You can make a field (and related whitespace) option by surrounding them with ()?, which means zero-or-more-of.
grok { match => { "message" => "%{MONTHNUM:month}\/%{MONTHDAY:day}-%{HOUR:hour}:%{MINUTE:minute}:%{SECOND:second}\s+\[\*\*\] \[%{INT:ids_gid}:%{INT:ids_sid}:%{INT:ids_rev}\]\s+%{DATA:ids_proto}\s+\[\*\*\] (\[.*?: %{DATA:Classification}\] )?\[.*?: %{INT:Priority}\] \{%{DATA:data}} %{IP:dst_ip} .*?> %{IP:dest_port}" } }
If there are more variants then you might want to take an alternate approach. Perhaps something like this.