Hi,
In the documentation you can find :
If the event has field "somefield" == "hello" this filter, on success, would remove the field with name "foo_hello" if it is present.
If the field somefield do not exist, no field will be deleted.
In your case, something like this would be enough.
filter {
mutate {
remove_field => [ "agent.id", "cloud.account.id" ]
}
}
Cad.