So I'm not sure why, but after lots of testing, this is what ended up working for me:
REGEX=dest_port=53\b|10.10.10.10\b|169.254.*
I added the "\b" to specify port 53 and not 533, 5333, etc. Also, whenever I added the \escape characters in the IP address it would not work. Not sure why but at least it's working now. Thanks for your help!
... View more