This is a logstash pipeline, which was written to parse key/value pairs from syslog-formatted logs, with high fidelity for the Postfix application. All parsing is done inline, without using a separate patterns file. The result is messy to read, but demonstrates the power of regex in logstash filters.
aetherbird/logstash-syslog
Logstash pipeline for parsing syslog headers and postfix without using a patterns file