log example：

# Time: 2023-10-23T07:04:12.155082Z
# User@Host: root[root] @ naoms-gos-1 [10.32.2.11]  Id: 11135
# Query_time: 12.146546  Lock_time: 0.000000 Rows_sent: 67101  Rows_examined: 67101
use elasticjob;
SET timestamp=1698044652;
SELECT original_task_id FROM JOB_STATUS_TRACE_LOG WHERE task_id = 'checkAllDispatchNotice@-@0@-@READY@-@169.254.29.98@-@856' and state='TASK_STAGING';
# Time: 2023-10-23T07:04:12.170661Z
# User@Host: root[root] @ naoms-fims-1 [10.32.2.16]  Id: 11842
# Query_time: 12.049766  Lock_time: 0.000000 Rows_sent: 0  Rows_examined: 0
SET timestamp=1698044652;
INSERT INTO `JOB_STATUS_TRACE_LOG` (`id`, `job_name`, `original_task_id`, `task_id`, `slave_id`, `source`, `execution_type`, `sharding_item`,  `state`, `message`, `creation_time`) VALUES ('b04b303b-56ac-430f-a184-8a099f669ea4', 'updatePublishRecentFlagSchedule', '', 'updatePublishRecentFlagSchedule@-@@-@READY@-@10.32.2.16@-@4964', '10.32.2.16', 'LITE_EXECUTOR', 'READY', '[]', 'TASK_STAGING', 'Job ''updatePublishRecentFlagSchedule'' execute begin.', '2023-10-23 15:04:00.132');

help:

I have configured multiline.
How do I use promtail or LogQL to retrieve the information I want, such as Time, Query_time, User@Host, and sql information.
I try to use Pattern and Regular expression
But don’t know how to handle multi-line parsing

My English is not good, this is translated by translation software, please forgive me.

I don’t have much multiline logs in our Loki cluster, but from my brief experience I think regex filter would work better for you (remember not to use the end-of-line character $ when matching multiple lines).