User agent
Fields to describe a browser user_agent string.
Fields
Field Summary
| Field | Type | Level | Description |
|---|---|---|---|
user_agent.device.name | keyword | Extended | Name of the device. |
user_agent.name | keyword | Extended | Name of the user agent. |
user_agent.original | keyword | Extended | Unparsed user_agent string. |
user_agent.original.text | match_only_text | Extended | Unparsed user_agent string. |
user_agent.os.family | keyword | Extended | OS family (such as redhat, debian, freebsd, windows). |
user_agent.os.full | keyword | Extended | Operating system name, including the version or code name. |
user_agent.os.full.text | match_only_text | Extended | Operating system name, including the version or code name. |
user_agent.os.kernel | keyword | Extended | Operating system kernel version as a raw string. |
user_agent.os.name | keyword | Extended | Operating system name, without the version. |
user_agent.os.name.text | match_only_text | Extended | Operating system name, without the version. |
user_agent.os.platform | keyword | Extended | Operating system platform (such centos, ubuntu, windows). |
user_agent.os.type | keyword | Extended | Which commercial OS family (one of: linux, macos, unix or windows). |
user_agent.os.version | keyword | Extended | Operating system version as a raw string. |
user_agent.version | keyword | Extended | Version of the user agent. |
Field Details
user_agent.device.name
Type: keyword
Level: Extended
Description: Name of the device.
Example: iPhone
Indexed: true
user_agent.name
Type: keyword
Level: Extended
Description: Name of the user agent.
Example: Safari
Indexed: true
user_agent.original
Type: keyword
Level: Extended
Description: Unparsed user_agent string.
Example: Mozilla/5.0 (iPhone; CPU iPhone OS 12_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
Indexed: true
user_agent.original.text
Type: match_only_text
Level: Extended
Description: Unparsed user_agent string.
Example: Mozilla/5.0 (iPhone; CPU iPhone OS 12_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0 Mobile/15E148 Safari/604.1
Indexed: true
user_agent.os.family
Type: keyword
Level: Extended
Description: OS family (such as redhat, debian, freebsd, windows).
Example: debian
Indexed: true
user_agent.os.full
Type: keyword
Level: Extended
Description: Operating system name, including the version or code name.
Example: Mac OS Mojave
Indexed: true
user_agent.os.full.text
Type: match_only_text
Level: Extended
Description: Operating system name, including the version or code name.
Example: Mac OS Mojave
Indexed: true
user_agent.os.kernel
Type: keyword
Level: Extended
Description: Operating system kernel version as a raw string.
Example: 4.4.0-112-generic
Indexed: true
user_agent.os.name
Type: keyword
Level: Extended
Description: Operating system name, without the version.
Example: Mac OS X
Indexed: true
user_agent.os.name.text
Type: match_only_text
Level: Extended
Description: Operating system name, without the version.
Example: Mac OS X
Indexed: true
user_agent.os.platform
Type: keyword
Level: Extended
Description: Operating system platform (such centos, ubuntu, windows).
Example: darwin
Indexed: true
user_agent.os.type
Type: keyword
Level: Extended
Description: Which commercial OS family (one of: linux, macos, unix or windows).
Example: macos
Indexed: true
user_agent.os.version
Type: keyword
Level: Extended
Description: Operating system version as a raw string.
Example: 10.14.1
Indexed: true
user_agent.version
Type: keyword
Level: Extended
Description: Version of the user agent.
Example: 12.0
Indexed: true