unable to parse:-
8.8.8.8 - abc.def@example.com [28/Jan/2016:06:19:22 -0600] "PROPFIND /sssssss/ssssssss.php/ssssssss/ HTTP/1.1" 207 290 "-" "Mozilla/5.0 (Macintosh) mirall/1.8.1"
but if we remove @ from abc.def@example.com it works.
This is addressed in PR #106 which is still open. With a sufficiently new logstash-patterns-core (2.0.0 or later) you can just copy the new definition of COMBINEDAPACHELOG into your grok filter (or put it in a separate patterns file under a new name).
Thank you for your guidance .