feat(#3792): add new timestamp case for pre-decoding tests

* feat(#3792): test case with milisecond timestamp * docs(#3792): update changelog.md * style(#3792): remove redundant quotes
wazuh · Mar 2, 2023 · 5d988ea · 5d988ea
1 parent 8ae6c9c
commit 5d988ea
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -9,6 +9,7 @@ Release report: TBD
 
 ### Added
 
+- Add Logcollector millisecond granularity support test case ([#3910](https://github.com/wazuh/wazuh-qa/pull/3910)) \- (Tests)
 - Add Windows System folders FIM monitoring tests ([#3720](https://github.com/wazuh/wazuh-qa/pull/3720)) \- (Tests)
 - Add 'test_whodata_policy_changes' tests ([#3627](https://github.com/wazuh/wazuh-qa/pull/3627)) \- (Framework + Tests)
 - Add test to check if active-response netsh generates alerts when firewall is disabled. ([#3787](https://github.com/wazuh/wazuh-qa/pull/3787)) \- (Framework + Tests)

diff --git a/tests/integration/test_analysisd/test_predecoder_stage/data/syslog_socket_input.yaml b/tests/integration/test_analysisd/test_predecoder_stage/data/syslog_socket_input.yaml
@@ -108,3 +108,15 @@
         "Mär 02 17:30:52 linux-agent sshd[29205]: Invalid user blimey from
         18.18.18.18 port 48928", "token": "21218e6b"}}
       output: '{"program_name":"sshd","timestamp":"Mär 02 17:30:5"}'
+
+-
+  name: Syslog syslog-ng OSE date format
+  description: Check valid input
+  test_case:
+    - input: >-
+        {"version": 1, "origin": {"name": "wazuh-logtest", "module":
+        "wazuh-logtest"}, "command": "log_processing", "parameters":
+        {"location":"master->/var/log/syslog", "log_format": "syslog", "event":
+        "2022-12-20T15:02:53.123+00:00 localhost sshd[25474]: Accepted password for
+        rromero from 192.168.1.133 port 49765 ssh2", "token": "21218e6b"}}
+      output: '{"program_name":"sshd","timestamp":"2022-12-20T15:02:53.123+00:00"}'