How do I send an event to splunk using the splunk_hec_logs sink but keep metadata as metadata?

[bcronrath]

What I mean is, if I have an input that sends something like:
{
"event":"bunch of log data here",
"index":"index here",
"sourcetype":"sourcetype here"
}
How do I get it so the index and sourcetype and only sent as metadata, and not part of the event itself that makes it into the splunk event? For example, using one of splunk docs examples:

curl "https://mysplunkserver.example.com:8088/services/collector?channel=00872DC6-AC83-4EDE-8AFE-8413C3825C4C"
-H "Authorization: Splunk CF179AE4-3C99-45F5-A7CC-3284AA91CF67"
-d '{"event": "Hello, world!", "sourcetype": "manual"}'

This would show up in splunk just as "hello, world!" and the metadata for sourcetype would be set to "manual", but if I send this through the vector splunk_hec_logs sink, I would get an event that is literally that whole json blob {"event": "Hello, world!", "sourcetype": "manual"}