minor note - multikv assumes the table to be extracted is in the _raw field.

Here's a run-anywhere demo on the original poster's data...

| makeresults
| eval _raw ="blah garble anyoldstuff
 USER PID %CPU %MEM COMMAND
   daemon 6029500 0.2 0.0 .vasd
   daemon 5963962 0.1 0.0 .vasd
  auwasesp 13107344 0.0 1.0 java
  auwasesp 12714040 0.0 3.0 java
  auwasesp 12648618 0.0 0.0 java
  auwasesp 12517388 0.0 1.0 java
  auwasesp 12452016 0.0 1.0 java
  ausassrv 13434928 0.0 0.0 sas
  ausasadm 18022636 0.0 0.0 splunkd
  ausasadm 16384182 0.0 0.0 splunkd"
| multikv