The regex pattern in the majority of the extractors are catching the "cs" from the following field. For example, if capturing cs4Label it should just capture "VID" but ends up capturing "VID cs"
cs1=NA cs1Label=Cap Support cs4=cd736115-17e9-45b8-aa0e-6d9ff0a49b52 cs4Label=VID cs5Label=clappsig dproc=Browser cs6=Internet Explorer
The regex pattern in the majority of the extractors are catching the "cs" from the following field. For example, if capturing cs4Label it should just capture "VID" but ends up capturing "VID cs"
cs1=NA cs1Label=Cap Support cs4=cd736115-17e9-45b8-aa0e-6d9ff0a49b52 cs4Label=VID cs5Label=clappsig dproc=Browser cs6=Internet Explorer
graylog 3.1