Snapshot 95 demo-tenant parsers (incl. stormshield) + un-ignore parsers/

The original upstream gitignores parsers/* on the assumption that each tenant
has its own set. This fork commits a working snapshot so the Parser Test Runner
and Parser Coverage features are usable out of the box.

Stormshield parser exercises the new SDL key=value scanner, pattern references,
and JS-style unquoted format keys added to backend/routers/quality.py.

parsers/cisco_ise_logs-latest

@@ -0,0 +1,77 @@
+{
+  attributes: {
+    "dataSource.category": "security",
+    "dataSource.name": "Cisco ISE",
+    "dataSource.vendor": "Cisco",
+    "metadata.product.name": "Cisco Identity Services Engine",
+    "metadata.product.vendor_name": "Cisco",
+    "metadata.version": "1.0.0"
+  },
+  patterns: {
+    timestamp: "\\d{4}-\\d{2}-\\d{2}T\\d{2}:\\d{2}:\\d{2}(?:\\.\\d{3})?[+-]\\d{2}:\\d{2}|\\w{3}\\s+\\d{1,2}\\s+\\d{2}:\\d{2}:\\d{2}",
+    ipv4: "(?:\\d{1,3}\\.){3}\\d{1,3}",
+    macaddr: "([0-9a-fA-F]{2}[:-]){5}[0-9a-fA-F]{2}"
+  },
+  formats: [
+    {
+      attributes: {
+        class_uid: "3002",
+        category_uid: "3",
+        severity_id: "1",
+        class_name: "Authentication",
+        category_name: "Identity & Access Management",
+        "metadata.product.name": "Cisco Identity Services Engine",
+        "metadata.product.vendor_name": "Cisco",
+        "dataSource.category": "security",
+        "dataSource.name": "Cisco ISE",
+        "dataSource.vendor": "Cisco"
+      },
+      format: "$timestamp=timestamp$ $hostname$ CISE_System_Alarms $log_id$,$log_id2$,$severity$,$category$,$message$,$user$,$ip=ipv4$,$mac=macaddr$,$endpoint_id$,$auth_method$,$auth_protocol$"
+    },
+    {
+      attributes: {
+        class_uid: "3002",
+        category_uid: "3",
+        severity_id: "2",
+        class_name: "Authentication",
+        category_name: "Identity & Access Management",
+        "metadata.product.name": "Cisco Identity Services Engine",
+        "metadata.product.vendor_name": "Cisco",
+        "dataSource.category": "security",
+        "dataSource.name": "Cisco ISE",
+        "dataSource.vendor": "Cisco"
+      },
+      format: "$timestamp=timestamp$ $hostname$ CISE_Passed_Authentications $log_id$,$log_id2$,$severity$,$category$,User-Name=$user$,NAS-IP-Address=$nas_ip=ipv4$,Calling-Station-Id=$mac=macaddr$,Framed-IP-Address=$ip=ipv4$,Authentication passed"
+    },
+    {
+      attributes: {
+        class_uid: "3002",
+        category_uid: "3",
+        severity_id: "4",
+        class_name: "Authentication",
+        category_name: "Identity & Access Management",
+        "metadata.product.name": "Cisco Identity Services Engine",
+        "metadata.product.vendor_name": "Cisco",
+        "dataSource.category": "security",
+        "dataSource.name": "Cisco ISE",
+        "dataSource.vendor": "Cisco"
+      },
+      format: "$timestamp=timestamp$ $hostname$ CISE_Failed_Attempts $log_id$,$log_id2$,$severity$,$category$,User-Name=$user$,NAS-IP-Address=$nas_ip=ipv4$,Calling-Station-Id=$mac=macaddr$,Authentication failed,$failure_reason$"
+    },
+    {
+      attributes: {
+        class_uid: "3001",
+        category_uid: "3",
+        severity_id: "2",
+        class_name: "Account Change",
+        category_name: "Identity & Access Management",
+        "metadata.product.name": "Cisco Identity Services Engine",
+        "metadata.product.vendor_name": "Cisco",
+        "dataSource.category": "security",
+        "dataSource.name": "Cisco ISE",
+        "dataSource.vendor": "Cisco"
+      },
+      format: "$timestamp=timestamp$ $hostname$ CISE_Administrator $log_id$,$log_id2$,$severity$,$category$,Admin-Name=$admin_user$,Admin-Session-Id=$session_id$,Object-Name=$object_name$,Change-Type=$change_type$,Object-Type=$object_type$"
+    }
+  ]
+}