Autonomous System Number (ASN) not displaying

I have an index that I've created that follows the ECS standard. Within the index I have the source.as.* and destination.as.* fields that are populated using the GeoLite2ASN database. The fields are being populated in the index, but the network section of SIEM doesn't display them. The main page nor the drilled down view of the IP shows this information. I verified with the "inspect" feature that I am populating the right fields. This is on version 7.4.0 if that matters.

Here's a sample that doesn't show the ASN in SIEM, but does show in searches. Any ideas what I might be missing/doing incorrectly?

{
  "source": {
    "ip": "192.168.1.1",
    "interface": "X16",
    "mac": "00:00:00:00:00:00",
    "bytes": 119311,
    "port": "62190"
  },
  "agent": {
    "type": "logstash",
    "name": "vDEVLOG1"
  },
  "observer": {
    "type": "firewall",
    "ip": "1.1.1.1",
    "serial_number": "NA",
    "vendor": "unknown"
  },
  "message": "%{[message][1]}",
  "destination": {
    "port": "443",
    "as": {
      "asn": 46489,
      "as_org": "Twitch Interactive Inc.",
      "ip": "52.223.226.232"
    },
    "interface": "X5",
    "ip": "52.223.226.232",
    "geo": {
      "location": {
        "lat": 47.6348,
        "lon": -122.3451
      },
      "longitude": -122.3451,
      "country_code3": "US",
      "postal_code": "98109",
      "region_code": "WA",
      "continent_code": "NA",
      "city_name": "Seattle",
      "ip": "52.223.226.232",
      "latitude": 47.6348,
      "dma_code": 819,
      "region_name": "Washington",
      "country_code2": "US",
      "timezone": "America/Los_Angeles",
      "country_name": "United States"
    },
    "bytes": 17384244,
    "mac": "40:a6:e8:5f:ba:d6"
  },
  "network": {
    "protocol": "https",
    "transport": "tcp",
    "bytes": 17503555
  },
  "host": {
    "ip": "192.168.1.1"
  },
  "url": {
    "domain": "video-edge-eddcc8.ord02.abs.hls.ttvnw.net",
    "path": "/v1/"
  },
  "@version": "1",
  "id": "a-fw",
  "tags": [
    "syslog",
    "unknown",
    "privateip_source"
  ],
  "@timestamp": "2019-10-31T23:00:02.000Z",
  "_index": "syslog-1.0-000028",
  "_type": "_doc",
  "_id": "aKUMJG4B3alxQ_lAFsNy",
  "_score": 1
}

The destination.as.* fields you have populated are not what is defined in Elastic Common Schema. See https://www.elastic.co/guide/en/ecs/current/ecs-as.html.

You'll want to have a destination.as.number and destination.as.organization.name.

Here's an example you can follow for your Ingest Node pipeline.

It's in YAML, but you can convert it to JSON with https://www.json2yaml.com/.

That would make sense. I'm guessing the easiest way to accomplish this would be to use the mutate rename filter in Logstash?