like this?
[2018-07-30T14:23:50,561][DEBUG][o.e.a.b.TransportShardBulkAction] [logstash-genesys-2018.07.30][0] failed to execute bulk item (index) BulkShardRequest [[logstash-genesys-2018.07.30][0]] containing [index {[logstash-genesys-2018.07.30][doc][9ZUl62QBiUbzVMJLCngf], source[{"port":60020,"domain":"hosting.corp","tags":["app-Genesys"],"@version":"1","m":{"application":"","supportgroup":"","serviceimpact":"","servicecomponent":"","service":"","devicetype":["WINDOWS Server"],"customer":["Achmea.GITS"],"cmz":"","infrastructure":"","location":"","bubble":""},"SourceModuleName":"inx_license_usage_in","@timestamp":"2018-07-30T12:23:50.267Z","severity":"","hostname":"aisrv61721","original":"{"EventReceivedTime":"2018-07-30 14:23:50","SourceModuleName":"inx_license_usage_in","SourceModuleType":"im_file","Time":"2018-07-30T14:23:49.999","AgentSeatUsage":"3","AgentSeatTotal":"1120","EmailUsage":"1","EmailTotal":"480","ChatUsage":"1","ChatTotal":"120","SMSUsage":"0","SMSTotal":"0","OpenMediaUsage":"0","OpenMediaTotal":"520","Hostname":"aisrv61721.hosting.corp","Environment":"test","InxLicenseUsage":"INX Current license usage","Message":"2018-07-30T14:23:49.999 Trc 55017 Current license usage: agent seat: 3/1120, email: 1/480, chat: 1/120, SMS: 0/0, open media: 0/520","tags":"app-Genesys"}\r","c":{"emailtot
":{"license":{"ChatTotal":"120","SMSUsage":"0","OpenMediaTotal":"520","OpenMediaUsage":"0","EmailTotal":"480","ChatUsage":"1","AgentSeatUsage":"3","Environment":"test","AgentSeatTotal":"1120","SMSTotal":"0","EmailUsage":"1"}}},"fqdn":"aisrv61721.hosting.corp","d":{"severity":{"debug":0,"notice":0,"informational":0,"warning":0,"emergency":0,"error":0,"critical":0,"alert":0}},"type":"nxlog","message":"2018-07-30T14:23:49.999 Trc 55017 Current license usage: agent seat: 3/1120, email: 1/480, chat: 1/120, SMS: 0/0, open media: 0/520"}]}]
org.elasticsearch.index.mapper.MapperParsingException: failed to parse [c.customer.license]
at org.elasticsearch.index.mapper.FieldMapper.parse(FieldMapper.java:302) ~[elasticsearch-6.2.1.jar:6.2.1]
.......................
at org.elasticsearch.xpack.security.transport.SecurityServerTransportInterceptor$ProfileSecuredRequestHandler.lambda$messageReceived$0(SecurityServerTransportInterceptor.java:307) ~[?:?]
at org.elasticsearch.action.ActionListener$1.onResponse(ActionListener.java:60) ~[elasticsearch-6.2.1.jar:6.2.1]
at org.elasticsearch.xpack.security.transport.ServerTransportFilter$NodeProfile.lambda$inbound$2(ServerTransportFilter.java:166) ~[?:?]
at org.elasticsearch.xpack.security.authz.AuthorizationUtils$AsyncAuthorizer.maybeRun(AuthorizationUtils.java:183) ~[?:?]
at org.elasticsearch.xpack.security.authz.AuthorizationUtils$AsyncAuthorizer.setRunAsRoles(AuthorizationUtils.java:177) ~[?:?]
at org.elasticsearch.xpack.security.authz.AuthorizationUtils$AsyncAuthorizer.authorize(AuthorizationUtils.java:165) ~[?:?]
at org.elasticsearch.xpack.security.transport.ServerTransportFilter$NodeProfile.lambda$inbound$3(ServerTransportFilter.java:168) ~[?:?]
at org.elasticsearch.action.ActionListener$1.onResponse(ActionListener.java:60) ~[elasticsearch-6.2.1.jar:6.2.1]
at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.lambda$authenticateAsync$2(AuthenticationService.java:184) ~[x-pack-security-6.2.1.jar:6.2.1]
at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.lambda$lookForExistingAuthentication$4(AuthenticationService.java:217) ~[x-pack-security-6.2.1.jar:6.2.1]
at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.lookForExistingAuthentication(AuthenticationService.java:228) [x-pack-security-6.2.1.jar:6.2.1]
at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.authenticateAsync(AuthenticationService.java:182) [x-pack-security-6.2.1.jar:6.2.1]
at org.elasticsearch.xpack.security.authc.AuthenticationService$Authenticator.access$000(AuthenticationService.java:143) [x-pack-security-6.2.1.jar:6.2.1]
at org.elasticsearch.xpack.security.authc.AuthenticationService.authenticate(AuthenticationService.java:113) [x-pack-security-6.2.1.jar:6.2.1]
at org.elasticsearch.xpack.security.transport.ServerTransportFilter$NodeProfile.inbound(ServerTransportFilter.java:142) [x-pack-security-6.2.1.jar:6.2.1]
at org.elasticsearch.xpack.security.transport.SecurityServerTransportInterceptor$ProfileSecuredRequestHandler.messageReceived(SecurityServerTransportInterceptor.java:314) [x-pack-security-6.2.1.jar:6.2.1]
at org.elasticsearch.transport.RequestHandlerRegistry.processMessageReceived(RequestHandlerRegistry.java:66) [elasticsearch-6.2.1.jar:6.2.1]
at org.elasticsearch.transport.TransportService$7.doRun(TransportService.java:656) [elasticsearch-6.2.1.jar:6.2.1]
at org.elasticsearch.common.util.concurrent.ThreadContext$ContextPreservingAbstractRunnable.doRun(ThreadContext.java:635) [elasticsearch-6.2.1.jar:6.2.1]
at org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:37) [elasticsearch-6.2.1.jar:6.2.1]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_151]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_151]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_151]
Caused by: java.lang.IllegalStateException: Can't get text on a START_OBJECT at 1:1128
at org.elasticsearch.common.xcontent.json.JsonXContentParser.text(JsonXContentParser.java:85) ~[elasticsearch-6.2.1.jar:6.2.1]
at org.elasticsearch.common.xcontent.support.AbstractXContentParser.textOrNull(AbstractXContentParser.java:237) ~[elasticsearch-6.2.1.jar:6.2.1]
at org.elasticsearch.index.mapper.KeywordFieldMapper.parseCreateField(KeywordFieldMapper.java:315) ~[elasticsearch-6.2.1.jar:6.2.1]
at org.elasticsearch.index.mapper.FieldMapper.parse(FieldMapper.java:297) ~[elasticsearch-6.2.1.jar:6.2.1]
... 65 more