Hi,

My logs look like this ...

AS RAW TEXT:

{"timestamp":"2019-08-08 10:23:38.320","level":"INFO","thread":"task-scheduler-8","mdc":{"TraceabilityID":"abcde","file_name":"MySampleFileName.json","Source":"SOURCE"},"logger":"MyApplicationLogConfig","message":" |IN001 |1010908 |Order placed Successfully. |\n |IN002 |1010909 |Order placed Successfully. |\n"}

SYNTAX HIGHLIGHTED:

WHAT I NEED:
1010908, 1010909 extracted as the OrderNum, Order placed Successfully as OrderStatus.

REGEX:

| rex field=message "(\n\s)*\|IN\d+\s\|(?<orderNum>\d+)\s\|(?<orderStatus>[\w\s]+)\.\s\|(\n)?"

ERROR IS:
The regex extracts only '1010908' as the OrderNum. I want both 1010908, 1010909 to be extracted.

Thanks in advance.