Geolocation Sub-Fields¶
- Geo fields have data referencing location of event/host/ip
- Geo fields apply to source, destination, and host entities
| Field Name | Example Values | Field Type | Notes |
|---|---|---|---|
| …_geo_city_name | keyword | City Name | |
| …_geo_state_name | keyword | Washington | |
| …_geo_city_iso_code | keyword | Country ISO Code (US, CA) | |
| …_geo_country_iso_code | keyword | Country ISO Code (US, CA) | |
| …_geo_country_name | keyword | Country Name (USA, Canada) | |
| …_geo_coordinates | keyword | Latitude, Longitude Coordinate |