HI, How to extract the field user, action and src_ip from the below event?

05/31/2017 11:59:52 PM
LogName=Application
SourceName=MSSQLSERVER
EventCode=18456
EventType=0
Type=Information
ComputerName=SQl34
User=NOT_TRANSLATED
Sid=S-1-5-7
SidType=0
TaskCategory=Logon
OpCode=None
RecordNumber=123
Keywords=Audit Failure, Classic
Message=Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'. Reason: Token-based server access validation failed with an infrastructure error. Check for previous errors. [CLIENT: 12.13.14.152]

05/31/2017 11:59:44 PM
LogName=Application
SourceName=MSSQLSERVER
EventCode=18454
EventType=0
Type=Information
ComputerName=SQL33
TaskCategory=Logon
OpCode=None
RecordNumber=151021016
Keywords=Audit Success, Classic
Message=Login succeeded for user 'KIRAN'. Connection made using SQL Server authentication. [CLIENT: 13.12.14.133]

I need to extract the field values

action
succeeded
failed

user
KIRAN
NT AUTHORITY\ANONYMOUS LOGON

src_ip
13.12.14.133
12.13.14.152