diff --git a/internal/syslogparser/rfc3164/rfc3164.go b/internal/syslogparser/rfc3164/rfc3164.go
index d5873aa..3192275 100644
--- a/internal/syslogparser/rfc3164/rfc3164.go
+++ b/internal/syslogparser/rfc3164/rfc3164.go
@@ -26,6 +26,7 @@ type header struct {
 
 type rfc3164message struct {
 	tag     string
+	pid     string
 	content string
 }
 
@@ -82,6 +83,7 @@ func (p *Parser) Dump() syslogparser.LogParts {
 		"hostname":  p.header.hostname,
 		"tag":       p.message.tag,
 		"content":   p.message.content,
+		"pid":       p.message.pid,
 		"priority":  p.priority.P,
 		"facility":  p.priority.F.Value,
 		"severity":  p.priority.S.Value,
@@ -117,11 +119,12 @@ func (p *Parser) parsemessage() (rfc3164message, error) {
 	var err error
 
 	if !p.skipTag {
-		tag, err := p.parseTag()
+		tag, pid, err := p.parseTag()
 		if err != nil {
 			return msg, err
 		}
 		msg.tag = tag
+		msg.pid = pid
 	}
 
 	content, err := p.parseContent()
@@ -198,31 +201,39 @@ func (p *Parser) parseHostname() (string, error) {
 }
 
 // http://tools.ietf.org/html/rfc3164#section-4.1.3
-func (p *Parser) parseTag() (string, error) {
+func (p *Parser) parseTag() (string, string, error) {
 	var b byte
 	var endOfTag bool
 	var bracketOpen bool
+	var bracketClosed bool
 	var tag []byte
+	var pid []byte
 	var err error
 	var found bool
 
 	from := p.cursor
+	pidFrom := 0
 
 	for {
 		if p.cursor == p.l {
 			// no tag found, reset cursor for content
 			p.cursor = from
-			return "", nil
+			return "", "", nil
 		}
 
 		b = p.buff[p.cursor]
 		bracketOpen = (b == '[')
+		bracketClosed = (b == ']')
 		endOfTag = (b == ':' || b == ' ')
 
-		// XXX : parse PID ?
 		if bracketOpen {
 			tag = p.buff[from:p.cursor]
 			found = true
+			pidFrom = p.cursor + 1
+		}
+		
+		if bracketClosed {
+			pid = p.buff[pidFrom:p.cursor]
 		}
 
 		if endOfTag {
@@ -242,7 +253,11 @@ func (p *Parser) parseTag() (string, error) {
 		p.cursor++
 	}
 
-	return string(tag), err
+	if pidFrom == 0 { // No PID found
+		pid = []byte{}
+	}
+
+	return string(tag), string(pid), err
 }
 
 func (p *Parser) parseContent() (string, error) {
diff --git a/internal/syslogparser/rfc3164/rfc3164_test.go b/internal/syslogparser/rfc3164/rfc3164_test.go
index b95eb72..34b4af1 100644
--- a/internal/syslogparser/rfc3164/rfc3164_test.go
+++ b/internal/syslogparser/rfc3164/rfc3164_test.go
@@ -46,6 +46,7 @@ func (s *Rfc3164TestSuite) TestParser_Valid(c *C) {
 		"timestamp": time.Date(now.Year(), time.October, 11, 22, 14, 15, 0, time.UTC),
 		"hostname":  "mymachine",
 		"tag":       "very.large.syslog.message.tag",
+		"pid":       "",
 		"content":   "'su root' failed for lonvick on /dev/pts/8",
 		"priority":  34,
 		"facility":  4,
@@ -78,6 +79,7 @@ func (s *Rfc3164TestSuite) TestParser_ValidNoTag(c *C) {
 		"timestamp": time.Date(now.Year(), time.October, 11, 22, 14, 15, 0, time.UTC),
 		"hostname":  "mymachine",
 		"tag":       "",
+		"pid":       "",
 		"content":   "singleword",
 		"priority":  34,
 		"facility":  4,
@@ -112,6 +114,7 @@ func (s *Rfc3164TestSuite) TestParser_NoTimestamp(c *C) {
 		"timestamp": now,
 		"hostname":  "",
 		"tag":       "",
+		"pid":       "",
 		"content":   "INFO     leaving (1) step postscripts",
 		"priority":  14,
 		"facility":  1,
@@ -164,6 +167,7 @@ func (s *Rfc3164TestSuite) TestParser_ValidRFC3339Timestamp(c *C) {
 		"timestamp": time.Date(2018, time.January, 12, 22, 14, 15, 0, time.UTC),
 		"hostname":  "mymachine",
 		"tag":       "app",
+		"pid":       "101",
 		"content":   "msg",
 		"priority":  34,
 		"facility":  4,
@@ -184,6 +188,7 @@ func (s *Rfc3164TestSuite) TestParsemessage_Valid(c *C) {
 	buff := []byte("sometag[123]: " + content)
 	hdr := rfc3164message{
 		tag:     "sometag",
+		pid:     "123",
 		content: content,
 	}
 
@@ -233,29 +238,30 @@ func (s *Rfc3164TestSuite) TestParseTimestamp_Valid(c *C) {
 func (s *Rfc3164TestSuite) TestParseTag_Pid(c *C) {
 	buff := []byte("apache2[10]:")
 	tag := "apache2"
+	pid := "10"
 
-	s.assertTag(c, tag, buff, len(buff), nil)
+	s.assertTag(c, tag, pid, buff, len(buff), nil)
 }
 
 func (s *Rfc3164TestSuite) TestParseTag_NoPid(c *C) {
 	buff := []byte("apache2:")
 	tag := "apache2"
 
-	s.assertTag(c, tag, buff, len(buff), nil)
+	s.assertTag(c, tag, "", buff, len(buff), nil)
 }
 
 func (s *Rfc3164TestSuite) TestParseTag_TrailingSpace(c *C) {
 	buff := []byte("apache2: ")
 	tag := "apache2"
 
-	s.assertTag(c, tag, buff, len(buff), nil)
+	s.assertTag(c, tag, "", buff, len(buff), nil)
 }
 
 func (s *Rfc3164TestSuite) TestParseTag_NoTag(c *C) {
 	buff := []byte("apache2")
 	tag := ""
 
-	s.assertTag(c, tag, buff, 0, nil)
+	s.assertTag(c, tag, "", buff, 0, nil)
 }
 
 func (s *Rfc3164TestSuite) TestParseContent_Valid(c *C) {
@@ -305,7 +311,7 @@ func (s *Rfc3164TestSuite) BenchmarkParseTag(c *C) {
 	p := NewParser(buff)
 
 	for i := 0; i < c.N; i++ {
-		_, err := p.parseTag()
+		_, _, err := p.parseTag()
 		if err != nil {
 			panic(err)
 		}
@@ -352,10 +358,11 @@ func (s *Rfc3164TestSuite) assertTimestamp(c *C, ts time.Time, b []byte, expC in
 	c.Assert(err, Equals, e)
 }
 
-func (s *Rfc3164TestSuite) assertTag(c *C, t string, b []byte, expC int, e error) {
+func (s *Rfc3164TestSuite) assertTag(c *C, t string, pid string, b []byte, expC int, e error) {
 	p := NewParser(b)
-	obtained, err := p.parseTag()
+	obtained, obtainedPid, err := p.parseTag()
 	c.Assert(obtained, Equals, t)
+	c.Assert(obtainedPid, Equals, pid)
 	c.Assert(p.cursor, Equals, expC)
 	c.Assert(err, Equals, e)
 }