/** * Copyright (c) 2014-present, Facebook, Inc. * All rights reserved. * * This source code is licensed in accordance with the terms specified in * the LICENSE file found in the root directory of this source tree. */ // Sanity check integration test for windows_events // Spec file: specs/windows/windows_events.table #include namespace osquery { namespace table_tests { class windowsEvents : public testing::Test { protected: void SetUp() override { setUpEnvironment(); } }; TEST_F(windowsEvents, test_sanity) { // 1. Query data auto const data = execute_query("select * from windows_events"); // 2. Check size before validation // ASSERT_GE(data.size(), 0ul); // ASSERT_EQ(data.size(), 1ul); // ASSERT_EQ(data.size(), 0ul); // 3. Build validation map // See helper.h for avaialbe flags // Or use custom DataCheck object // ValidationMap row_map = { // {"time", IntType} // {"datetime", NormalType} // {"source", NormalType} // {"provider_name", NormalType} // {"provider_guid", NormalType} // {"eventid", IntType} // {"task", IntType} // {"level", IntType} // {"keywords", IntType} // {"data", NormalType} // {"eid", NormalType} //} // 4. Perform validation // validate_rows(data, row_map); } } // namespace table_tests } // namespace osquery