tls: add check for catch-all rule logging app-layer metadata

Ticket: 7530
OISF · Dec 2, 2024 · cde493b · cde493b
1 parent 09c0a3b
commit cde493b
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 0 deletions.
diff --git a/tests/firewall/firewall-06-tls-sni-enforce/suricata.yaml b/tests/firewall/firewall-06-tls-sni-enforce/suricata.yaml
@@ -15,6 +15,10 @@ stats:
   # Add stream events as stats.
   #stream-events: false
 
+detect:
+  stream-tx-log-limit: 4
+  guess-applayer-tx: true
+
 # Configure the type of alert (and other) logging you would like.
 outputs:
   - eve-log:

diff --git a/tests/firewall/firewall-06-tls-sni-enforce/test.yaml b/tests/firewall/firewall-06-tls-sni-enforce/test.yaml
@@ -14,6 +14,14 @@ checks:
     count: 26
     match:
       event_type: alert
+- filter:
+    min-version: 8
+    # check for https://redmine.openinfosecfoundation.org/issues/7350
+    count: 4
+    match:
+      event_type: alert
+      alert.signature_id: 3
+      tls.sni: raw.githubusercontent.com
 - filter:
     count: 1
     match: