How to edit my props.conf for proper event line breaking based on my sample data?

Ok, I give. I can't seem to figure out why this is failing... This is the log: (Suitably neutered) 2016-11-03 13:34:00,654 [10] INFO XXXXXXX_YYY.XXXXXXX - Script Name Input: 2016-11-03 13:34:00,716 [10] INFO XXXXXXX_YYY.XXXXXXX - account: zzzzzzz 2016-11-03 13:34:00,716 [10] INFO XXXXXXX_YYY.XXXXXXX - No Parameters supplied 2016-11-03 13:34:00,716 [10] INFO XXXXXXX_YYY.XXXXXXX - Total Parameters:0 2016-11-03 13:34:03,259 [10] ERROR XXXXXXX_YYY.XXXXXXX - Powershell script '' does not exist. 2016-11-03 13:34:03,758 [13] INFO XXXXXXX_YYY.XXXXXXX - Script Name Input:lync_provisioning.ps1 2016-11-03 13:34:03,758 [13] INFO XXXXXXX_YYY.XXXXXXX - account: Abcdef.Hijklm@domainname.com 2016-11-03 13:34:03,758 [13] INFO XXXXXXX_YYY.XXXXXXX - Total Parameters:4 2016-11-03 13:34:03,836 [13] INFO XXXXXXX_YYY.XXXXXXX - --------------------Powershell Execute------------------------- 2016-11-03 13:34:03,914 [13] INFO XXXXXXX_YYY.XXXXXXX - Parameter Added: DomainController|HOSTNAME 2016-11-03 13:34:03,914 [13] INFO XXXXXXX_YYY.XXXXXXX - Parameter Added: sAMAccountName|zzzzzzz 2016-11-03 13:34:03,914 [13] INFO XXXXXXX_YYY.XXXXXXX - Parameter Added: PrimarySMTP|Abcdef.Hijklm@domainname.com 2016-11-03 13:34:03,914 [13] INFO XXXXXXX_YYY.XXXXXXX - Parameter Added: Action|Disable 2016-11-03 13:34:03,914 [13] INFO XXXXXXX_YYY.XXXXXXX - Parameter Added: ScriptRoot|C:\PowerShell Scripts\ 2016-11-03 13:34:16,176 [13] INFO XXXXXXX_YYY.XXXXXXX - Powershell Script Return Value: True 2016-11-03 13:34:16,176 [13] INFO XXXXXXX_YYY.XXXXXXX - ------------------Powershell END Execute----------------------- 2016-11-03 13:38:58,650 [12] INFO XXXXXXX_YYY.XXXXXXX - Script Name Input: 2016-11-03 13:38:58,650 [12] INFO XXXXXXX_YYY.XXXXXXX - account: zzzzzzz 2016-11-03 13:38:58,650 [12] INFO XXXXXXX_YYY.XXXXXXX - No Parameters supplied 2016-11-03 13:38:58,650 [12] INFO XXXXXXX_YYY.XXXXXXX - Total Parameters:0 2016-11-03 13:38:58,744 [12] ERROR XXXXXXX_YYY.XXXXXXX - Powershell script '' does not exist. 2016-11-03 13:38:59,258 [19] INFO XXXXXXX_YYY.XXXXXXX - Script Name Input:home_drive_provisioning.ps1 2016-11-03 13:38:59,258 [19] INFO XXXXXXX_YYY.XXXXXXX - account: zzzzzzz 2016-11-03 13:38:59,258 [19] INFO XXXXXXX_YYY.XXXXXXX - Total Parameters:6 2016-11-03 13:38:59,321 [19] INFO XXXXXXX_YYY.XXXXXXX - --------------------Powershell Execute------------------------- 2016-11-03 13:38:59,368 [19] INFO XXXXXXX_YYY.XXXXXXX - Parameter Added: HomeDrivePath|\\ZZZZZ\home$ 2016-11-03 13:38:59,383 [19] INFO XXXXXXX_YYY.XXXXXXX - Parameter Added: IsilonPath|/ifs/pathing/home/ 2016-11-03 13:38:59,383 [19] INFO XXXXXXX_YYY.XXXXXXX - Parameter Added: Username|userprovisioning 2016-11-03 13:38:59,383 [19] INFO XXXXXXX_YYY.XXXXXXX - Parameter Added: Password|********** 2016-11-03 13:38:59,383 [19] INFO XXXXXXX_YYY.XXXXXXX - Parameter Added: Account|zzzzzzz 2016-11-03 13:38:59,383 [19] INFO XXXXXXX_YYY.XXXXXXX - Parameter Added: TermDate|11/03/2016 00:00:00 2016-11-03 13:38:59,383 [19] INFO XXXXXXX_YYY.XXXXXXX - Parameter Added: ScriptRoot|C:\PowerShell Scripts\ 2016-11-03 13:39:01,567 [19] INFO XXXXXXX_YYY.XXXXXXX - Quota Removed from /ifs/nasprod/home/zzzzzzz 2016-11-03 13:39:01,567 [19] INFO XXXXXXX_YYY.XXXXXXX - zzzzzzz moved to _Deleted User Folders_\zzzzzzz 11-03-16 2016-11-03 13:39:01,567 [19] INFO XXXXXXX_YYY.XXXXXXX - Powershell Script Return Value: True 2016-11-03 13:39:01,567 [19] INFO XXXXXXX_YYY.XXXXXXX - ------------------Powershell END Execute----------------------- I want it broken into exactly two events, based on `------------------Powershell END Execute-----------------------` I got 7. This is what I have in props.conf. [SourceType] NO_BINARY_CHECK = true # MUST_BREAK_AFTER = Powershell END Execute # EVENT_BREAKER = Powershell END Execute category = Custom description = Log disabled = false pulldown_type = true BREAK_ONLY_BEFORE = Powershell END Execute DATETIME_CONFIG = inputs.conf has the correct SourceType for the monitor statement. This is in a distributed environment. The props.conf is pushed to both the Universal Forwarder, and the Indexer(s). We're running 6.3.3 Seems to work fine, if I put it on a single node, and manually add data..... So like, what am I missing? Thanks, David