We have an Item that can return null, single-line, and multi-line strings. I'm trying to create a trigger against a count of the number of non-null lines from the values of the last 10 mins.

This is what I'm trying but it must not be evaluating the values the way that I expect: count(/host/key,600,"regexp","^.*\n")>2

Edit: Here's an example of the values that I'm trying to count...

2022-08-13 12:12:55 1660410775 ""
2022-08-13 12:11:56 1660410716 ""
2022-08-13 12:10:55 1660410655 ""
2022-08-13 12:09:56 1660410596 "2022-08-13 15:20:25+00:00 Malicious file JS/Adware.Agent.CR was detected on computer abc123.somedomain.com"
2022-08-13 12:08:56 1660410536 "2022-08-13 15:20:25+00:00 Malicious file JS/Adware.Agent.CR was detected on computer xyz456.somedomain.com"
2022-08-13 12:07:55 1660410475 ""
2022-08-13 12:06:55 1660410415 ""
2022-08-13 12:05:56 1660410356 ""
2022-08-13 12:04:57 1660410297 "2022-08-12 23:46:05+00:00 Malicious file JS/Adware.Agent.CR was detected on computer lmn876.somedomain.com
2022-08-13 00:27:19+00:00 Malicious file JS/Adware.TerraClicks.A was detected on computer opq567.somedomain.com
2022-08-13 15:20:25+00:00 Malicious file JS/Adware.Agent.CR was detected on computer ghi432.somedomain.com"