How to handle parentheses with REGEX in transforms.config as part of a multiline search

hello All - I have been struggling with a regex mystery that I cannot figure out, and am hoping for another perspective to help me solve this riddle! I have a stacktrace that is being treated as a multiline event. I am trying to identify a regex pattern in transforms.config that will allow me to extract a single line *within* the stracktrace, but apparently have run into trouble with properly accounting for the open parentheses. Given this example, I am wanting to extract *only* the follow snippet in BOLD: 20160825 12:51:16 unhandled error from dispatcher, sender:System.Windows.Threading.Dispatcher System.NullReferenceException: Object reference not set to an instance of an object. at **SOURCE_B.Windows.Controls.PivotGrid.PivotGridGroupingBar.ShowFilterExecuted(Object sender, ExecutedRoutedEventArgs e)** at System.Windows.Input.CommandBinding.OnExecuted(Object sender, ExecutedRoutedEventArgs e) --- (1) REGEX = (?m)unhandled error.*(?(SOURCE_B|SOURCE_C)\D+)\s this properly matches the start of the line I'm looking for...but it returns the rest of the stack trace as well. Question #1: Why does it not match on \s when there is clearly whitespace throughout the stacktrace? --- another observation: (2) REGEX = (?m)unhandled error.\*(?(SOURCE_B|SOURCE_C)\D+ShowFilterExecuted) this extracts.... SOURCE_B.Windows.Controls.PivotGrid.PivotGridGroupingBar.ShowFilterExecuted ok, got that. Yet... REGEX = (?m)unhandled error.\*(?(SOURCE_B|SOURCE_C)\D+Object) ....extracts..... SOURCE_B.Windows.Controls.PivotGrid.PivotGridGroupingBar.ShowFilterExecuted(Object sender, ExecutedRoutedEventArgs e) at System.Windows.Input.CommandBinding.OnExecuted(Object sender, ExecutedRoutedEventArgs e) Note this is the same regex pattern, the only difference is that "**ShowFilterExecuted**" is *before* the "(" and "**Object**" is *after.* Question #2: what is it about the parentheses that is resulting in varying regex match results ???? --- There apparently is something about handling of parenths that I am not understanding. Per other posts, I have also tried to escape the open parenth like this, but it still does not match REGEX = (?m)unhandled error.*(?(SOURCE_B|SOURCE_C)\D+\() << single escape REGEX = (?m)unhandled error.*(?(SOURCE_B|SOURCE_C)\D+\\() << double escape, a recommendation from another post Any suggestions on how to alter the regex to properly match the single line in question would be greatly appreciated !!!!