Multiple custom grok patterns not matching, but they successfully match alone?

Question

Grok matches single custom patterns, but does match when custom patterns are combined.

Complete, working, an verifiable example

Sample data:

OK 05/20 20:12:10:067 ABC_02~~DE_02 FGH_IJK jsmith _A0011

Custom patterns:

MMDD [0-1][0-9]/[0-3][0-9]
THREAD _A\w+

They work separately; specifically, this pattern works by itself:

%{MMDD:mmdd} 

// Result
{
  "mmdd": [
    [
      "05/20"
    ]
  ]
}

... and this pattern works by itself:

%{THREAD:thread}

// Result
{
  "thread": [
    [
      "_A0011"
    ]
  ]
}    

..but together, they fail:

%{MMDD:mmdd} %{THREAD:keyword}

No Matches

Puzzling. Tyvm Keith :^)

Testing here: https://grokdebug.herokuapp.com/

Regex Resource: https://regex101.com/

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

EDIT based on Jeff Y's comment below

Note change of keyword to thread

// Grok Pattern
%{MMDD:mmdd}%{DATA}%{THREAD:thread}

// Result
{
  "mmdd": [
    [
      "05/20"
    ]
  ],
  "DATA": [
    [
      " 20:12:10:067 ABC_02~~DE_02 FGH_IJK jsmith "
    ]
  ],
  "thread": [
    [
      "_A0011"
    ]
  ]
}

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

EDIT 2 based on Jeff Y's second comment below

// Data - HACKED - Note move of _A0011 to after mm/dd
OK 05/20 _A0011 20:12:10:067 ABC_02~~DE_02 FGH_IJK jsmith 

// Grok Pattern
%{MMDD:mmdd} %{THREAD:thread}

// Result
{
  "mmdd": [
    [
      "05/20"
    ]
  ],
  "thread": [
    [
      "_A0011"
    ]
  ]
}

Answer 1

Grok will test your patterns against the whole message.

If your message is OK 05/20 _A0011 20:12:10:067 ABC_02~~DE_02 FGH_IJK jsmith and you only want the 05/20 and _A0011 part, your grok should have patterns to match the rest of string, but do not save them in a field.

For example, the pattern %{WORD}%{SPACE}%{MMDD:mmdd}%{SPACE}%{THREAD:thread}%{SPACE}%{GREEDYDATA} will match your string, it will save the mmdd and thread fiealds, but ignore everything else.