Hi,

I have the following log format,

How can I break this multiline event on condition that "2020-03-23 16:41:08,207" arrives.

Note that the log needs to be indexed with Local Time.

2020-03-23 16:41:08,207 INFO  [Thread-1] [server01IS] Skipping server01 Integration Server Server, NO WinServices detected...

2020-03-23 16:41:08,207 INFO  [Thread-1] [server01uAgentWin] APPLICATION DETECTION

2020-03-23 16:41:08,207 INFO  [Thread-1] [server01uAgentWin] server01HM:  Release 4.1.2

2020-03-23 16:41:08,207 INFO  [Thread-1] [server01uAgentWin] Application Type: server01 uAgent Windows

2020-03-23 16:41:08,207 INFO  [Thread-1] [server01uAgentWin] ...On Windows: x32

2020-03-23 16:41:08,207 INFO  [Thread-1] [server01uAgentWin] RegistryKey: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall

2020-03-23 16:41:08,207 INFO  [Thread-1] [server01uAgentWin] Detecting Application Instances...

2020-03-23 16:41:08,207 INFO  [Thread-1] [server01uAgentWin] RegistryKey: SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall

2020-03-23 16:41:08,207 INFO  [Thread-1] [server01uAgentWin] Detecting Application Instances...

2020-03-23 16:41:08,207 INFO  [Thread-1] [server01uAgentWin] TOTAL server01 uAgent Windows Detected: 0

2020-03-23 16:41:08,207 INFO  [Thread-1] [server01uCIv8] SERVER DETECTION