honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
OpenSearch/docs/reference/ingest/processors/user-agent.asciidoc

99 lines
4.7 KiB
Plaintext
Raw Normal View History

Fix ingest cross-doc links This commit fixes some cross-doc links from the old ingest plugins page to the new ingest processor pages that arose after converting ingest-geoip and ingest-user-agent to modules.
2018-12-22 20:51:18 -05:00
[[user-agent-processor]]
Fix titles of GeoIP and User Agent processor docs This commit makes the titles of the new GeoIP and User Agent processor docs look more like the titles of the docs for other processors.
2018-12-22 20:31:07 -05:00
=== User Agent processor
Package ingest-user-agent as a module (#36956) This commit moves ingest-user-agent from being a plugin to being a module that is packaged with Elasticsearch distributions.
2018-12-22 20:20:53 -05:00
The `user_agent` processor extracts details from the user agent string a browser sends with its web requests.
This processor adds this information by default under the `user_agent` field.
The ingest-user-agent module ships by default with the regexes.yaml made available by uap-java with an Apache 2.0 license. For more details see https://github.com/ua-parser/uap-core.
[[using-ingest-user-agent]]
==== Using the user_agent Processor in a Pipeline
[[ingest-user-agent-options]]
.User-agent options
[options="header"]
|======
| Name | Required | Default | Description
| `field` | yes | - | The field containing the user agent string.
| `target_field` | no | user_agent | The field that will be filled with the user agent details.
| `regex_file` | no | - | The name of the file in the `config/ingest-user-agent` directory containing the regular expressions for parsing the user agent string. Both the directory and the file have to be created before starting Elasticsearch. If not specified, ingest-user-agent will use the regexes.yaml from uap-core it ships with (see below).
| `properties` | no | [`name`, `major`, `minor`, `patch`, `build`, `os`, `os_name`, `os_major`, `os_minor`, `device`] | Controls what properties are added to `target_field`.
| `ignore_missing` | no | `false` | If `true` and `field` does not exist, the processor quietly exits without modifying the document
Make 7.x like 6.7 user agent ecs, but default to true (#38828) Forward port of https://github.com/elastic/elasticsearch/pull/38757 This change reverts the initial 7.0 commits and replaces them with the 6.7 variant that still allows for the ecs flag. This commit differs from the 6.7 variants in that ecs flag will now default to true. 6.7: `ecs` : default `false` 7.x: `ecs` : default `true` 8.0: no option, but behaves as `true` * Revert "Ingest node - user agent, move device to an object (#38115)" This reverts commit 5b008a34aa3c07e37b12b415d3c22a44da491329. * Revert "Add ECS schema for user-agent ingest processor (#37727) (#37984)" This reverts commit cac6b8e06f051d68919faf6081f1c87fa5b6757d. * cherry-pick 5dfe1935345da3799931fd4a3ebe0b6aa9c17f57 Add ECS schema for user-agent ingest processor (#37727) * cherry-pick ec8ddc890a34853ee8db6af66f608b0ad0cd1099 Ingest node - user agent, move device to an object (#38115) (#38121) * cherry-pick f63cbdb9b426ba24ee4d987ca767ca05a22f2fbb (with manual merge fixes) Dep. check for ECS changes to User Agent processor (#38362) * make true the default for the ecs option, and update 7.0 references and tests
2019-02-13 11:28:01 -05:00
| `ecs` | no | `true` | Whether to return the output in Elastic Common Schema format. NOTE: This setting is deprecated and will be removed in a future version.
Package ingest-user-agent as a module (#36956) This commit moves ingest-user-agent from being a plugin to being a module that is packaged with Elasticsearch distributions.
2018-12-22 20:20:53 -05:00
|======
Here is an example that adds the user agent details to the `user_agent` field based on the `agent` field:
[DOCS] Change // CONSOLE comments to [source,console] (#46441) (#46451)
2019-09-06 11:31:13 -04:00
[source,console]
Package ingest-user-agent as a module (#36956) This commit moves ingest-user-agent from being a plugin to being a module that is packaged with Elasticsearch distributions.
2018-12-22 20:20:53 -05:00
--------------------------------------------------
PUT _ingest/pipeline/user_agent
{
"description" : "Add user agent information",
"processors" : [
{
"user_agent" : {
"field" : "agent"
}
}
]
}
PUT my_index/_doc/my_id?pipeline=user_agent
{
"agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
}
GET my_index/_doc/my_id
--------------------------------------------------
Which returns
[DOCS] [5 of 5] Change // TESTRESPONSE comments to [source,console-results] (#46449) (#46459)
2019-09-06 16:09:09 -04:00
[source,console-result]
Package ingest-user-agent as a module (#36956) This commit moves ingest-user-agent from being a plugin to being a module that is packaged with Elasticsearch distributions.
