static void test_log_message_merge_unset_value(void) { LogMessage *msg; GPtrArray *context = g_ptr_array_sized_new(0); msg = construct_merge_base_message(); g_ptr_array_add(context, construct_merged_message("merged", "mergedvalue")); log_msg_merge_context(msg, (LogMessage **) context->pdata, context->len); assert_log_message_value_by_name(msg, "base", "basevalue"); assert_log_message_value_by_name(msg, "merged", "mergedvalue"); g_ptr_array_foreach(context, (GFunc) log_msg_unref, NULL); g_ptr_array_free(context, TRUE); log_msg_unref(msg); }
static void assert_log_message_name_values_with_options(TestParserOptions *options, const gchar *input, TestNameValue *expected, gsize number_of_expected) { LogParser *parser = create_parser(options); LogMessage *msg = parse_str_into_log_message(parser, input); for (int i=0; i < number_of_expected; i++) assert_log_message_value_by_name(msg, expected[i].name, expected[i].value); log_msg_unref(msg); destroy_parser(parser); }
static void test_kv_parser_audit(void) { LogMessage *msg; msg = parse_kv_into_log_message("type=EXECVE msg=audit(1436899154.146:186135): argc=6 a0=\"modprobe\" a1=\"--set-version=3.19.0-22-generic\" a2=\"--ignore-install\" a3=\"--quiet\" a4=\"--show-depends\" a5=\"sata_sis\""); assert_log_message_value_by_name(msg, "type", "EXECVE"); assert_log_message_value_by_name(msg, "msg", "audit(1436899154.146:186135):"); assert_log_message_value_by_name(msg, "argc", "6"); assert_log_message_value_by_name(msg, "a0", "modprobe"); assert_log_message_value_by_name(msg, "a1", "--set-version=3.19.0-22-generic"); assert_log_message_value_by_name(msg, "a2", "--ignore-install"); assert_log_message_value_by_name(msg, "a3", "--quiet"); assert_log_message_value_by_name(msg, "a4", "--show-depends"); assert_log_message_value_by_name(msg, "a5", "sata_sis"); log_msg_unref(msg); msg = parse_kv_into_log_message("type=LOGIN msg=audit(1437419821.034:2972): pid=4160 uid=0 auid=0 ses=221 msg='op=PAM:session_close acct=\"root\" exe=\"/usr/sbin/cron\" hostname=? addr=? terminal=cron res=success'"); assert_log_message_value_by_name(msg, "type", "LOGIN"); /* assert_log_message_value_by_name(msg, "msg", "audit(1437419821.034:2972):"); */ assert_log_message_value_by_name(msg, "pid", "4160"); assert_log_message_value_by_name(msg, "uid", "0"); assert_log_message_value_by_name(msg, "auid", "0"); assert_log_message_value_by_name(msg, "ses", "221"); assert_log_message_value_by_name(msg, "msg", "op=PAM:session_close acct=\"root\" exe=\"/usr/sbin/cron\" hostname=? addr=? terminal=cron res=success"); log_msg_unref(msg); }