mirror of
https://github.com/valitydev/osquery-1.git
synced 2024-11-07 09:58:54 +00:00
57 lines
1.5 KiB
C++
57 lines
1.5 KiB
C++
/**
|
|
* Copyright (c) 2014-present, Facebook, Inc.
|
|
* All rights reserved.
|
|
*
|
|
* This source code is licensed in accordance with the terms specified in
|
|
* the LICENSE file found in the root directory of this source tree.
|
|
*/
|
|
|
|
// Sanity check integration test for process_file_events
|
|
// Spec file: specs/linux/process_file_events.table
|
|
|
|
#include <osquery/tests/integration/tables/helper.h>
|
|
|
|
namespace osquery {
|
|
namespace table_tests {
|
|
|
|
class processFileEvents : public testing::Test {
|
|
protected:
|
|
void SetUp() override {
|
|
setUpEnvironment();
|
|
}
|
|
};
|
|
|
|
TEST_F(processFileEvents, test_sanity) {
|
|
// 1. Query data
|
|
auto const data = execute_query("select * from process_file_events");
|
|
// 2. Check size before validation
|
|
// ASSERT_GE(data.size(), 0ul);
|
|
// ASSERT_EQ(data.size(), 1ul);
|
|
// ASSERT_EQ(data.size(), 0ul);
|
|
// 3. Build validation map
|
|
// See helper.h for avaialbe flags
|
|
// Or use custom DataCheck object
|
|
// ValidationMap row_map = {
|
|
// {"operation", NormalType}
|
|
// {"pid", IntType}
|
|
// {"ppid", IntType}
|
|
// {"time", IntType}
|
|
// {"executable", NormalType}
|
|
// {"partial", NormalType}
|
|
// {"cwd", NormalType}
|
|
// {"path", NormalType}
|
|
// {"dest_path", NormalType}
|
|
// {"uid", NormalType}
|
|
// {"gid", NormalType}
|
|
// {"euid", NormalType}
|
|
// {"egid", NormalType}
|
|
// {"uptime", IntType}
|
|
// {"eid", NormalType}
|
|
//}
|
|
// 4. Perform validation
|
|
// validate_rows(data, row_map);
|
|
}
|
|
|
|
} // namespace table_tests
|
|
} // namespace osquery
|