Logstash 多行编解码器不适用于堆栈跟踪

问：

我正在使用 ELK 堆栈来处理我的应用程序的日志。因此，问题在于 Logstash 多行编解码器无法为堆栈跟踪正常工作。输入多行日志不会被模式解析，也不会相互合并以完全完成堆栈跟踪。 这是我对多行编解码器的配置

    udp {
        port => 5140
        type => syslog
        codec => multiline {
            pattern => "^<%{NUMBER}>%{DATA} %{NUMBER} %{TIME} %{WORD}\[%{NUMBER}\]: \[%{TIMESTAMP_ISO8601}"
            negate => true
            what => "previous"
        }
    }

普通日志如下所示：

<27>Sep 19 17:47:37 worker[1819]: [2023-09-19 17:47:37,313: INFO/celery.app.trace] Task tasks.call_is_alive[call_is_alive_0ec30fbe-dde6-4a0e-b637-8eef926e28c8] succeeded in 0.2811723370105028s: None

堆栈跟踪如下所示：

<27>Sep 20 10:51:59 fastapi[1819]: [2023-09-20 10:51:59,209: ERROR/uvicorn.error] Exception in ASGI application
<27>Sep 20 10:51:59 fastapi[1819]:     response = await self.dispatch_func(request, call_next)
<27>Sep 20 10:51:59 fastapi[1819]:                ^^^^^^^^^^^^^^^^^^^^^^^^
<27>Sep 20 10:51:59 fastapi[1819]:   File "/usr/local/lib/python3.11/site-packages/starlette/middleware/base.py", line 69, in coro
<27>Sep 20 10:51:59 fastapi[1819]:     raise app_exc
<27>Sep 20 10:51:59 fastapi[1819]:     await self.app(scope, receive_or_disconnect, send_no_error)
<27>Sep 20 10:51:59 fastapi[1819]:   File "/usr/local/lib/python3.11/site-packages/starlette/middleware/cors.py", line 84, in __call__
<27>Sep 20 10:51:59 fastapi[1819]:     await self.app(scope, receive, send)
<27>Sep 20 10:51:59 fastapi[1819]:   File "/usr/local/lib/python3.11/site-packages/starlette/middleware/exceptions.py", line 79, in __call__
<27>Sep 20 10:51:59 fastapi[1819]:     raise exc
<27>Sep 20 10:51:59 fastapi[1819]:   File "/usr/local/lib/python3.11/site-packages/starlette/middleware/exceptions.py", line 68, in __call__
<27>Sep 20 10:51:59 fastapi[1819]: Traceback (most recent call last):
<27>Sep 20 10:51:59 fastapi[1819]:                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
<27>Sep 20 10:51:59 fastapi[1819]:     response = await call_next(request)

我尝试了不同模式的多行编解码器，但它们也没有帮助。可能是什么问题？是因为模式错误还是编解码器有问题？