test: test for empty dns/eve formats

Test that when dns/eve "formats" is empty, it uses the default of all. Bug: #6420
OISF · Oct 30, 2023 · ee229ca · ee229ca
1 parent f0c6d49
commit ee229ca
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 0 deletions.
diff --git a/tests/dns/dns-eve-empty-format/README.md b/tests/dns/dns-eve-empty-format/README.md
@@ -0,0 +1,5 @@
+Test that emtpy EVE/DNS "formats" configuration results in the default
+of both formats.
+
+https://redmine.openinfosecfoundation.org/issues/6420
+
diff --git a/tests/dns/dns-eve-empty-format/input.pcap b/tests/dns/dns-eve-empty-format/input.pcap
diff --git a/tests/dns/dns-eve-empty-format/suricata.yaml b/tests/dns/dns-eve-empty-format/suricata.yaml
@@ -0,0 +1,11 @@
+%YAML 1.1
+---
+
+outputs:
+  - eve-log:
+      enabled: yes
+      filetype: regular
+      filename: eve.json
+      types:
+        - dns:
+            formats:
diff --git a/tests/dns/dns-eve-empty-format/test.yaml b/tests/dns/dns-eve-empty-format/test.yaml
@@ -0,0 +1,7 @@
+checks:
+  - filter:
+      count: 1
+      match:
+        pcap_cnt: 8
+        dns.answers[0].rrtype: A
+        dns.grouped.A[0]: "52.85.112.21"