Hello,
I would like, in my elk stack, to be able to know which browser my users are using. I've added the user-agent header in my logs and I send it to elastic via filebeat and logstash. Everything works fine.
Now I have my new field in my index :
"userAgent": {
"type": "text",
"fields": {
"keyword": {
"type": "keyword",
"ignore_above": 256
}
}
}
And it has the right value (ex : Mozilla/5.0_(Windows_NT_6.1)AppleWebKit/537.36(KHTML__like_Gecko)_Chrome/65.0.3325.181_Safari/537.36)
Now, I would like to use a plugin to be able to analyse the user-agent field and transform it into the browser name and version (Ex : Firefox V21). I search on the internet and found that plugin : ingest-user-agent. I found how to install it (with some kind of pipeline command)
Could you please tell what I have to do to make it work? I've already installed the plugin, all I need to know is what I should change in my index to make the userAgent field transofm inot a userAgentDetail field containg the agent details given by the plugin?
I found no documentation about how to use it with elk.
Thanks for you help.