Parse json format logagregator logs in logstash

I would break the line up using dissect, then use a json filter.

dissect { mapping => { "message" => "<%{pri}>%{f1} %{ts} [%{f2}] %{f3} ,%{[@metadata][json]}" } }
json { source => "[@metadata][json]" }