I have a field with name event.action.arguments in logs. There are the numbers of subfield under event.action.arguments.
eg:
{
"event": {
"action": {
"arguments": {
"First_argument": {
"1st_sub": 123,
"2nd_sub": "abc",
"3rd_sub": "def",
"4th_sub": "ghi",
"5th_sub": "pqr",
"6th_sub": "xyz"
},
"Second_argument": {
"1st_sub": 123,
"2nd_sub": "abc",
"3rd_sub": "def",
"4th_sub": "ghi",
"5th_sub": "pqr",
"6th_sub": "xyz"
}
}
}
}
}
I want to store entire content from event.action.arguments into single string in event.action.arguments_string. In this way, I will have all the arguments as one field in Elastic.