updating raw log (#3756)

Author: patel-bhavin

data_sources/vmware_esxi_syslog.yml

@@ -1,7 +1,7 @@
 name: VMWare ESXi Syslog
 id: f91c5ad1-2a44-4be3-93df-43150fa243e5
-version: 1
-date: '2025-05-08'
+version: 2
+date: '2025-11-04'
 author: Raven Tait, Splunk
 description: Data source object for syslog data from VMWare ESXi
 source: vmware:esxlog
@@ -14,19 +14,8 @@ fields:
 - _time
 - host
 - Message
-example_log: '{"preview":false,"lastrow":true,"result":{"Application":"May","Message":
-  "54:23 192.168.8.233 2025-05-08T17:52:34.409Z localhost.lan Hostd[263196]: [Originator@6876
-  sub=Vimsvc.ha-eventmgr opID=esxui-6983-6230 sid=52eb1a76] Event 854 : User root@192.168.196.95
-  logged in as Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36
-  (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36","_raw":"May  8 17:54:23 192.168.8.233
-  2025-05-08T17:52:34.409Z localhost.lan Hostd[263196]: [Originator@6876 sub=Vimsvc.ha-eventmgr
-  opID=esxui-6983-6230 sid=52eb1a76] Event 854 : User root@192.168.196.95 logged in
-  as Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like
-  Gecko) Chrome/135.0.0.0 Safari/537.36","_time": "2025-05-08T17:52:34.409+0000","date_hour":"17","date_mday":"8","date_minute":"52","date_month":
-  "may","date_second":"34","date_wday":"thursday","date_year":"2025","date_zone":"0","host":
-  "192.168.8.233","index":"vmware-esxilog","linecount":"1","opID":"esxui-6983-6230","punct":
-  "___::_..._--::._._[]:_[@_=.-_=--_=]___:__@...____/","sid":"52eb1a76","source":
-  "vmware:esxlog:source::udp:514","sourcetype":"vmw-syslog","splunk_server":"splunk",
-  "sub":"Vimsvc.ha-eventmgr","timeendpos":"54","timestartpos":"30"}}'
+example_log: |
+  Jul  1 14:30:23 192.168.8.233 2025-07-01T14:29:11.508Z localhost.localdomain shell[1627100]: [root]: esxcli system auditrecords local set
+  Jul  1 14:30:21 192.168.8.233 2025-07-01T14:29:09.506Z localhost.localdomain shell[1627100]: [root]: esxcli system auditrecords local delete
 output_fields:
 - dest