Hello everyone, 

I have a question for you, and I need your help please 🙂

I have some logs, but the parsing isn't done. 

In a same log, I have a lot of indicators and I need to extract the fields :

-cpu_model

- device_type:
-distinguished_name:
- entity: 
- last_boot_duration: 

- last_ip_address: 
- last_logon_duration: 

- last_logon_time:

 -   last_system_boot: 
   -  mac_addresses: [

00:42:38:CA:81:72
00:42:38:CA:81:7300:42:38:CA:81:76
         02:42:38:CA:81:72
         74:78:27:91:41:BB
         B0:9F:80:55:40:44 
       ]
      - name: PCW-TOU-76566
       -number_of_days_since_last_boot:
      - number_of_days_since_last_logon: 
     -  number_of_monitors: 3
       - os_version_and_architecture: Windows 10 Pro 21H2 (64 bits)
      - platform: windows
      - score:Device performance/Boot speed: null
       -system_drive_capacity: 506333229056
     -  system_drive_usage: 0.19
      - total_nonsystem_drive_capacity: 0
       -total_nonsystem_drive_usage: null
       -total_ram: 8589934592

The log is like this :

What can I do to have the fields extracted to develop my indicators ? 

The regex method is not possible in this case, can I use rex command ? and how I can do for this example ? 

I need your help, thank you so much