“processors” : [ { “grok”: { “field”: “log”, “patterns”: [“%{TIME_STAMP:ts} %{GREEDYDATA:logtail}”], “pattern_definitions” : { “TIME_STAMP” : “%{YEAR}-%{MONTHNUM}-%{MONTHDAY} %{TIME}” }, “ignore_failure” : true, “ignore_missing” : true } }, { “kv” : { “field”: “logtail”, “field_split”: “\s(?![^=]+?(\s|$))”, “value_split”: “=”, “ignore_failure” : true } }, { “remove” : { “field”: “logtail”, “ignore_failure” : true } }, { “date” […]