Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Adjust the output of user_agent processor to ECS, part 2 #38094

Closed
webmat opened this issue Jan 31, 2019 · 1 comment · Fixed by #38115
Closed

Adjust the output of user_agent processor to ECS, part 2 #38094

webmat opened this issue Jan 31, 2019 · 1 comment · Fixed by #38115
Assignees
@jakelandis
Labels
blocker >bug :Data Management/Ingest Node Execution or management of Ingest Pipelines including GeoIP

Comments

@webmat
Copy link

webmat commented Jan 31, 2019

In requesting the adjustments to the user_agent processor (#37329), I made a mistake in one of the field's names.

The desired end result is actually the following:

{
  "name" : "Chrome",
  "original" : "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36",
  "os" : {
    "name" : "Mac OS X",
    "version" : "10.14.1",
    "full" : "Mac OS X 10.14.1"
  },
  "device" : {
    "name": "Other"
  },
  "version" : "70.0.3538.102"
}

Instead of requesting the above, I requested the field "device" as a leaf field (user_agent.device: "foo"). This of course leads to a mapping exception, when outputting the user_agent results in an ECS index.

This nesting of device.name under the object device is there in order to allow for other information about the device eventually (e.g. device.category, device.version, device.manufacturer).

Could we adjust the output of the device name to be at device.name, please?

Really sorry about this!
@webmat webmat added >bug :Data Management/Ingest Node Execution or management of Ingest Pipelines including GeoIP labels Jan 31, 2019
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-core-features

@webmat webmat mentioned this issue Jan 31, 2019
Merged
@jakelandis jakelandis self-assigned this Jan 31, 2019
@webmat webmat mentioned this issue Jan 31, 2019
Merged
5 tasks
jakelandis added a commit to jakelandis/elasticsearch that referenced this issue Jan 31, 2019
@jakelandis
Ingest node - user agent, move device to an object
a31425e 
When the ingest node user agent parses the device field, it
will result in a string value. To match the ecs schema
this commit moves the value of the parsed device to an
object with an inner field named 'name'. There are not
any passivity concerns since this modifies an unreleased change.

closes elastic#38094
relates elastic#37329
@jakelandis jakelandis mentioned this issue Jan 31, 2019
Merged
jakelandis added a commit that referenced this issue Jan 31, 2019
@jakelandis
Ingest node - user agent, move device to an object (#38115)
5b008a3 
When the ingest node user agent parses the device field, it
will result in a string value. To match the ecs schema
this commit moves the value of the parsed device to an
object with an inner field named 'name'. There are not
any passivity concerns since this modifies an unreleased change.

closes #38094
relates #37329
jakelandis added a commit to jakelandis/elasticsearch that referenced this issue Jan 31, 2019
@jakelandis
Ingest node - user agent, move device to an object (elastic#38115)
d06f518 
When the ingest node user_agent parses the device field, it
will result in a string value. To match the ecs schema
this commit moves the value of the parsed device to an
object with an inner field named 'name'. There are not
any passivity concerns since this modifies an unreleased change.

closes elastic#38094
relates elastic#37329
@jakelandis jakelandis mentioned this issue Jan 31, 2019
Merged
jakelandis added a commit that referenced this issue Jan 31, 2019
@jakelandis
Ingest node - user agent, move device to an object (#38115) (#38121)
ec8ddc8 
When the ingest node user_agent parses the device field, it
will result in a string value. To match the ecs schema
this commit moves the value of the parsed device to an
object with an inner field named 'name'. There are not
any passivity concerns since this modifies an unreleased change.

closes #38094
relates #37329
jakelandis added a commit to jakelandis/elasticsearch that referenced this issue Feb 12, 2019
@jakelandis
Ingest node - user agent, move device to an object (elastic#38115) (e…
eeb3176 
…lastic#38121)

When the ingest node user_agent parses the device field, it
will result in a string value. To match the ecs schema
this commit moves the value of the parsed device to an
object with an inner field named 'name'. There are not
any passivity concerns since this modifies an unreleased change.

closes elastic#38094
relates elastic#37329
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jakelandis jakelandis

Labels
blocker >bug :Data Management/Ingest Node Execution or management of Ingest Pipelines including GeoIP
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Ingest node - user_agent, move device parsing to an object jakelandis/elasticsearch
4 participants
@webmat @dakrone @jakelandis @elasticmachine