From 5eb1d150edba0ef4872fb9217621139eaf0d45ed Mon Sep 17 00:00:00 2001
From: rfaircloth-splunk <rfaircloth@splunk.com>
Date: Fri, 13 Mar 2020 16:09:42 -0400
Subject: [PATCH 1/3] All numeric host under certain option conditions

---
 package/etc/conf.d/filters/cisco/cisco_syslog.conf | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/package/etc/conf.d/filters/cisco/cisco_syslog.conf b/package/etc/conf.d/filters/cisco/cisco_syslog.conf
index 1f2d7a2..3d873b3 100644
--- a/package/etc/conf.d/filters/cisco/cisco_syslog.conf
+++ b/package/etc/conf.d/filters/cisco/cisco_syslog.conf
@@ -41,12 +41,12 @@ parser cisco-parser-ex{
             set(
                 "${4}",
                 value("HOST")                
-                condition(match('..' value('4')))
+                condition(not match('^\d+$', value('4')) and match('^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$|^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$' value('4')))
             );            
             set(
                 "${13}",
                 value("HOST")                
-                condition(match('..' value('13')))
+                condition(not match('^\d+$', value('13')) and match('^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])$|^(([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9\-]*[a-zA-Z0-9])\.)*([A-Za-z0-9]|[A-Za-z0-9][A-Za-z0-9\-]*[A-Za-z0-9])$' value('13')))
             );                        
             set(        
                 "${15}",

From 92eaf86303f109a14a6dd44f5eb6c16ae0ad22a2 Mon Sep 17 00:00:00 2001
From: rfaircloth-splunk <rfaircloth@splunk.com>
Date: Mon, 23 Mar 2020 20:08:08 -0400
Subject: [PATCH 2/3] Update config.yml

---
 .circleci/config.yml | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index c95a1bd..c5f7e4a 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -243,21 +243,21 @@ workflows:
   build_test:
     jobs:
       - test-sc4s-3-25-1-splunk-8-0:
-          filters:
-            branches:
-              only: /.*/
+#          filters:
+#            branches:
+#              only: /.*/
       - test-sc4s-master-splunk-8-0:
-          filters:
-            branches:
-              only: /.*/
+#          filters:
+#            branches:
+#              only: /.*/
       - test-sc4s-3-25-1-splunk-7-3:
-          filters:
-            branches:
-              only: /.*/
+ #         filters:
+ #           branches:
+ #             only: /.*/
       - test-sc4s-3-25-1-splunk-7-2:
-          filters:
-            branches:
-              only: /.*/
+ #         filters:
+ #           branches:
+ #             only: /.*/
       - approval-tag-alpha:
           type: approval
           filters:

From ff1d043b879d0fee424079e2b68f2bf046feda3b Mon Sep 17 00:00:00 2001
From: rfaircloth-splunk <rfaircloth@splunk.com>
Date: Mon, 23 Mar 2020 20:09:14 -0400
Subject: [PATCH 3/3] Update config.yml

---
 .circleci/config.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.circleci/config.yml b/.circleci/config.yml
index c5f7e4a..aad5ff8 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -242,19 +242,19 @@ workflows:
   version: 2
   build_test:
     jobs:
-      - test-sc4s-3-25-1-splunk-8-0:
+      - test-sc4s-3-25-1-splunk-8-0
 #          filters:
 #            branches:
 #              only: /.*/
-      - test-sc4s-master-splunk-8-0:
+      - test-sc4s-master-splunk-8-0
 #          filters:
 #            branches:
 #              only: /.*/
-      - test-sc4s-3-25-1-splunk-7-3:
+      - test-sc4s-3-25-1-splunk-7-3
  #         filters:
  #           branches:
  #             only: /.*/
-      - test-sc4s-3-25-1-splunk-7-2:
+      - test-sc4s-3-25-1-splunk-7-2
  #         filters:
  #           branches:
  #             only: /.*/