I am using a query below which gives me rules field

index=myindex| spath "Rules{}" output=rules |mvexpand rules
 | table device ip rules | rex field=rules "\:(?<rule_name>[^\,]+)\,(?<rule_result>[^\,]+)"

rules field has data like below:

{"name": "Abc Def - 123", "result": true}

Now i want these two to be spitted into two fields rules_name and rules_result