package org.araqne.logparser.syslog.forescout; import static org.junit.Assert.assertEquals; import java.util.HashMap; import java.util.Map; import org.junit.Test; public class CounterActLogParserTest { @Test public void testSample() { String line = "NAC-HELLO[19573]: NAC Policy Log: Source: 1.2.3.4, Rule: Policy \"룰\" , Details: Host cleared from policy. Status was \"상태\". Reason: Host identity changed."; HashMap<String, Object> log = new HashMap<String, Object>(); log.put("line", line); CounterActLogParser p = new CounterActLogParser(); Map<String, Object> m = p.parse(log); assertEquals("HELLO", m.get("nac_name")); assertEquals("NAC Policy Log", m.get("nac_log_type")); assertEquals("Policy \"룰\"", m.get("nac_rule")); } @Test public void testSample2() { String line = "Jul 13 15:50:01 HOHO desc"; HashMap<String, Object> log = new HashMap<String, Object>(); log.put("line", line); CounterActLogParser p = new CounterActLogParser(); Map<String, Object> m = p.parse(log); assertEquals("Jul 13 15:50:01", m.get("time")); assertEquals("HOHO", m.get("nac_name")); assertEquals("desc", m.get("description")); } @Test public void testSample3() { String line = "NAC-BYE[10870]: Block Event: Host: 1.2.3.4, Target: 5.6.7.8, Time 1437628591, Service: 1111/TCP, Is Virtual Firewall blocking rule: true, Reason: Virtual Firewall - Limit Inbound"; HashMap<String, Object> log = new HashMap<String, Object>(); log.put("line", line); CounterActLogParser p = new CounterActLogParser(); Map<String, Object> m = p.parse(log); assertEquals("BYE", m.get("nac_name")); } }