Minor fixup to Cisco ACS single message search

* Remove "| head 11" from ACS single message search
CSVD · Feb 21, 2020 · b225374 · b225374
1 parent acb87bd
commit b225374
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/tests/test_cisco_acs.py b/tests/test_cisco_acs.py
@@ -60,7 +60,7 @@ def test_cisco_acs_single(record_property, setup_wordlist, setup_splunk, setup_s
 
     sendsingle(message, setup_sc4s[0], setup_sc4s[1][514])
 
-    st = env.from_string("search _time={{ epoch }} index=netauth host=\"{{ host }}\" sourcetype=\"cisco:acs\" | head 11")
+    st = env.from_string("search _time={{ epoch }} index=netauth host=\"{{ host }}\" sourcetype=\"cisco:acs\"")
     search = st.render(host=host, epoch=epoch)
 
     resultCount, eventCount = splunk_single(setup_splunk, search)