I have a shared cluster that ties into multiple client clusters and I'm trying to create a dashboard to show geo information from them all but in the table view the child fields under geoip such as geoip.country_name are not showing as individual fields. They show just as one { } block as in the screenshot. If I view it under the json tab, it looks correct. If I go to the original cluster, it is correct there under the table view. I have tried to refresh and recreate the index mappings but no change. Under the mappings this specific field has a type of unknown. I can do a search for these fields like geoip.country_name:"United States" but can't add specific fields to a table visualization.
Any suggestions to get this to map like regular fields?
