| makeresults 
|  eval x="2019-08-26 20:21:18 10.1.82.42 GET /aaaa/bbbb/ccc/ddddd/eeeee username=test&branch=KEL∾count=123456789 443 ABCD\HTTP/secure.abc.jss.pre 11.12.13.14 Java1.7.0_191 - 200 0 0 65018"
| rex field=x ".*\s+(?<lastfld>.*)"

replace 'x' by _raw

    | rex field=_raw ".*\s+(?<lastfld>.*)"