I'm applying a grok filter followed by a kv successfully on a log entry that looks like this:
"Mylog[something=1;somethingelse=NA;another=19163;exception@3257ms=3;total=3258ms;]"
Everything works well for the correctly constructed key=value pairs, but the numeric portion of the 'exception@3257ms=3' entry is dynamic and I end up with many fields named exception@3257, exception@1234, etc.
I want to further parse the field name 'exception@1234' into key = exception value= 1234, is this possible?