Ok so im trying to export the logs from our FortiGate to a CSV file. Thats actually allready working fine. But the problem is, lots of information is stored in the $Message. So what i want to do is to get all "variables" in the $Message in seperate fields. Im having a really hard time with this right now. Ive never really done something with regex and nxlog. I´d be really happy if you guys could help me out here.

Thats how nxlog writes an event into the csv file: 2021-06-28 00:00:05;"INFO";2;"XXX.XXX.XXX.XXX";;"date=2021-06-28,time=00:00:05,devname="XXXX",devid="XXX",logid="0000000013",type="traffic",subtype="forward",level="notice",vd="root",eventtime=1624831205715391871,tz="+0200",srcip=XXX.XXX.XXX.XXX,srcport=33084,srcintf="port1",srcintfrole="lan",dstip=XXX.XXX.XXX.XXX,dstport=80,dstintf="wan1",dstintfrole="wan",sessionid=24018243,proto=6,action="close",policyid=3,policytype="policy",poluuid="7f09e0e6-c026-51ea-ccf3-27ba9a95d742",service="HTTP",dstcountry="France",srccountry="Reserved",trandisp="snat",transip=XXX.XXX.XXX.XXX,transport=33084,appid=16648,app="Kaspersky.Update",appcat="Update",apprisk="low",applist="Std-Appcontrol",duration=5,sentbyte=836,rcvdbyte=1036,sentpkt=6,rcvdpkt=4,shapingpolicyid=7,shapersentname="A1_Outgoing",shaperdropsentbyte=0,shaperrcvdname="Incoming",shaperdroprcvdbyte=0,vwlid=0,utmaction="allow",countapp=1 mastersrcmac="XXX",srcmac="XXX",srcserver=0"

I guess replacing all the ',' with ';' would work. But i have no Idea how to do that. If you need more infos im going to send them asap.