The solution is actually so much simpler than I thought. Having the original log parsed and having the JSON in a field as string, I just need to parse this field and add the nested content back to it:
# Parse nested data in backend logs
<filter filter.app.backend.app_logs>
@type parser
key_name related_objects
hash_value_field related_objects
reserve_data true
reserve_time true
<parse>
@type json
</parse>
</filter>
That did the trick, now the logs are accepted again and I can do nested queries as expected.