If a pattern is matched several times within an event, is there a way to take into account only the first match. After doing some testing after my issue in this post here Grok filter behaviour different for some messages
I found that only the last match is included in the result, is there a way to reference the index of the matches somehow or change this default behaviour?
Thanks