mutate { add_field => [ "index_name", "cost_management" ] }
"reason"=>"Invalid index name [cost_management,cost_management-2021.03.16], must not contain the following characters [ , \", *, \\, <, |, ,, >, /, ?]", "index_uuid"=>"_na_", "index"=>"cost_management,cost_management-2021.03.16"}}}}
If that mutate gets executed twice, then [index_name] will be an array, which the code will present as "cost_management,cost_management".
You could avoid this by using
mutate { replace => { "index_name" => "cost_management" } }
but you should really try to find why it is getting executed twice, since that may mean other things are being done twice. For example, if you point path.config at a directory then it will concatenate all the files in the directory into a single configuration. If the directory contains my.conf and my.conf.bak then the contents of both are part of the configuration.