Elastica Flex data is not processing errors after being added.

CASB Audit

2 firewalls: in place PaloAlto & Fortinet

Incorrect regex

DEV provided corrected regex

{
    "action_rex": "status=\\\\x22(.*?)\\\\x22",
    "datetime_format": "dd/MMM/yyyy:HH:mm:ss Z",
    "datetime_rex": "\\\\x5b(.*?)\\\\x5d",
    "dst_rex": "dip=\\\\x22(.*?)\\\\x22",
    "logformat": "rex",
    "rcvd_rex": "bytes_tc=\\\\x22(.*?)\\\\x22",
    "referer_rex": "referer=\\\\x22(.*?)\\\\x22",
    "sent_rex": "bytes_fc=\\\\x22(.*?)\\\\x22",
    "src_rex": "srcip=\\\\x22(.*?)\\\\x22",
    "trim_tokens": "true",
    "ua_rex": "user_agent=\\\\x22(.*?)\\\\x22",
    "url_rex": "url=\\\\x22(.*?)\\\\x22",
    "user_rex": "user=\\\\x22(.*?)\\\\x22"
}