Minor Fixes in the plugin.

pytest_splunk_addon/standard_lib/index_tests/test_templates.py

@@ -185,11 +185,7 @@ def test_indextime_time(
         if splunk_indextime_time.get("identifier"):
             extra_filter = splunk_indextime_time.get("identifier")
         else:
-            extra_filter = (
-                "(host="
-                + " OR host=".join(splunk_indextime_time.get("hosts"))
-                + ")"
-            )
+            extra_filter = "host IN (\""+"\",\"".join(set(splunk_indextime_time.get("hosts")))+"\")"
 
         if splunk_indextime_time["tokenized_event"].time_values:
             extra_filter += " | eval e_time=_time"
@@ -208,7 +204,8 @@ def test_indextime_time(
             retries=splunk_search_util.search_retry,
         )
         results = list(results)
-
+        if not results:
+            assert False, "No Events found for query: " + search
         result_fields = {
             key: [ceil(float(item[key])) for item in results]
             for key in results[0].keys()
@@ -276,4 +273,4 @@ def test_indextime_line_breaker(
 
         assert (
             count_from_results == expected_events_count
-        ), f"Expected count: {expected_events_count} Actual Count: {count_from_results}"
+        ), f"Query: {query} \nExpected count: {expected_events_count} Actual Count: {count_from_results}"

pytest_splunk_addon/standard_lib/sample_generation/sample_event.py

@@ -12,6 +12,7 @@
 src_ipv6, dest_ipv6 = 0, 0
 host_count, fqdn_count = 0,0
 url_ip_count = 0
+host_ipv4_octet_count, dvc_ipv4_octet_count = 0, 0
 
 ip_rules = {
         "src":{
@@ -107,13 +108,17 @@ def get_ipv4(self, rule):
             addr = [int(src_ipv4 / 256) % 256, src_ipv4 % 256]
             return "".join([ip_rules.get(rule)["ipv4"], str(addr[0]), ".", str(addr[1])])
         elif rule == "host":
-            global host_ipv4
+            global host_ipv4, host_ipv4_octet_count
             host_ipv4 += 1
-            return "".join([ip_rules.get(rule)["ipv4"], str(host_ipv4 % 101), ".0"])
+            if host_ipv4 == 101:
+                host_ipv4 = 51
+            host_ipv4_octet_count += 1
+            return "".join([ip_rules.get(rule)["ipv4"], str(host_ipv4 % 101), ".", str(host_ipv4_octet_count % 256)])
         elif rule == "dvc":
-            global dvc_ipv4
+            global dvc_ipv4, dvc_ipv4_octet_count
             dvc_ipv4 += 1
-            return "".join([ip_rules.get(rule)["ipv4"], str(dvc_ipv4 % 51), ".0"])
+            dvc_ipv4_octet_count += 1
+            return "".join([ip_rules.get(rule)["ipv4"], str(dvc_ipv4 % 51), ".", str(dvc_ipv4_octet_count % 256)])
         elif rule == "dest":
             global dest_ipv4
             dest_ipv4 += 1