Good Evening,
I’m using the GraySquid content pack to take Squid Logs from a cisco WSA SV100. The content pack is working somewhat. I had to change the stream rules to match the source instead of the app. Everything seems to be flowing ok but it appears the extractors are not working nor creating the fields for all grok patterns. The primary reason for installing this content pack was to make it possible to search IPs or URLs for the proxy messages. Is this content pack still compatible? Any suggestions or fixes to recognize the patterns correctly?