diff --git a/pytest_splunk_addon/standard_lib/requirement_tests/test_generator.py b/pytest_splunk_addon/standard_lib/requirement_tests/test_generator.py index c99a0367..676daeb5 100644 --- a/pytest_splunk_addon/standard_lib/requirement_tests/test_generator.py +++ b/pytest_splunk_addon/standard_lib/requirement_tests/test_generator.py @@ -97,7 +97,7 @@ def strip_syslog_header(self, raw_event): stripped_header = regex_rfc5424.group(3) return stripped_header regex_rfc3164 = re.search( - r"([A-Z][a-z][a-z]\s{1,2}\d{1,2}\s\d{2}[:]\d{2}[:]\d{2})\s+([\w][\w\d\.@-]*)\s(.*)$", + r"([A-Z][a-z][a-z]\s{1,2}\d{1,2}\s\d{2}[:]\d{2}[:]\d{2})\s+([\w][\w\d\.@-]*)\s\w*:?(.*)$", raw_event, ) if regex_rfc3164: diff --git a/tests/unit/tests_standard_lib/test_requirement_tests/test_test_generator.py b/tests/unit/tests_standard_lib/test_requirement_tests/test_test_generator.py index 14c11441..034b759f 100644 --- a/tests/unit/tests_standard_lib/test_requirement_tests/test_test_generator.py +++ b/tests/unit/tests_standard_lib/test_requirement_tests/test_test_generator.py @@ -106,7 +106,7 @@ def test_extract_params(): ["requirement.log"], [True], ["syslog"], - {"event": ["<34>Oct 11 22:14:15 machine1 event_1"]}, + {"event": ["<34>Oct 11 22:14:15 machine1 pr1:event_1"]}, [["model_1:dataset_1", "model_2:dataset_2"]], [{"field1": "value1", "field2": "value2"}, {"field3": "value3"}], [