7 files changed, 31 insertions, 0 deletions

diff --git a/tests/testruns/1.parse1 b/tests/testruns/1.parse1
new file mode 100644
index 00000000..5ae655e6
--- /dev/null
+++ b/tests/testruns/1.parse1
@@ -0,0 +1,3 @@
+<167>Mar  6 16:57:54 172.20.245.8 %PIX-7-710005: UDP request discarded from SERVER1/2741 to test_app:255.255.255.255/61601
+167,local4,debug,Mar  6 16:57:54,172.20.245.8,%PIX-7-710005,%PIX-7-710005:, UDP request discarded from SERVER1/2741 to test_app:255.255.255.255/61601
+#Only the first two lines are important, you may place anything behind them!
diff --git a/tests/testruns/parser.conf b/tests/testruns/parser.conf
new file mode 100644
index 00000000..0fb7d16d
--- /dev/null
+++ b/tests/testruns/parser.conf
@@ -0,0 +1,9 @@
+$ModLoad ../plugins/omstdout/.libs/omstdout
+$ModLoad ../plugins/imudp/.libs/imudp
+$UDPServerRun 12514
+
+$ErrorMessagesToStderr off
+
+# use a special format that we can easily parse in expect
+$template expect,"%PRI%,%syslogfacility-text%,%syslogseverity-text%,%timestamp%,%hostname%,%programname%,%syslogtag%,%msg%\n"
+*.* :omstdout:;expect
diff --git a/tests/testruns/rfc3164.parse1 b/tests/testruns/rfc3164.parse1
new file mode 100644
index 00000000..e7a5fa18
--- /dev/null
+++ b/tests/testruns/rfc3164.parse1
@@ -0,0 +1,4 @@
+<34>Oct 11 22:14:15 mymachine su: 'su root' failed for lonvick on /dev/pts/8
+34,auth,crit,Oct 11 22:14:15,mymachine,su,su:, 'su root' failed for lonvick on /dev/pts/8
+#Example from RFC3164, section 5.4
+#Only the first two lines are important, you may place anything behind them!
diff --git a/tests/testruns/rfc5424-1.parse1 b/tests/testruns/rfc5424-1.parse1
new file mode 100644
index 00000000..23836c9f
--- /dev/null
+++ b/tests/testruns/rfc5424-1.parse1
@@ -0,0 +1,3 @@
+#Example from RFC5424, section 6.5 / sample 1
+<34>1 2003-10-11T22:14:15.003Z mymachine.example.com su - ID47 - BOM'su root' failed for lonvick on /dev/pts/8
+34,auth,crit,Oct 11 22:14:15,mymachine.example.com,,su,- BOM'su root' failed for lonvick on /dev/pts/8
diff --git a/tests/testruns/rfc5424-2.parse1 b/tests/testruns/rfc5424-2.parse1
new file mode 100644
index 00000000..a86fbc35
--- /dev/null
+++ b/tests/testruns/rfc5424-2.parse1
@@ -0,0 +1,4 @@
+<165>1 2003-08-24T05:14:15.000003-07:00 192.0.2.1 myproc 8710 - - %% It's time to make the do-nuts.
+165,local4,notice,Aug 24 05:14:15,192.0.2.1,,myproc[8710],- %% It's time to make the do-nuts.
+#Example from RFC5424, section 6.5 / sample 2
+#Only the first two lines are important, you may place anything behind them!
diff --git a/tests/testruns/rfc5424-3.parse1 b/tests/testruns/rfc5424-3.parse1
new file mode 100644
index 00000000..6ad4073d
--- /dev/null
+++ b/tests/testruns/rfc5424-3.parse1
@@ -0,0 +1,4 @@
+<165>1 2003-10-11T22:14:15.003Z mymachine.example.com evntslog - ID47 [exampleSDID@32473 iut="3" eventSource= "Application" eventID="1011"][examplePriority@32473 class="high"]
+165,local4,notice,Oct 11 22:14:15,mymachine.example.com,,evntslog,
+#Example from RFC5424, section 6.5 / sample 4
+#Only the first two lines are important, you may place anything behind them!
diff --git a/tests/testruns/rfc5424-4.parse1 b/tests/testruns/rfc5424-4.parse1
new file mode 100644
index 00000000..ecf27e14
--- /dev/null
+++ b/tests/testruns/rfc5424-4.parse1
@@ -0,0 +1,4 @@
+<165>1 2003-10-11T22:14:15.003Z mymachine.example.com evntslog - ID47 [exampleSDID@32473 iut="3" eventSource= "Application" eventID="1011"] BOMAn application event log entry...
+165,local4,notice,Oct 11 22:14:15,mymachine.example.com,,evntslog,BOMAn application event log entry...
+#Example from RFC5424, section 6.5 / sample 3
+#Only the first two lines are important, you may place anything behind them!