests/bug-3490/test.yaml  | 17 +++++++++++++++++
 2 files changed, 19 insertions(+)
 create mode 100644 tests/bug-3490/test.rules
 create mode 100644 tests/bug-3490/test.yaml

diff --git a/tests/bug-3490/test.rules b/tests/bug-3490/test.rules
new file mode 100644
index 000000000..95078f92f
--- /dev/null
+++ b/tests/bug-3490/test.rules
@@ -0,0 +1,2 @@
+alert snmp any any -> any any (msg:"SNMP test1"; snmp.version; sid:1000003;)
+alert snmp any any -> any any (msg:"SNMP test2"; snmp.pdu_type; sid:1000007;)
diff --git a/tests/bug-3490/test.yaml b/tests/bug-3490/test.yaml
new file mode 100644
index 000000000..cd526c170
--- /dev/null
+++ b/tests/bug-3490/test.yaml
@@ -0,0 +1,17 @@
+requires:
+  # No pcap required.
+  pcap: false
+
+exit-code: 1
+
+args:
+  - --engine-analysis
+
+checks:
+    - shell:
+        args: grep "snmp.pdu_type requires a value" suricata.log| wc -l | xargs
+        expect: 1
+
+    - shell:
+        args: grep "snmp.version requires a value" suricata.log| wc -l | xargs
+        expect: 1
-- 
2.47.2