-
Geo fields have data referencing location of event/host/ip
-
Geo fields apply to source, destination, and host entities
| Field Name | Example Values | Field Type | Notes |
|---|---|---|---|
…_geo_city |
Hamburg, Houston | keyword | City Name |
…_geo_continent |
America | keyword | Continent Name |
…_geo_country_iso |
US, DE, CA | keyword | Country ISO Alpha-2 code |
…_geo_country |
USA, Canada | keyword | Country Name |
…_geo_coordinates |
34.1186,-118.3004 | keyword | Latitude, Longitude Coordinate |
…_geo_name |
Hamburg, DE | keyword | Location Name, can be derived by combining other values |
…_geo_state |
Hamburg | keyword | State name |
