Support comments in logstash-filter-verifier test config files

[infosecdr]

Not an issue, but a request...

As noted in the known limitations, JSON has a number of readability and writability limitations for humans. The one that's causing my team the most trouble currently is lack of support for comments as we want to add notes about each test input (such as the cases it covers and a description of expected behavior) and above each group of test inputs.

We don't really case if the solution is to support YAML-base test files or somehow supporting comments with the JSON, but supporting comments would be really nice.

Haven't tried it out, but JSON5 ( https://json5.org/ ) might be a good solution. A group of people extended JSON for human-friendliness, including support for C++ style comments and have provided tools/libraries including one to down-convert.

[matejzero]

You can use ‘description’ key if you are using testcases array. More info on https://github.com/magnusbaeck/logstash-filter-verifier/blob/master/README.md#test-case-file-reference

Also look at issues for example by breml.

[matejzero]

Snippet:

  "testcases": [
    {
      "description": "SSHD test",
      "input": [
        "Jun  1 01:02:03 testhost sshd[12345]: Accepted publickey for root from 1.2.3.10 port 12345 ssh2: RSA eb:23:64"
      ],
      "expected": [
        {
          "@timestamp": "2018-06-01T01:02:03.000Z",
          "timestamp": "Jun  1 01:02:03",
          "host": "testhost",
          "program": "sshd",
          "type": "sshd",
          "message": "Accepted publickey for root from 1.2.3.10 port 12345 ssh2: RSA eb:23:64",
          "tags": [
            "_grok_syslog_prefilter_success",
            "save_to_logfile",
            "_grok_sshd_nomatch",
            "_geoip_lookup_failure"
          ]
        }
      ]
    },

[magnusbaeck]

I think the description key and the newly merged YAML support (PR #70) is good enough, making support for JSON comments superfluous.