diff options
| author | Timo Sigurdsson <public_timo.s@silentcreek.de> | 2020-10-11 03:25:37 +0300 |
|---|---|---|
| committer | Timo Sigurdsson <public_timo.s@silentcreek.de> | 2020-10-11 03:25:37 +0300 |
| commit | 15799cf57e28e60ce87b11b5a40565da8ccdb26a (patch) | |
| tree | 209dba852e8619f01df76dfa5f52838110142326 /include/tests_tooling | |
| parent | b069d4cda80b737d774a5475a4b73a453957ede3 (diff) | |
Add test for Suricata IDS/IPS
Commit 94e0a4e added a test for the Suricata binary, but the result appears to
be used nowhere. Add a proper test for an active Suricata daemon in the
IDS/IPS tooling section.
Signed-off-by: Timo Sigurdsson <public_timo.s@silentcreek.de>
Diffstat (limited to 'include/tests_tooling')
| -rw-r--r-- | include/tests_tooling | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/include/tests_tooling b/include/tests_tooling index 7fed8460..c70ac847 100644 --- a/include/tests_tooling +++ b/include/tests_tooling @@ -373,6 +373,33 @@ # ################################################################################# # + # Test : TOOL-5130 + # Description : Check for Suricata + Register --test-no TOOL-5130 --weight L --network NO --category security --description "Check for active Suricata daemon" + if [ ${SKIPTEST} -eq 0 ]; then + # Suricata presence + if [ -n "${SURICATABINARY}" ]; then + Report "ids_ips_tooling[]=suricata" + LogText "Result: Suricata is installed (${SURICATABINARY})" + # Suricata status + # Suricata sets its process name to Suricata-Main on Linux, but this might differ on other platforms, + # so fall back to checking the full commandline instead if the first test fails + if IsRunning "Suricata-Main" || IsRunning --full "${SURICATABINARY} "; then + # Only satisfy test TOOL-5190 if Suricata is actually running + IDS_IPS_TOOL_FOUND=1 + LogText "Result: Suricata daemon is active" + Display --indent 2 --text "- Checking Suricata status" --result "${STATUS_RUNNING}" --color GREEN + else + LogText "Result: Suricata daemon not active" + Display --indent 2 --text "- Checking Suricata status" --result "${STATUS_NOT_RUNNING}" --color YELLOW + fi + else + LogText "Result: Suricata not installed (suricata not found)" + fi + fi +# +################################################################################# +# # Test : TOOL-5160 # Description : Check for OSSEC Register --test-no TOOL-5126 --weight L --network NO --category security --description "Check for active OSSEC daemon" |