Nginx Fieldsedit

Module for parsing the Nginx log files.

nginx Fieldsedit

Fields from the Nginx log files.

access Fieldsedit

Contains fields for the Nginx access logs.

nginx.access.remote_ipedit

type: keyword

Client IP address.

nginx.access.user_nameedit

type: keyword

The user name used when basic authentication is used.

nginx.access.methodedit

type: keyword

example: GET

The request HTTP method.

nginx.access.urledit

type: keyword

The request HTTP URL.

nginx.access.http_versionedit

type: keyword

The HTTP version.

nginx.access.response_codeedit

type: long

The HTTP response code.

nginx.access.body_sent.bytesedit

type: long

format: bytes

The number of bytes of the server response body.

nginx.access.referreredit

type: keyword

The HTTP referrer.

nginx.access.agentedit

type: text

Contains the un-parsed user agent string. Only present if the user agent Elasticsearch plugin is not available or not used.

user_agent Fieldsedit

Contains the parsed User agent field. Only present if the user agent Elasticsearch plugin is available and used.

nginx.access.user_agent.deviceedit

type: keyword

The name of the physical device.

nginx.access.user_agent.majoredit

type: long

The major version of the user agent.

nginx.access.user_agent.minoredit

type: long

The minor version of the user agent.

nginx.access.user_agent.patchedit

type: long

The patch version of the user agent.

nginx.access.user_agent.nameedit

type: keyword

example: Chrome

The name of the user agent.

nginx.access.user_agent.osedit

type: keyword

The name of the operating system.

nginx.access.user_agent.os_majoredit

type: long

The major version of the operating system.

nginx.access.user_agent.os_minoredit

type: long

The minor version of the operating system.

nginx.access.user_agent.os_nameedit

type: keyword

The name of the operating system.

geoip Fieldsedit

Contains GeoIP information gathered based on the remote_ip field. Only present if the GeoIP Elasticsearch plugin is available and used.

nginx.access.geoip.continent_nameedit

type: keyword

The name of the continent.

nginx.access.geoip.country_iso_codeedit

type: keyword

Country ISO code.

nginx.access.geoip.locationedit

type: geo_point

The longitude and latitude.

error Fieldsedit

Contains fields for the Nginx error logs.

nginx.error.leveledit

type: keyword

Error level (e.g. error, critical).

nginx.error.pidedit

type: long

Process identifier (PID).

nginx.error.tidedit

type: long

Thread identifier.

nginx.error.connection_idedit

type: long

Connection identifier.

nginx.error.messageedit

type: text

The error message