Operating System
Top Level Fieldset: False
The OS fields contain information about the operating system related to the event.
Fields from os can only be found at the following locations:
source.host.osdestination.host.osuser_agent.os
Operating System Fields
os.kernel
Required Field: False
Type: STRING
Example: 21.6.0
Detection Supported Field: True
Kernel version of operating system as a raw string.
os.name
Required Field: False
Type: STRING
Example: Mac OS X
Detection Supported Field: True
Name of the operating system, without the version.
os.platform
Required Field: False
Type: STRING
Example: darwin
Detection Supported Field: True
Operating system platform.
os.type
Required Field: False
Type: STRING
Example: macos
Detection Supported Field: True
Name of the operating system family.
Allowed Values
| Name | Description |
|---|---|
android | Android |
chromeos | ChromeOS |
ios | iOS |
linux | Linux |
macos | macOS |
unix | Unix |
windows | Windows |