Using the user_agent Processor in a Pipeline
editUsing the user_agent Processor in a Pipeline
editTable 3. User-agent options
| Name | Required | Default | Description |
|---|---|---|---|
|
yes |
- |
The field containing the user agent string. |
|
no |
user_agent |
The field that will be filled with the user agent details. |
|
no |
- |
The name of the file in the |
|
no |
[ |
Controls what properties are added to |
|
no |
|
If |
Here is an example that adds the user agent details to the user_agent field based on the agent field:
PUT _ingest/pipeline/user_agent
{
"description" : "Add user agent information",
"processors" : [
{
"user_agent" : {
"field" : "agent"
}
}
]
}
PUT my_index/_doc/my_id?pipeline=user_agent
{
"agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
}
GET my_index/_doc/my_id
Which returns
{
"found": true,
"_index": "my_index",
"_type": "_doc",
"_id": "my_id",
"_version": 1,
"_seq_no": 22,
"_primary_term": 1,
"_source": {
"agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36",
"user_agent": {
"name": "Chrome",
"major": "51",
"minor": "0",
"patch": "2704",
"os_name": "Mac OS X",
"os": "Mac OS X 10.10.5",
"os_major": "10",
"os_minor": "10",
"device": "Other"
}
}
}
Using a custom regex file
editTo use a custom regex file for parsing the user agents, that file has to be put into the config/ingest-user-agent directory and
has to have a .yaml filename extension. The file has to be present at node startup, any changes to it or any new files added
while the node is running will not have any effect.
In practice, it will make most sense for any custom regex file to be a variant of the default file, either a more recent version or a customised version.
The default file included in ingest-user-agent is the regexes.yaml from uap-core: https://github.com/ua-parser/uap-core/blob/master/regexes.yaml