tl;dr: the .* at the beginning of your outer if-statement pattern is too greedy; it captures the whole string (including any -p, sequence) up until a newline, so the next character sequence will never be a literal hyphen (-).
Your outer check pattern should be / -[pP], / (note the literal spaces on either side and absence of other patterns).
While attempting to come up with a solution, I improved your pattern a bit, and got to a point where I could reliably capture passwords without changing the case of the preceding p/P (not sure if this matters for you):
(?<= -[pP], )[^,]*
In the pipeline config, this becomes:
filter {
mutate {
gsub => ["[check_result][command]", "(?<= -[pP], )[^,]*", "FILTERED_PASSWORD"]
}
}
By using a positive lookbehind assertion of -[pP],, we can capture sequences that are proceeded by this pattern without including it in our match, and since the -p, or -P, isn't part of the match, we don't have to worry about replacing it.
Which brings me to: EDGE CASES
What if a password includes a literal comma? Will this end up leaking everything after that literal comma into your logs? 
If your producer handles literal commas in passwords by escaping them (e.g., by prefixing them with a backslash), the following would ensure we capture the whole password):
(?<= -[pP], )(?:\\,|[^,])*
In our repeated match, we either capture a literal-backslash-literal-comma sequence, or anything-but-a-comma.
If your producer does not escape literal commas, the following pattern would be a bit better, as it only breaks the capture once it encounters either a literal-comma-literal-space sequence or EOL by moving the break pattern into a positive-lookahead clause and making the repeat operator less greedy:
(?<= -[pP], ).+?(?=, |$)
I tested the above pattern with the following command lines, and it seems to handle the edge-cases well.
/usr/lib/nagios/plugins/check_mysql, -H, hostname.tld, -p, Xkaw*!dH=VlM@, -u, monitoring
/usr/lib/nagios/plugins/check_mysql, -H, hostname.tld, -p, Xkaw*!d,H=VlM@, -u, monitoring
/usr/lib/nagios/plugins/check_mysql, -H, hostname.tld, -p, Xkaw*!dH=V,lM@, -u, monitoring
/usr/lib/nagios/plugins/check_mysql, -H, hostname.tld, -u monitoring -p, Xkaw*!dH=V,lM@
/usr/lib/nagios/plugins/check_mysql, -H, hostname.tld, -u monitoring -p, Xkaw*!dH=VlM@
/usr/lib/nagios/plugins/check_mysql, -H, hostname.tld, -u monitoring -p, ,Xkaw*!dH=VlM@
/usr/lib/nagios/plugins/check_mysql, -H, hostname.tld, -u monitoring -p, Xkaw*!dH=VlM@,
/usr/lib/nagios/plugins/check_mysql, -H, hostname.tld, -P, Xkaw*!dH=VlM@, -u, monitoring
/usr/lib/nagios/plugins/check_mysql, -H, hostname.tld, -P, Xkaw*!d,H=VlM@, -u, monitoring
/usr/lib/nagios/plugins/check_mysql, -H, hostname.tld, -P, Xkaw*!dH=V,lM@, -u, monitoring
/usr/lib/nagios/plugins/check_mysql, -H, hostname.tld, -u monitoring -P, Xkaw*!dH=V,lM@
/usr/lib/nagios/plugins/check_mysql, -H, hostname.tld, -u monitoring -P, Xkaw*!dH=VlM@
/usr/lib/nagios/plugins/check_mysql, -H, hostname.tld, -u monitoring -P, ,Xkaw*!dH=VlM@
/usr/lib/nagios/plugins/check_mysql, -H, hostname.tld, -u monitoring -P, Xkaw*!dH=VlM@,