How Can i just get the message alert in mail showing only the  failed job example "Job=[ADM-FILENET-DLY]] " instead of the complete log.   Note: The Job names are dynamic 

My Current Alert Query :

index=*  host=*MYhost*    "*IN-RCMCO-DLY*"  OR  "*ADJ-RECERT-DLY*"  OR  *AD*-*Y*"   FAILED job_status2=FAILED OR status=FAILED OR status1=FAILED OR ExitCode=FAILED | rex field=_raw ".*status:\s\[(?P<status1>\S+)\]" | rex field=_raw "JOB\s(?P<job_status2>\w+)" |rex field=_raw "(exitCode=)(?<ExitCode>\w+)"
| eval _raw=substr(_raw, 1, 1500)
| table _time job_status2 status1 status ExitCode _raw

log 

22-08-28 18:01:31,323 INFO [main] c.l.b.listener.JobCompletionListener: :::::::::::::::BATCH JOB FAILED:::::::::::JobExecution: id=21099, version=1, startTime=Sun Aug 28 18:01:29 CDT 2022, endTime=Sun Aug 28 18:01:31 CDT 2022, lastUpdated=Sun Aug 28 18:01:29 CDT 2022, status=FAILED, exitStatus=exitCode=FAILED;exitDescription=com.ltss.fw.exception.ApplicationException: Error occured while processing appDocument: In catch block, exception stackTrace,job=[JobInstance: id=21099, version=0, Job=[ADM-FILENET-DLY]], jobParameters=[{chunkSize=null, skipLimit=null, commitInterval=null, time=1661727689449, asOfDate=1661662800000}]