So i got it :
With ruby filters i am scanning event and getting ID,name and level into an array, then i merge them with .zip api (big props to Magnus Baeck - here )
That was so easy - i decided to add one more field (level). 
Summary
ruby { code => "event.set('ID', event.get('message').scan(/(?<=ID:\s)\d+/) )" }
ruby { code => "event.set('name', event.get('message').scan(/[^;]+(?=;ID)/) )" }
ruby { code => "event.set('level', event.get('message').scan(/[^;]+(?=;[^;]*;ID)/) )" }
ruby { code => "event.set('Results', event.get('ID').zip(event.get('name'),event.get('level')).map! { |item| item[0] +'; '+ item[1] +'; '+ item[2] +';' } )" }
After ruby i just use split plugin for field "Results"
Summary
split {
field => "Results"
remove_field => [ "ID", "name", "level" ]
}
Logstash is amazing!