Logstash filters to analyze data

I would try something like

dissect { mapping => { "message" => "%{[@metadata][ts]}T%{}" } }
date { match => [ "[@metadata][ts]", "ISO8601" ] }
grok {
    break_on_match => false
    match => {
        "message" => [
            "Status : %{NUMBER:status} ",
            "Msisdn : %{NUMBER:msisdn} ",
            "Code : %{DATA:errorMessage}"
        ]
    }
}
if [status] == "0" { drop {} }