f0/gist:6df9c279fe2c68baf140358a0dddb3b5

## gistfile1.txt
<source>
   @type syslog
   port 5140
   bind 0.0.0.0
   format grok
   tag network
   <grok>
     pattern %{CISCOFW104001}
   </grok>
   <grok>
     pattern %{CISCOFW104002}
   </grok>
   <grok>
     pattern %{CISCOFW104003}
   </grok>
   <grok>
     pattern %{CISCOFW104004}
   </grok>
   <grok>
     pattern %{CISCOFW105003}
   </grok>
   <grok>
     pattern %{CISCOFW105004}
   </grok>
   <grok>
     pattern %{CISCOFW105005}
   </grok>
   <grok>
     pattern %{CISCOFW105008}
   </grok>
   <grok>
     pattern %{CISCOFW105009}
   </grok>
   <grok>
     pattern %{CISCOFW106001}
   </grok>
   <grok>
     pattern %{CISCOFW106006_106007_106010}
   </grok>
   <grok>
     pattern %{CISCOFW106014}
   </grok>
   <grok>
     pattern %{CISCOFW106015}
   </grok>
   <grok>
     pattern %{CISCOFW106021}
   </grok>
   <grok>
     pattern %{CISCOFW106023}
   </grok>
   <grok>
     pattern %{CISCOFW106100}
   </grok>
</source>
	<source>
	@type syslog
	port 5140
	bind 0.0.0.0
	format grok
	tag network
	<grok>
	pattern %{CISCOFW104001}
	</grok>
	<grok>
	pattern %{CISCOFW104002}
	</grok>
	<grok>
	pattern %{CISCOFW104003}
	</grok>
	<grok>
	pattern %{CISCOFW104004}
	</grok>
	<grok>
	pattern %{CISCOFW105003}
	</grok>
	<grok>
	pattern %{CISCOFW105004}
	</grok>
	<grok>
	pattern %{CISCOFW105005}
	</grok>
	<grok>
	pattern %{CISCOFW105008}
	</grok>
	<grok>
	pattern %{CISCOFW105009}
	</grok>
	<grok>
	pattern %{CISCOFW106001}
	</grok>
	<grok>
	pattern %{CISCOFW106006_106007_106010}
	</grok>
	<grok>
	pattern %{CISCOFW106014}
	</grok>
	<grok>
	pattern %{CISCOFW106015}
	</grok>
	<grok>
	pattern %{CISCOFW106021}
	</grok>
	<grok>
	pattern %{CISCOFW106023}
	</grok>
	<grok>
	pattern %{CISCOFW106100}
	</grok>
	</source>