Cleanup of debug cruft in tests

* Clean tests to remvoe debug statements
CSVD · Mar 8, 2020 · 6c25e80 · 6c25e80
1 parent 2ed9aab
commit 6c25e80
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 9 deletions.
diff --git a/package/etc/conf.d/filters/cisco/ucm.conf b/package/etc/conf.d/filters/cisco/ucm.conf
@@ -21,8 +21,8 @@ parser p_cisco_ucm_date {
         if {
             parser {
                 date-parser(format(
-                    '%b %d %Y %l:%M:%S %p.%f',
-                    '%b %d %H:%M:%S.%f'
+                    '%b %d %H:%M:%S.%f',
+                    '%b %d %Y %I:%M:%S %p.%f'
                     )
                     template("$3")
                     flags(guess-timezone)

diff --git a/package/etc/conf.d/log_paths/lp-cisco_ucm.conf.tmpl b/package/etc/conf.d/log_paths/lp-cisco_ucm.conf.tmpl
@@ -44,7 +44,6 @@ log {
 
     rewrite {
         set("cisco_ucm", value("fields.sc4s_vendor_product"));
-        set("$S_UNIXTIME.$S_MSEC", value("fields.sc4s_time"));
         r_set_splunk_dest_default(sourcetype("cisco:ucm"), index("main"))
     };
     parser {p_add_context_splunk(key("cisco_ucm")); };

diff --git a/tests/test_cisco_ise.py b/tests/test_cisco_ise.py
@@ -49,7 +49,7 @@ def test_cisco_ise_multi(record_property, setup_wordlist, setup_splunk, setup_sc
     message = mt.render(mark="<111>", bsd=bsd, host=host, date=date, time=time, tzoffset=tzoffset)
     sendsingle(message, setup_sc4s[0], setup_sc4s[1][514])
 
-    st = env.from_string("search _time={{ epoch }} index=netauth host=\"{{ host }}\" sourcetype=\"cisco:ise:syslog\"")
+    st = env.from_string("search _time={{ epoch }} index=netauth host=\"{{ host }}\" sourcetype=\"cisco:ise:syslog\" LicenseTypes=1")
     search = st.render(epoch=epoch, host=host)
 
     resultCount, eventCount = splunk_single(setup_splunk, search)

diff --git a/tests/test_cisco_ucm.py b/tests/test_cisco_ucm.py
@@ -31,7 +31,7 @@ def test_cisco_ucm_nohost_auditlog(record_property, setup_wordlist, setup_splunk
 
     mt = env.from_string(
         "{{ mark }}8103: {{ ucm_time }} {{ tzname }} : %UC_AUDITLOG-5-AdministrativeEvent: %[ UserID =administrator][ ClientAddress =192.168.1.1][ Severity =5][ EventType =GeneralConfigurationUpdate][ ResourceAccessed=CUCMAdmin][ EventStatus =Success][ CompulsoryEvent =No][ AuditCategory =AdministrativeEvent][ ComponentID =Cisco CUCM Administration][ AuditDetails =record in table device, with key field name = SEP0000311107A5 deleted][App ID=Cisco Tomcat][Cluster ID=][Node ID={{ host }}]: Audit Event is generated by this application\n")
-    message = mt.render(mark="<189>", tzname=tzname, ucm_time=ucm_time, host=host, epoch=epoch)
+    message = mt.render(mark="<189>", tzname=tzname, ucm_time=ucm_time, host=host)
     sendsingle(message, setup_sc4s[0], setup_sc4s[1][514])
 
     st = env.from_string(
@@ -60,8 +60,8 @@ def test_cisco_ucm_nohost_rtmt(record_property, setup_wordlist, setup_splunk, se
     epoch = epoch[:-3]
 
     mt = env.from_string(
-        "{{ mark }}17: {{ ucm_time }} {{ tzname }} : %UC_AUDITLOG-5-AdministrativeEvent: %[ UserID =administrator][ ClientAddress =10.1.1.1][ Severity =5][ EventType =GeneralConfigurationUpdate][ ResourceAccessed=CUCMAdmin][ EventStatus =Success][ CompulsoryEvent =No][ AuditCategory =AdministrativeEvent][ ComponentID =Cisco CUCM Administration][ AuditDetails =record in table device, with key field name = SEP0000311107A5 deleted][App ID=Cisco Tomcat][Cluster ID=][Node ID={{ host }}]: Audit Event is generated by this application {{ ucm_time }} {{ epoch }}\n")
-    message = mt.render(mark="<189>", ucm_time=ucm_time, tzname=tzname, host=host, epoch=epoch)
+        "{{ mark }}17: {{ ucm_time }} {{ tzname }} : %UC_AUDITLOG-5-AdministrativeEvent: %[ UserID =administrator][ ClientAddress =10.1.1.1][ Severity =5][ EventType =GeneralConfigurationUpdate][ ResourceAccessed=CUCMAdmin][ EventStatus =Success][ CompulsoryEvent =No][ AuditCategory =AdministrativeEvent][ ComponentID =Cisco CUCM Administration][ AuditDetails =record in table device, with key field name = SEP0000311107A5 deleted][App ID=Cisco Tomcat][Cluster ID=][Node ID={{ host }}]: Audit Event is generated by this application\n")
+    message = mt.render(mark="<189>", ucm_time=ucm_time, tzname=tzname, host=host)
     sendsingle(message, setup_sc4s[0], setup_sc4s[1][514])
 
     st = env.from_string(
@@ -122,8 +122,8 @@ def test_cisco_ucm_nohost_alert(record_property, setup_wordlist, setup_splunk, s
     epoch = epoch[:-3]
 
     mt = env.from_string(
-        "{{ mark }}17: {{ ucm_time }} {{ tzname }} : %CCM_RTMT-RTMT-2-RTMT-ERROR-ALERT: RTMT Alert Name:SyslogSeverityMatchFound Detail: At Tue Apr 21 14:01:35 CDT 2009 on node {{ host }}, the following SyslogSeverityMatchFound events generated: SeverityMatch - Critical ntpRunningStatus.sh: NTP server 10.12.254.33 is inactive. Verify the network to this server, that it is a NTPv4 server and is operational. SeverityMatch - Alert sshd(pam_unix)[20038]: check pass; user unknown App ID:Cisco AMC Service Cluster ID: Node ID:{{host}} {{ ucm_time }} {{ epoch }}\n")
-    message = mt.render(mark="<189>", epoch=epoch, ucm_time=ucm_time, host=host)
+        "{{ mark }}17: {{ ucm_time }} {{ tzname }} : %CCM_RTMT-RTMT-2-RTMT-ERROR-ALERT: RTMT Alert Name:SyslogSeverityMatchFound Detail: At Tue Apr 21 14:01:35 CDT 2009 on node {{ host }}, the following SyslogSeverityMatchFound events generated: SeverityMatch - Critical ntpRunningStatus.sh: NTP server 10.12.254.33 is inactive. Verify the network to this server, that it is a NTPv4 server and is operational. SeverityMatch - Alert sshd(pam_unix)[20038]: check pass; user unknown App ID:Cisco AMC Service Cluster ID: Node ID:{{host}}\n")
+    message = mt.render(mark="<189>", ucm_time=ucm_time, host=host)
     sendsingle(message, setup_sc4s[0], setup_sc4s[1][514])
 
     st = env.from_string(