Multiple grok and multiple match option in one grok

does any one know what is the difference with multiple grok or multiple match option in one grok?

if I have a log file has different pattern for each line and for same field the pattern need to be different, for such case which one should I use?

for example below are the lines in my log file:
line1:
2015-07-09 08:28:52,546 INFO ERROR TELFAP3200SFCSrv- messrv123 10.193.91.67 - 18346 2015-07-09 08:28:52.545
line2:
2015-07-09 08:28:52,555 INFO LOOKUP TELFAP3200SFCSrv 10.193.91.67 52580 18346 2015-07-09 08:28:52.555 2015-07-09 08:28:52.553 messrv123 2015-07-09 05:26:42.578
line3:
2015-07-09 08:28:53,208 INFO LOOKUPFAIL WDNSAH4400SFCSrv 10.193.90.105 43122 13184 2015-07-09 08:28:53.208 2015-07-09 08:28:53.207 ashl.MSGADAPTER130 2015-07-08 22:51:38.820

below grok filer can get line2 and line3 match EXCEPT line1cos line1 has a different pattern compared to the rest of lines. for this case, shall I add a separate grok or one more match in same grok??

grok {
match => ["messsage", "^(?%{YEAR}-%{MONTHNUM}-%{MONTHDAY}\s%{TIME})\sINFO\s+%{WORD:Action}\s+(?\S+)\s%{IPV4:RequestorHostIP}\s%{BASE10NUM:TCPPort}\s%{BASE10NUM:UDPPort}\s(?%{YEAR}-%{MONTHNUM}-%{MONTHDAY} %{TIME})\s?(?\s+)?\s?(?\S+)?\s?(?\S+)?\s?(?\S+)?(?%{YEAR}-%{MONTHNUM}-%{MONTHDAY} %{TIME})?"]

}

Use one grok filter in this case. The difference between the two is that if you use a single grok filter it'll stop once it gets a match, while with more than one filter it'll try them all and probably add a _grokparsefailure tag (unless all expressions match, which is unlikely).