I have also had some parsing issues with the sonicwall module that is being pushed from the integration using fleet management. I was getting a dissect error message with every log message. I ended up starting to work on my own filbeat module since I'm hoping that we can move all of our sonicwall deployments to elastic. It works on the firewall that I have been testing on with firmware version 18.104.22.168. My first time contributing to beats and the documentation I have seen goes with the current method of creating filbeat modules vs. the new integration methods. -- at least I don't see any references to the integration fleet methods. Still plan on creating the pull request in the next day or two. I modeled mine after the Fortinet firewall integration module which works well for Fortigates and it seems much simpler than the current SonicWall one. I haven't seen any other posts indicating that someone is working on the sonicwall module so hopefully mine will be helpful
I was able to validate the logs that I collect from a lab sonicwall I have using the integration updates I made. I submitted the PR today. My first time submitting so there might be issues but hopefully anything that comes up I can work through.