component:
  - audit
  - rsyslog
framework: beakerlib
require:
  - library(audit/testing)
contact:
  - Ondrej Moris <omoris@redhat.com>
description: |+
    Test for syslog facility selection for audispd syslog plugin.

    Added ability for audispd syslog plugin to choose facility local0-7
    For the new feature allowing audisp-syslog plugin copy events to  facility
    local0-7, you would edit  /etc/audisp/plugins.d/syslog.conf so  that its
    active. You would also add a second option to the args line for  whichever
    facility you intended. You also might want to edit rsyslog's  configuration
    to put anything logged with the local facility into a  specific file for ease
    of testing. Then restart the audit daemon and  then look in the file rsyslog
    is sending it to.

duration: 15m
enabled: true
extra-nitrate: TC#0087192
extra-summary: /CoreOS/audit/Sanity/audisp-syslog-plugin
extra-task: /CoreOS/audit/Sanity/audisp-syslog-plugin
link:
  - relates: https://bugzilla.redhat.com/show_bug.cgi?id=1241634
  - relates: https://bugzilla.redhat.com/show_bug.cgi?id=1002660
  - relates: https://bugzilla.redhat.com/show_bug.cgi?id=1919878
  - relates: https://bugzilla.redhat.com/show_bug.cgi?id=667536
  - relates: https://bugzilla.redhat.com/show_bug.cgi?id=1497279
recommend:
  - audit
  - audispd-plugins
  - rsyslog
summary: Sanity of syslog audisp plugin
tag:
  - CI-Tier-1
  - TIPpass
  - TIPpass_Security
  - Tier1
  - Tier1security
test: ./runtest.sh
tier: '1'
name: /Sanity/audisp-syslog-plugin
order: 50
id:
path: /Sanity/audisp-syslog-plugin
manual: false
tty: false
environment: {}
result: respect
where:
check: []
restart-on-exit-code: []
restart-max-count: 1
restart-with-reboot: false
sources:
  - /var/tmp/tmt/run-017/Plans/general/discover/Downstream_audit_tests/tests/main.fmf
  - /var/tmp/tmt/run-017/Plans/general/discover/Downstream_audit_tests/tests/Sanity/audisp-syslog-plugin/main.fmf
context: {}