PFsense integration cannot parse OPNSense ISC DHCP logs properly

  - grok:
      field: message
      patterns:
        - '%{DATA:_tmp.action}/%{INTERFACE:observer.ingress.interface.name}/%{MAC_ADDRESS:server.mac}/%{NOTSPACE:pfsense.dhcp.subnet}'
        - '%{DATA:_tmp.action} %{IPV6:client.address}(/%{NUMBER})? on %{INTERFACE:observer.ingress.interface.name}'
        - '%{DATA:_tmp.action} (from|to) %{IPV6:client.address} port %{POSINT:client.port:long}(, transaction ID %{NOTSPACE:pfsense.dhcp.transaction_id})?'
        - '%{DATA:_tmp.action} for: %{IPV6:client.address}(, age %{POSINT:pfsense.dhcp.age:long} secs)?%{GREEDYDATA}'
        - '%{DATA:_tmp.action}: address %{IPV6:client.address} to client with duid %{DUID:pfsense.dhcp.duid} iaid = -%{NOTSPACE:pfsense.dhcp.iaid} valid for %{POSINT:pfsense.dhcp.lease_time:long} seconds'
        - '%{WORD:_tmp.action} %{MIDDLE} via %{INTERFACE:observer.ingress.interface.name}'
        - '%{DATA:_tmp.action} %{IPV6:client.address}'
        - '%{GREEDYDATA}'
      pattern_definitions:
        INTERFACE: '[a-z0-9_\.]+'
        MAC_ADDRESS: '([0-9A-Fa-f]{2}[:-]){5}([0-9A-Fa-f]{2})'
        FROM: 'from %{MAC_ADDRESS:client.mac}'
        ON: 'on %{IP:client.address} to %{MAC_ADDRESS:client.mac}(?: \(%{HOSTNAME:pfsense.dhcp.hostname}\))?'
        FOR: 'for %{IP:client.address}(?: \(%{IP:server.address}\))? from %{MAC_ADDRESS:client.mac}(?: \(%{HOSTNAME:pfsense.dhcp.hostname}\))?'
        MIDDLE: '(?:%{FROM}|%{ON}|%{FOR})'
        DUID: '(?i)[0-9a-f]{2}(:[0-9a-f]{2})+'