Event.Module (Auditd) for Auditbeat

Am trying to monitor logs in with Auditbeat version 7.4. specifically the auditd module.I have created a yml file to send send the logs to logstash. please how do I extract the time and date of each event in the auditd module.
I tried this code

auditbeat.modules:
- module: auditd
  log:
    enabled: true
  ...
  processors:
    - date:
        field: event.timestamp
        target_field: custom_timestamp
        formats:
          - 'UNIX'
        timezone: 'UTC

but it did not work out because the date pre-processor does not exist. Do I have to create one and if yes how do I do it.

Thanks once more for you fast response

What are you trying to accomplish?

The timestamp of the event is stored in the @timestamp field and does not need to be processed as it is already a valid time object internally.

• Base Fields | Elastic Common Schema (ECS) Reference [8.11] | Elastic
• Define processors | Auditbeat Reference [8.11] | Elastic

Hi Andrew,
Thanks for your quick response
the auditd module unlike system module has no timestamp like "event.start" or "event.end" field. The @timestamp is the one built in by logstash. For the auditd logs the "msg" has the time component as shown

type=SYSCALL msg=audit(1234874638.599:5207): arch=c000003e syscall=2 
success=yes exit=4 a0=62fb60 a1=0 a2=31 a3=0 items=1 ppid=25400 pid

How do i extract this component and include it under the processor in the yml file configuration file of Auditbeat modules.