logstash 中的贪婪匹配

logstash  中的贪婪匹配:
10.252.142.174 - - [06/Sep/2016:08:41:36 +0800] "GET /api/validate/code/send?mobilePhone=18652221499&messageType=1&_=1454297673274 HTTP/1.1" 200 52 0.010 112.17.240.27


表达式:
%{IPORHOST:clientip}s+-s+-s+[%{HTTPDATE:time}]s+"%{WORD:verb}s+(?<api>(S+))?.*%{IPORHOST:remote}


输出；
{
  "clientip": [
    [
      "10.252.142.174"
    ]
  ],
  "time": [
    [
      "06/Sep/2016:08:41:36 +0800"
    ]
  ],
  "verb": [
    [
      "GET"
    ]
  ],
  "api": [
    [
      "/api/validate/code/send"
    ]
  ],
  "remote": [
    [
      "27"
    ]
  ]
}

此时remote 输出27





/*****************

%{IPORHOST:clientip}s+-s+-s+[%{HTTPDATE:time}]s+"%{WORD:verb}s+(?<api>(S+))?.*?%{IPORHOST:remote}

此时输出:
{
  "clientip": [
    [
      "10.252.142.174"
    ]
  ],
  "time": [
    [
      "06/Sep/2016:08:41:36 +0800"
    ]
  ],
  "verb": [
    [
      "GET"
    ]
  ],
  "api": [
    [
      "/api/validate/code/send"
    ]
  ],
  "remote": [
    [
      "112.17.240.27"
    ]
  ]
}


或者:
%{IPORHOST:clientip}s+-s+-s+[%{HTTPDATE:time}]s+"%{WORD:verb}s+(?<api>(S+))?.*s+%{IPORHOST:remote}