apache.error incorrect grok parsing of time in ISO 8601 format

[marcstern]

Elastic cloud, logs-apache.error-1.8.2

In Europe, we often use the ISO 8601 time format instead of the default US one (Tue Apr 11 11:37:47.559505 2023). The grok parser doesn't support that:

Provided Grok expressions do not match field value: [[2023-04-11 11:51:57] [pid 70312:tid 140534663224768] ModSecurity for Apache/2.9.6.2 (Approach Oct 11 2022) configured.]

Could you add this format? Thanks

[botelastic[bot]]

Hi! We just realized that we haven't looked into this issue in a while. We're sorry! We're labeling this issue as Stale to make it hit our filters and make sure we get back to it as soon as possible. In the meantime, it'd be extremely helpful if you could take a look at it as well and confirm its relevance. A simple comment with a nice emoji will be enough :+1. Thank you for your contribution!