summaryrefslogtreecommitdiff
path: root/qa/378.out
blob: 7dfa32891655961cf6455ba73fb1be36714d742f (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86

QA output created by 378
just one archive (kenj-pc-1) ...
pmie: timezone set to local timezone of host kenj-pc
print Sun Feb  8 13:02:00 2004: kenj-pc: 1.51
print Sun Feb  8 13:05:00 2004: kenj-pc: 1.71
print Sun Feb  8 13:23:00 2004: kenj-pc: 2.23
print Sun Feb  8 13:24:00 2004: kenj-pc: 2.17
print Sun Feb  8 13:25:00 2004: kenj-pc: 1.68
print Sun Feb  8 13:39:00 2004: kenj-pc: 2.08
print Sun Feb  8 14:47:00 2004: kenj-pc: 1.71
print Sun Feb  8 14:48:00 2004: kenj-pc: 1.52
print Sun Feb  8 14:49:00 2004: kenj-pc: 1.81
print Sun Feb  8 14:50:00 2004: kenj-pc: 1.55
print Sun Feb  8 14:52:00 2004: kenj-pc: 1.81
print Sun Feb  8 15:15:00 2004: kenj-pc: 1.85
print Sun Feb  8 15:16:00 2004: kenj-pc: 1.56
print Sun Feb  8 15:17:00 2004: kenj-pc: 1.53

expect error as same host ...
pmie: Error: archive src/kenj-pc-2 not legal - archive src/kenj-pc-1 is already open for host kenj-pc

other archive (naslog) ...
pmie: timezone set to local timezone of host snort
print Thu Apr  8 16:12:00 2004: snort: 3.27
print Thu Apr  8 16:13:00 2004: snort: 2.87
print Thu Apr  8 16:14:00 2004: snort: 3.17
print Thu Apr  8 16:15:00 2004: snort: 2.83
print Thu Apr  8 16:16:00 2004: snort: 3.04
print Thu Apr  8 16:17:00 2004: snort: 2.11

and now together kenj-pc-1 first ...
pmie: timezone set to local timezone of host kenj-pc
print Sun Feb  8 13:02:00 2004: kenj-pc: 1.51
print Sun Feb  8 13:05:00 2004: kenj-pc: 1.71
print Sun Feb  8 13:23:00 2004: kenj-pc: 2.23
print Sun Feb  8 13:24:00 2004: kenj-pc: 2.17
print Sun Feb  8 13:25:00 2004: kenj-pc: 1.68
print Sun Feb  8 13:39:00 2004: kenj-pc: 2.08
print Sun Feb  8 14:47:00 2004: kenj-pc: 1.71
print Sun Feb  8 14:48:00 2004: kenj-pc: 1.52
print Sun Feb  8 14:49:00 2004: kenj-pc: 1.81
print Sun Feb  8 14:50:00 2004: kenj-pc: 1.55
print Sun Feb  8 14:52:00 2004: kenj-pc: 1.81
print Sun Feb  8 15:15:00 2004: kenj-pc: 1.85
print Sun Feb  8 15:16:00 2004: kenj-pc: 1.56
print Sun Feb  8 15:17:00 2004: kenj-pc: 1.53

and now together naslog first ...
pmie: timezone set to local timezone of host snort
print Thu Apr  8 16:12:00 2004: snort: 3.27
print Thu Apr  8 16:13:00 2004: snort: 2.87
print Thu Apr  8 16:14:00 2004: snort: 3.17
print Thu Apr  8 16:15:00 2004: snort: 2.83
print Thu Apr  8 16:16:00 2004: snort: 3.04
print Thu Apr  8 16:17:00 2004: snort: 2.11

two rules, host-specific (naslog first) ...
pmie: timezone set to local timezone of host snort
print Sun Feb  8 13:02:00 2004: kenj-pc: 1.51
print Sun Feb  8 13:05:00 2004: kenj-pc: 1.71
print Sun Feb  8 13:23:00 2004: kenj-pc: 2.23
print Sun Feb  8 13:24:00 2004: kenj-pc: 2.17
print Sun Feb  8 13:25:00 2004: kenj-pc: 1.68
print Sun Feb  8 13:39:00 2004: kenj-pc: 2.08
print Sun Feb  8 14:47:00 2004: kenj-pc: 1.71
print Sun Feb  8 14:48:00 2004: kenj-pc: 1.52
print Sun Feb  8 14:49:00 2004: kenj-pc: 1.81
print Sun Feb  8 14:50:00 2004: kenj-pc: 1.55
print Sun Feb  8 14:52:00 2004: kenj-pc: 1.81
print Sun Feb  8 15:15:00 2004: kenj-pc: 1.85
print Sun Feb  8 15:16:00 2004: kenj-pc: 1.56
print Sun Feb  8 15:17:00 2004: kenj-pc: 1.53
print Thu Apr  8 16:12:00 2004: snort: 3.27
print Thu Apr  8 16:13:00 2004: snort: 2.87
print Thu Apr  8 16:14:00 2004: snort: 3.17
print Thu Apr  8 16:15:00 2004: snort: 2.83
print Thu Apr  8 16:16:00 2004: snort: 3.04
print Thu Apr  8 16:17:00 2004: snort: 2.11

and now with some_host ... only one value ever available, so >
condition is always false and some_host never gets a chance
... expect no output
pmie: timezone set to local timezone of host snort

... and it does not matter which order the archives are given
pmie: timezone set to local timezone of host kenj-pc
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-21 11:36:36 +0000