Move subarrays to document root

    ruby { code => 'event.get("[com][openexchange]").each { | k, v| event.set(k, v) }' }
    mutate { remove_field => [ "[com][openexchange]", "com" ] }