xml field extraction with a twist

Data example:ReadyB-107445Upgrade Splunk Windows TA2020-01-29T13:49:44.3372019-03-12T12:49:22.703owner oneowner two&ReadyB-143465Review/Upgrade Splunk_TA_Nix to v72020-01-30T12:54:07.1032020-01-15T10:40:49.307owner one I've gotten my XML to seperate into events finally, but I'm being thrown by trying to get the fields to work. I'd like to have Status.Name = Ready Number = B-143465 ChangeDate = 2020-01-30T12:54:07.103 and so on I created this regex using the field extractor and regex101: ^(?:[^>\n]*>){2}(?P\w+\s+\w+|\w+)(?:[^>\n]*>){2}(?P\w+\-\d+)[^ \n]* \w+="\w+">(?P[^<]+)[^ \n]* \w+="\w+">(?P[^<]+)(?:[^"\n]*"){2}>(?[^<]+)(?:[^"\n]*"){2}><\w+>(?P\w+\s+\w+) which gets me most of the way there, but it won't work for the multiple owner values. Can someone suggest a fix here? Also, if you could also suggest some help in implementing the regex in a transforms, I'd appreciate it. I think I can call it using PROPS ... REPORT-V1 = v1_fields TRANSFORMS [v1_fields] REGEX = ^(?:[^>\n]*>){2}(?P\w+\s+\w+|\w+)(?:[^>\n]*>){2}(?P\w+\-\d+)[^ \n]* \w+="\w+">(?P[^<]+)[^ \n]* \w+="\w+">(?P[^<]+)(?:[^"\n]*"){2}>(?[^<]+)(?:[^"\n]*"){2}><\w+>(?P\w+\s+\w+) But I don't know if I need to add a FORMAT = $1::$2 line (nor do I know what that line does ... ) Any help you can provide here would be great. I've also tried KV_MODE=xml on the search head, but that doesn't give me the field names I want, just values for Asset.Attribute Asset.Attribute.Value etc Thanks