#!/bin/sh
# Author: Sascha Steinbiss <satta@debian.org>
set -e

ORIGDIR=$(pwd)
DATADIR=$ORIGDIR/debian/tests/
WORKDIR=$(mktemp -d)

trap "rm -rf $WORKDIR" 0 INT QUIT ABRT PIPE TERM
cd $WORKDIR

systemctl start vast || journalctl -u vast
sleep 5

# check if VAST executable works
vast version

# check if VAST server can be connected to
vast status

# import/export and check if data is returned
vast --verbosity=debug import suricata < $DATADIR/eve.json
vast --verbosity=debug export json 'event_type == "dns" && :timestamp < 2017-01-01' > out.json
grep event_type out.json

# show log file
tail /var/log/vast/server.log

systemctl stop vast
