From 5d988ea54c431ae6d4a09770184253fae4e08c02 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andr=C3=A9s=20Carmelo=20Micalizzi?=
 <amicalizzi2005@gmail.com>
Date: Tue, 14 Feb 2023 06:29:37 -0300
Subject: [PATCH] feat(#3792): add new timestamp case for pre-decoding tests

* feat(#3792): test case with milisecond timestamp

* docs(#3792): update changelog.md

* style(#3792): remove redundant quotes
---
 CHANGELOG.md                                         |  1 +
 .../data/syslog_socket_input.yaml                    | 12 ++++++++++++
 2 files changed, 13 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index bc15566d43..3bbc92c99e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,6 +9,7 @@ Release report: TBD
 
 ### Added
 
+- Add Logcollector millisecond granularity support test case ([#3910](https://github.com/wazuh/wazuh-qa/pull/3910)) \- (Tests)
 - Add Windows System folders FIM monitoring tests ([#3720](https://github.com/wazuh/wazuh-qa/pull/3720)) \- (Tests)
 - Add 'test_whodata_policy_changes' tests ([#3627](https://github.com/wazuh/wazuh-qa/pull/3627)) \- (Framework + Tests)
 - Add test to check if active-response netsh generates alerts when firewall is disabled. ([#3787](https://github.com/wazuh/wazuh-qa/pull/3787)) \- (Framework + Tests)
diff --git a/tests/integration/test_analysisd/test_predecoder_stage/data/syslog_socket_input.yaml b/tests/integration/test_analysisd/test_predecoder_stage/data/syslog_socket_input.yaml
index a03d427694..b44ba13608 100644
--- a/tests/integration/test_analysisd/test_predecoder_stage/data/syslog_socket_input.yaml
+++ b/tests/integration/test_analysisd/test_predecoder_stage/data/syslog_socket_input.yaml
@@ -108,3 +108,15 @@
         "Mär 02 17:30:52 linux-agent sshd[29205]: Invalid user blimey from
         18.18.18.18 port 48928", "token": "21218e6b"}}
       output: '{"program_name":"sshd","timestamp":"Mär 02 17:30:5"}'
+
+-
+  name: Syslog syslog-ng OSE date format
+  description: Check valid input
+  test_case:
+    - input: >-
+        {"version": 1, "origin": {"name": "wazuh-logtest", "module":
+        "wazuh-logtest"}, "command": "log_processing", "parameters":
+        {"location":"master->/var/log/syslog", "log_format": "syslog", "event":
+        "2022-12-20T15:02:53.123+00:00 localhost sshd[25474]: Accepted password for
+        rromero from 192.168.1.133 port 49765 ssh2", "token": "21218e6b"}}
+      output: '{"program_name":"sshd","timestamp":"2022-12-20T15:02:53.123+00:00"}'