How to parse elastic audit.json log file

how to parse elastic audit.json and seperate each field
i used json plugin but got some bad parsing
can you send me a filter to parse it.

You may use kv (key-value)plugin?

filter {
  kv {
    source => "message"
    field_split => ","
    value_split => "="

or maybe dissect plugin?

filter {
  dissect {
    mapping => {
      "message" => "%{[@metadata][timestamp]} %{+[@metadata][timestamp]} %{+[@metadata][timestamp]} %{+[@metadata][timestamp]} %{+[@metadata][timestamp]} %{+[@metadata][timestamp]} %{+[@metadata][timestamp]} %{+[@metadata][timestamp]} %{+[@metadata][timestamp]} %{+[@metadata][timestamp]} %{[@metadata][user]} %{[@metadata][action]} %{[@metadata][index]} %{[@metadata][shard]} %{[@metadata][node]} %{[@metadata][reason]} %{[@metadata][state]}"
    remove_field => ["message"]

hi murat
i want to remove highlighted fields in the picture

this is my filter