Improved the cisco aci processor with the following changes:

1) simplified grok parsing
2) removed complex logic used to detected event and error messages
3) fixed broken parsing of the device hostname sending logs
4) tmp.rule does NOT rapresent an username , it's instead the even.reason as described by cisco, - The action or condition that caused the event, such as a component failure or a threshold crossing.


sample messages used for testing

```
<186>Dec 08 21:20:20.614 ABC-DCA-NPRD-ACILEF-104 %LOG_LOCAL7-2-SYSTEM_MSG [F0532][raised][interface-physical-down][critical][sys/phys-[eth1/47]/phys/fault-F0532] Port is down, reason being suspended(no LACP PDUs)(connected), used by EPG on node 104 of fabric ACI Fabric1 with hostname CLS-DCE-NPRD-ACILEF-10

<190>Nov 24 18:20:53.237 ABC-DCB-ACIAPC-003 %LOG_LOCAL7-6-SYSTEM_MSG [E4206143][transition][info][fwrepo/fw-aci-apic-dk9.5.2.6e] Firmware aci-apic-dk9.5.2.6e created
```

fixed mistake where error_message was used instead of [tmp][error_message]

Fault isn't a valid value for the field event.kind according to ECS - https://www.elastic.co/guide/en/ecs/8.5/ecs-allowed-values-event-kind.html

use "alert" instead of fault

don't save a field with no value. -SYSTEM_MS is always there and not providing any meaning information.

…switches/datacenter/aci/apic/sw/all/syslog/guide/b_ACI_System_Messages_Guide/m-aci-system-messages-reference.html . Json lookup table needs to be expanded

let's not forget lookup table

restore observer name clean up as that depends on the input pipeline not on ACI itself

full fault codes updated

use newer dictionary