RFC5424 not always compliant

[polaris940]

Logs generated for RFC5424 only compliant about 40% of the time.

Sample set of 100 logs generated with flog: https://regex101.com/r/nMlGtT/1

Testing using the Fluent Bit syslog-rfc5424 parser.

[PARSER]
    Name        syslog-rfc5424
    Format      regex
    Regex       ^\<(?<pri>[0-9]{1,5})\>1 (?<time>[^ ]+) (?<host>[^ ]+) (?<ident>[^ ]+) (?<pid>[-0-9]+) (?<msgid>[^ ]+) (?<extradata>(\[(.*?)\]|-)) (?<message>.+)$
    Time_Key    time
    Time_Format %Y-%m-%dT%H:%M:%S.%L%z
    Time_Keep   On

[polaris940]

This appears to be directly related to the version value.

As of writing, the only valid version is 1 per the IANA Registered Versions