Try this run anywhere search

| makeresults 
| eval data="{'job_no':'1','begin_build_time':'2019-08-15 11:00:00','event_type':'staging'} | {'job_no':'1','end_build_time':'2019-08-15 11:10:00','event_type':'staging'}" 
| makemv data delim="|" 
| mvexpand data 
| table data 
| rex field="data" "'job_no':'(?<job_no>[^\']+)','(begin_build_time':'(?<begin_build_time>[^\']+)|end_build_time':'(?<end_build_time>[^\']+))','event_type':'(?<type>[^\']+)'"| eval begin_build_time=strptime(begin_build_time,"%Y-%m-%d %H:%M:%S"),end_build_time=strptime(end_build_time,"%Y-%m-%d %H:%M:%S") 
| stats values(begin_build_time) as begin_build_time values(end_build_time) as end_build_time by type job_no
| eval time_diff_in_min=round((end_build_time-begin_build_time)/60)

In your env, you should try

index=<your_index>
| rex field=_raw "'job_no':'(?<job_no>[^\']+)','(begin_build_time':'(?<begin_build_time>[^\']+)|end_build_time':'(?<end_build_time>[^\']+))','event_type':'(?<type>[^\']+)'"| eval begin_build_time=strptime(begin_build_time,"%Y-%m-%d %H:%M:%S"),end_build_time=strptime(end_build_time,"%Y-%m-%d %H:%M:%S") 
| stats values(begin_build_time) as begin_build_time values(end_build_time) as end_build_time by type job_no
| eval time_diff_in_min=round((end_build_time-begin_build_time)/60)