I was fiddling around with Elastic Agent and Fleet to integrate multiple log sources in the same agent, and I am getting "Provided Grok expressions do not match field value" error with Fortinet integration.
Using Filebeat I was able to "bypass" this error modifying Grok pattern to match my logs' format, but when I try to adapt Elastic Agent ingest pipelines the same way, it does not work. I tried modifying them manually from Kibana and Elastic Agent's data folder, but none of them worked.
So my question is, is there a way to modify Grok patterns used in Fleet integrations or should I stick to Filebeat only?
Thank you in advance