Repeated values with mutate filter in nested json output

Elastic Stack Logstash
1

I have the following input log:
.... proto=6 source=10.13.30.47 ....

I need the following output in json:

"data": {
    "key1": {
        "src": "10.13.30.47",
        "proto": 6
     },
    "key2": {
        "src": "10.13.30.47"
        "proto": 6
    }
}

I used the mutate filter to do this

mutate {
    rename => { "proto" => "[data][key1][proto]" }
    rename => { "proto" => "[data][key2][proto]" }
    rename => { "source" => "[data][key1][src]" }
    rename => { "source" => "[data][key2][src]" }
}

but when i use logstash with this configuration, the console output is :

{
    "\"":
    {
        "data":
        {
            "key1":
            {
                "proto":
                {
                    "\", \"":
                    {
                        "data":
                        {
                            "key2":
                            {
                                "proto":
                                {
                                    "\"": "6"
                                }
                            }
                        }
                    }
                },
                "src":
                {
                    "\", \"":
                    {
                        "data":
                        {
                            "key2":
                            {
                                "src":
                                {
                                    "\"": "10.13.30.47"
                                }
                            }
                        }
                    }
                }
            }
        }
    }
}
2

I can't explain this behavior, but trying to rename the same field multiple times doesn't seem like a good idea to me. I'd try this:

mutate {
  add_field => {
    "[data][key1][proto]" => "%{proto}"
    "[data][key1][src]" => "%{src}"
  }
}
mutate {
  rename => {
    "proto" => "[data][key2][proto]"
    "src" => "[data][key2][src]"
  }
}
3

Thank you, that solves the problem for me, thank you very much.