How to write multiline codec for python stacktrace

below is how my log is captured

[2021-09-17 14:24:16,527] [ERROR] [app][MainThread] [5d9b63a9-dc4d-4756-af87-eba4fb275584] [log_exception:1440] : Exception on /download_request_data [GET]
Traceback (most recent call last):
  File "xxxxladjfalkjdlakjdflkajf\alkajdjlkajflka\venv\lib\site-packages\flask\app.py", line 2051, in wsgi_app
    response = self.full_dispatch_request()
  File "xxxxladjfalkjdlakjdflkajf\alkajdjlkajflka\venv\lib\site-packages\flask\app.py", line 1501, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "xxxxladjfalkjdlakjdflkajf\alkajdjlkajflka\venv\lib\site-packages\flask\app.py", line 1499, in full_dispatch_request
    rv = self.dispatch_request()
  File "xxxxladjfalkjdlakjdflkajf\alkajdjlkajflka\venv\lib\site-packages\flask\app.py", line 1485, in dispatch_request
    return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
  File "xxxxladjfalkjdlakjdflkajf\alkajdjlkajflka\.\app.py", line 351, in download_request_data
    zip_file.writestr(file)
TypeError: writestr() missing 1 required positional argument: 'data'

i want the first line and rest of the lines have trace info - part of one message or event.

If your multiline messages always start with a square bracket and a date then you could try

codec => multiline { pattern => "^\[\d{4}" negate => true what => previous auto_flush_interval => 1 }

It worked ..thanks a ton for the quick response.. One last thing. I'm new to this elk stack. Any good resources/books - to understand to write grok patterns/regex.. if you can provide me the resources that will be really helpfulll..

Currently i'm going through a lot of blogs/articles. One Book/video tutorial that can help me get my fundamentals right, that will be really great.