upstream/suricata
1
0
Fork 0
mirror of https://github.com/OISF/suricata.git synced 2026-05-28 04:32:12 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

qa/live: update tests for fw stats counters

Browse source 
Part of
Ticket #7699
This commit is contained in:
Juliana Fajardini 2026-05-21 16:58:14 -03:00 committed by Victor Julien
parent 64b7965ca1
commit cf790def8e
2 changed files with 6 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
qa/live/netns/afp-fw-netns-bridge.sh
View file

@ -248,8 +248,8 @@ SID201=$(jq -c 'select(.alert.signature_id==201)' ./eve.json | wc -l)
SID202=$(jq -c 'select(.alert.signature_id==202)' ./eve.json | wc -l)
echo "SID201 $SID201 SID202 $SID202"
ACCEPTED=$(jq -c 'select(.event_type == "stats")' ./eve.json | tail -n1 | jq '.stats.ips.accepted')
BLOCKED=$(jq -c 'select(.event_type == "stats")' ./eve.json | tail -n1 | jq '.stats.ips.blocked')
ACCEPTED=$(jq -c 'select(.event_type == "stats")' ./eve.json | tail -n1 | jq '.stats.firewall.accepted')
BLOCKED=$(jq -c 'select(.event_type == "stats")' ./eve.json | tail -n1 | jq '.stats.firewall.blocked')
KERNEL_PACKETS=$(jq -c 'select(.event_type == "stats")' ./eve.json | tail -n1 | jq '.stats.capture.kernel_packets')
echo "ACCEPTED $ACCEPTED BLOCKED $BLOCKED KERNEL_PACKETS $KERNEL_PACKETS"
@ -303,6 +303,7 @@ fi
echo "* dumping some stats..."
cat ./eve.json | jq -c 'select(.http)'|tail -n1|jq
cat ./eve.json | jq -c 'select(.stats)|.stats.ips'|tail -n1|jq
cat ./eve.json | jq -c 'select(.stats)|.stats.firewall'|tail -n1|jq
cat ./eve.json | jq -c 'select(.stats)|.stats.capture'|tail -n1|jq
echo "* dumping some stats... done"

5
qa/live/netns/nfq-fw-netns-route.sh
View file

@ -268,8 +268,8 @@ SID201=$(jq -c 'select(.alert.signature_id==201)' ./eve.json | wc -l)
SID202=$(jq -c 'select(.alert.signature_id==202)' ./eve.json | wc -l)
echo "SID201 $SID201 SID202 $SID202"
ACCEPTED=$(jq -c 'select(.event_type == "stats")' ./eve.json | tail -n1 | jq '.stats.ips.accepted')
BLOCKED=$(jq -c 'select(.event_type == "stats")' ./eve.json | tail -n1 | jq '.stats.ips.blocked')
ACCEPTED=$(jq -c 'select(.event_type == "stats")' ./eve.json | tail -n1 | jq '.stats.firewall.accepted')
BLOCKED=$(jq -c 'select(.event_type == "stats")' ./eve.json | tail -n1 | jq '.stats.firewall.blocked')
echo "ACCEPTED $ACCEPTED BLOCKED $BLOCKED"
if [ $ACCEPTED -eq 0 ]; then
@ -317,6 +317,7 @@ fi
echo "* dumping some stats..."
cat ./eve.json | jq -c 'select(.http)'|tail -n1|jq
cat ./eve.json | jq -c 'select(.stats)|.stats.firewall'|tail -n1|jq
cat ./eve.json | jq -c 'select(.stats)|.stats.ips'|tail -n1|jq
echo "* dumping some stats... done"