1234567891011121314151617181920212223242526272829303132333435363738 |
- use strict;
- use warnings;
- use lib 'lib';
- use Test::More;
- use Test::Deep;
- use Audit::Log;
- use List::Util 1.45 qw{uniq};
- my $parser = Audit::Log->new('t/audit.log','name','type','nametype','line','timestamp', 'cwd', 'exe', 'comm');
- my $rows = $parser->search( type => qr/path/i, nametype => qr/create|delete/i, name => qr/^backups\/[^\.]/, key => qr/backupwatch/, older => 1642448670, newer => 1642441403 );
- my $expected = [
- {
- 'line' => 3,
- 'timestamp' => '1642441406.575',
- 'type' => 'PATH',
- 'nametype' => 'CREATE',
- 'name' => 'backups/test.txt',
- 'cwd' => '/testpath',
- 'exe' => '/usr/bin/touch',
- 'comm' => 'touch',
- },
- {
- 'type' => 'PATH',
- 'timestamp' => '1642441412.975',
- 'line' => 8,
- 'name' => 'backups/testme.txt',
- 'nametype' => 'DELETE',
- 'cwd' => '/testpath',
- 'exe' => '/usr/bin/rm',
- 'comm' => 'rm',
- }
- ];
- is_deeply($rows,$expected,"Parser works as expected");
- done_testing();
|