Support multiple matches in regex() function

[joschi]

The regex() function only returned a single match (similar to the Regex Extractor), while some users require it to return all matches.

Fixes #173 Closes #174

[hc4]

Looks like this PR broke multi-group matching. E.g. let result = regex("(a)(b)(c)", "abcabc"); There will be 2 matches with 3 groups in each. How to access them?

Moreover - this PR broke current regex behaviour, because currently indexer of regex result returns groups of first match, but after this PR it will return matches by index

[joschi]

@hc4 It's not possible to properly model multiple group matches because the function language lacks iteration/looping primitives.

I'll close this PR…

[hc4]

@joschi, do you mean multiple matches? Because I'am using multi-group feature in my rules right now and everything works fine.

  let m = regex("^(?:\\d+),(\\d+),\\d+,(.*)$", to_string($message.message));
  set_field("temperature", to_double(m["0"]));
  let tz = to_string(lookup_value("temper-tz", $message.source));
  let date = parse_date(value: to_string(m["1"]), pattern: "yyyy-MM-dd HH:mm:ss", locale: "", timezone: tz);
  set_field("timestamp", date);

m["0"] gives me first group and m["1"] gives me the second one.