def test_match(self): rule = idstools.rule.parse(self.rule_string, "rules/trojan.rules") matcher = rulecat.parse_rule_match("trojan.rules") self.assertEquals( matcher.__class__, idstools.scripts.rulecat.FilenameMatcher) self.assertTrue(matcher.match(rule))
def test_match(self): rule = idstools.rule.parse(self.rule_string, "rules/trojan.rules") matcher = rulecat.parse_rule_match("trojan.rules") self.assertEqual(matcher.__class__, idstools.scripts.rulecat.FilenameMatcher) self.assertTrue(matcher.match(rule))
def test_match(self): rule = idstools.rule.parse(self.rule_string, "rules/malware.rules") matcher = rulecat.parse_rule_match("group: */malware.rules") self.assertEquals( matcher.__class__, idstools.scripts.rulecat.GroupMatcher) self.assertTrue(matcher.match(rule))
def test_match(self): rule = idstools.rule.parse(self.rule_string, "rules/malware.rules") matcher = rulecat.parse_rule_match("group: */malware.rules") self.assertEqual(matcher.__class__, idstools.scripts.rulecat.GroupMatcher) self.assertTrue(matcher.match(rule))