test(parser): add noisy auth fixture matrix by stacknil · Pull Request #58 · stacknil/LogLens

stacknil · 2026-06-14T11:41:44Z

Summary

add a sanitized noisy syslog auth sample with malformed timestamps, unsupported sshd lines, partial PAM lines, sudo denial variants, blank/irrelevant lines, mixed hostnames, and unusual synthetic usernames
add a locked parser-matrix expected JSON for parser quality fields and warning visibility
add parser/report tests proving parsed/unparsed counts, stable top_unknown_patterns, report.json parse_success_rate, and zero findings from unsupported lines
document how reviewers should read noisy parser coverage in docs/parser-coverage-notes.md

cmake --build build --config Debug --target test_parser
cmake --build build --config Debug --target test_report
ctest --test-dir build -C Debug -R "parser|report" --output-on-failure
cmake --build build --config Debug
ctest --test-dir build -C Debug --output-on-failure
loglens --mode syslog --year 2026 assets/noisy_auth_sample.log build/noisy_auth_report_check
git diff --check main...HEAD
diff scans for local paths, secret assignment patterns, private-key markers, and non-documentation IP addresses

Fixture data uses synthetic hostnames/usernames and 203.0.113.x documentation addresses.
Unsupported lines remain parser warnings/telemetry and do not become detector findings.
No parser behavior or detector mapping changes.

test(parser): add noisy auth fixture matrix

fa5822e

stacknil force-pushed the stacknil/loglens-noisy-auth-fixture-matrix branch from c73901f to fa5822e Compare June 14, 2026 11:45

stacknil merged commit c4c4e82 into main Jun 14, 2026
7 checks passed

stacknil deleted the stacknil/loglens-noisy-auth-fixture-matrix branch June 14, 2026 11:49