diff --git a/tasks/section_4/cis_4.2.1.x.yml b/tasks/section_4/cis_4.2.1.x.yml
index e34f677..b1a20a9 100644
--- a/tasks/section_4/cis_4.2.1.x.yml
+++ b/tasks/section_4/cis_4.2.1.x.yml
@@ -190,11 +190,11 @@
             regexp: '{{ item }}'
             replace: '#\1'
         notify: restart rsyslog
-        with_items:
-            - '^\$ModLoad imtcp'
-            - '^\$InputTCPServerRun'
-            - '^module\(load="imtcp"\)'
-            - '^input\(type="imtcp" port=.*\)'
+        loop:
+            - '^(\$ModLoad imtcp)'
+            - '^(\$InputTCPServerRun)'
+            - '^(module\(load="imtcp"\))'
+            - '^(input\(type="imtcp")'
         when: not rhel9cis_system_is_log_server
 
       - name: "4.2.1.7 | PATCH | Ensure rsyslog is not configured to recieve logs from a remote clients. | When log host"
@@ -203,11 +203,11 @@
             regexp: '^#(.*{{ item }}.*)'
             replace: '\1'
         notify: restart rsyslog
-        with_items:
+        loop:
             - 'ModLoad imtcp'
             - 'InputTCPServerRun'
             - 'module\(load="imtcp"\)'
-            - 'input\(type="imtcp" port=".*")'
+            - 'input\(type="imtcp"'
         when: rhel9cis_system_is_log_server
   when:
       - rhel9cis_rule_4_2_1_7