can someone guide me to create a Multi-line Pattern for the below windows events with event ID and need to parse my log data
Event[0]:
Log Name: Application
Source: Desktop Window Manager
Date: 2020-05-29T16:53:12.000
Event ID: 9009
Task: N/A
Level: Information
Opcode: N/A
Keyword: Classic
User: N/A
User Name: N/A
Computer:
Description:
The Desktop Window Manager has exited with code (0xd00002fe)
this is my file pattern
file {
type => "logs"
path => "D:/logs/syslogs_*.txt"
codec => multiline {
pattern => "^%{TIMESTAMP_ISO8601}"
}
}