HTTPD_COMBINEDLOG pattern conflicts with ECS v1.0
C-Duv opened this issue · comments
Duvergier Claude commented
The HTTPD_COMBINEDLOG
pattern creates a agent
field which conflicts with the agent
field of ECS 1.0.
Brandon Hume commented
I'm running into this as well. I'd propose renaming the match to "useragent", and I will in my own configuration, but I'm not sure what kind of downstream effects that'll have.
Henrique Oliveira commented
any workaround for this?
tcassaert commented
What I've done is replacing the HTTPD_COMBINEDLOG pattern with %{HTTPD_COMMONLOG} %{QS:referrer} %{QS:client_agent}
. This avoids having a conflicting agent
field.
Daniel Santos commented
Faced the same issue and used the workaround @tcassaert suggested. I'd suggest to have the agent
changed to useragent