#2022-02-23 06:12:50 ::1 GET / - 8090 - ::1 Mozilla/5.0+(Windows+NT+6.3;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/98.0.4758.102+Safari/537.36 CavVI=001102229792570212352;+TOPOFP=[TOPO:33333:StockTrader:WIN-06CPBA8DIL3:calc_4.6.1][FP:33333:4611751826307338517:0:4611751826307321107:1104072986140344320:1];+CavNV=4611751826307321107-33333-257062031056-1-9-0-2-5-3-5;+CavNVC=001104072986140344320-1-257062035-2;+CavSF=2,,1:2:100,1645596435703,0|,,,,1,,,1,,,, - 200 0 0 15657
x=rex(log.message,"^(?<timestamp>[\d\-\s]+\:\d+\:\d+)(.*)");
        doc.datttte = x[0];
date = parseDate(x[0],"yyyy-MM-dd HH:mm:ss");
doc.@timestamp = date.getDate("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'");
if(log.message.contains("FP:")){
x=rex(log.message,"^(?<timestamp>[\d\-\s]+\:\d+\:\d+)(.*)(\[TOPO:)([^\]]*)(\]\[FP:(?<fp>([\d]+)\:([\d]+)\:([\d]+)\:([\d]+)\:([\d]+)\:([\d]+)))([^\]]*)(.*)");
        doc.topo = x[3];
        doc.fp = x[5];
        doc.testrun = x[6];
        doc.fpi = x[7];
        doc.entryfpi = x[8];
        doc.ndsessionid = x[9];
        doc.nvsessionid = x[10];
        doc.pageid = x[11];
        doc.datttte = x[0];
date = parseDate(x[0],"yyyy-MM-dd HH:mm:ss");
doc.@timestamp = date.getDate("yyyy-MM-dd'T'HH:mm:ss.SSS'Z'");
}