2018-12-22 20:20:53 -05:00
--------------------------------------------------
{
"found": true,
"_index": "my_index",
"_type": "_doc",
"_id": "my_id",
"_version": 1,
"_seq_no": 22,
"_primary_term": 1,
"_source": {
"agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36",
"user_agent": {
"name": "Chrome",
Add ECS schema for user-agent ingest processor (#37727) (#37984) * Add ECS schema for user-agent ingest processor (#37727) This switches the format of the user agent processor to use the schema from [ECS](https://github.com/elastic/ecs). So rather than something like this: ``` { "patch" : "3538", "major" : "70", "minor" : "0", "os" : "Mac OS X 10.14.1", "os_minor" : "14", "os_major" : "10", "name" : "Chrome", "os_name" : "Mac OS X", "device" : "Other" } ``` The structure is now like this: ``` { "name" : "Chrome", "original" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36", "os" : { "name" : "Mac OS X", "version" : "10.14.1", "full" : "Mac OS X 10.14.1" }, "device" : "Other", "version" : "70.0.3538.102" } ``` This is now the default for 7.0. The deprecated `ecs` setting in 6.x is not supported. Resolves #37329 * Remove `ecs` setting from docs
2019-01-30 13:24:18 -05:00
"original": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36",
update ingest-user-agent regexes.yml (#47807) This new regexes are from: https://github.com/ua-parser/uap-core/blob/154eba17f5a88a416f85d507ecd7c3a3af6f3739/regexes.yaml
2019-10-18 10:14:45 -04:00
"version": "51.0.2704.103",
Add ECS schema for user-agent ingest processor (#37727) (#37984) * Add ECS schema for user-agent ingest processor (#37727) This switches the format of the user agent processor to use the schema from [ECS](https://github.com/elastic/ecs). So rather than something like this: ``` { "patch" : "3538", "major" : "70", "minor" : "0", "os" : "Mac OS X 10.14.1", "os_minor" : "14", "os_major" : "10", "name" : "Chrome", "os_name" : "Mac OS X", "device" : "Other" } ``` The structure is now like this: ``` { "name" : "Chrome", "original" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36", "os" : { "name" : "Mac OS X", "version" : "10.14.1", "full" : "Mac OS X 10.14.1" }, "device" : "Other", "version" : "70.0.3538.102" } ``` This is now the default for 7.0. The deprecated `ecs` setting in 6.x is not supported. Resolves #37329 * Remove `ecs` setting from docs
2019-01-30 13:24:18 -05:00
"os": {
"name": "Mac OS X",
"version": "10.10.5",
"full": "Mac OS X 10.10.5"
},
Ingest node - user agent, move device to an object (#38115) When the ingest node user agent parses the device field, it will result in a string value. To match the ecs schema this commit moves the value of the parsed device to an object with an inner field named 'name'. There are not any passivity concerns since this modifies an unreleased change. closes #38094 relates #37329
2019-01-31 14:54:34 -05:00
"device" : {
"name" : "Other"
},
Package ingest-user-agent as a module (#36956) This commit moves ingest-user-agent from being a plugin to being a module that is packaged with Elasticsearch distributions.
2018-12-22 20:20:53 -05:00
}
}
}
--------------------------------------------------
// TESTRESPONSE[s/"_seq_no": \d+/"_seq_no" : $body._seq_no/ s/"_primary_term": 1/"_primary_term" : $body._primary_term/]
===== Using a custom regex file
To use a custom regex file for parsing the user agents, that file has to be put into the `config/ingest-user-agent` directory and
[DOCS] Correct required file ext for user agent ingest processor (#48688) For the user agent ingest processor, custom regex files must end with the `.yml` file extension. This corrects the docs which said the `.yaml` extension was required.
2019-10-30 11:10:35 -04:00
has to have a `.yml` filename extension. The file has to be present at node startup, any changes to it or any new files added
Package ingest-user-agent as a module (#36956) This commit moves ingest-user-agent from being a plugin to being a module that is packaged with Elasticsearch distributions.
2018-12-22 20:20:53 -05:00
while the node is running will not have any effect.
In practice, it will make most sense for any custom regex file to be a variant of the default file, either a more recent version
or a customised version.
The default file included in `ingest-user-agent` is the `regexes.yaml` from uap-core: https://github.com/ua-parser/uap-core/blob/master/regexes.yaml
Expose cache setting in UserAgentPlugin (#46533) The setting was not registered. Also documentation has been added.
2019-09-16 05:29:59 -04:00
[[ingest-user-agent-settings]]
===== Node Settings
The `user_agent` processor supports the following setting:
`ingest.user_agent.cache_size`::
The maximum number of results that should be cached. Defaults to `1000`.
Note that these settings are node settings and apply to all `user_agent` processors, i.e. there is one cache for all defined `user_agent` processors.