Regex Help

I am trying to do a field extract but running into problems Here is an example event. I am trying to build a regex to extract the signatures field (IP Fragmentation, DNS Amplification). The signature can be different for each event so I need to extract everything between the () after the word signatures. Can someone help me with a regex? My attempts are only returning partial events Sep 19 23:32:49 10.201.1.79 [pfsp] emerg: Host Detection alert #13630, start 2017-09-19 23:31:45 UTC, duration 64, direction incoming, host 1.2.3.4, signatures (IP Fragmentation, DNS Amplification), impact 1.10 Gbps/117.80 Kpps, importance 2, managed_objects ("ARIN-Allocated Prefixes"), (parent managed object "nil") Sep 20 04:56:50 10.201.1.79 [pfsp] emerg: Host Detection alert #13631, start 2017-09-20 04:56:45 UTC, duration 5, direction incoming, host 1.2.3.4, signatures (IP Fragmentation), impact 133.45 Mbps/21.82 Kpps, importance 1, managed_objects ("ARIN-Allocated Prefixes"), (parent managed object "nil")