When you reply, open a code block with this symbol

and paste some same events so we can see exactly what the events look like

Hi

Log File - 

" Mozilla/5.0 (Linux; Android 9; SAMSUNG SM-J330G) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/12.1 Chrome/79.0.3945.136 Mobile Safari/537.36 

Please can you provide more examples, with different operating systems, mobile device infos, device models, browsers, browser versions, etc

" Mozilla/5.0 (Linux; Android 9; SAMSUNG SM-J330G) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/12.1 Chrome/79.0.3945.136 Mobile Safari/537.36 

Mozilla/5.0 (Linux; Android 5.1; HUAWEI LYO-L02) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.101 Mobile Safari/537.36

Mozilla/5.0 (Linux; Android 10; SAMSUNG SM-G975F) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/12.1 Chrome/79.0.3945.136 Mobile Safari/537.36

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.1 Safari/605.1.15 (Applebot/0.1; +http://www.apple.com/go/applebot)

 Mozilla/5.0 (Linux; U; Android 8.1.0; zh-cn; OPPO R11s Build/OPM1.171019.011) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/70.0.3538.80 Mobile Safari/537.36 HeyTapBrowser/10.7.5.5

You could start with this

rex field=useragentdetails "(?<useragent>\S+)\s+\((?<OSinfo>[^\)]+)\)\s+(?<platform>\S+)\s+\((?<platformdetails>[^\)]+)\)\s+(?<extensions>.+)"

You could then use rex or split to separate the different parts of the OSinfo and extensions to extract the information you feel is important.

Hi 

Thanks for the information 

 I tried searching the below query , " no result found". However I am not sure am I doing it correctly.

Could you please guide me on this 

rex field=useragentdetails "(?<useragent>\S+)\s+\((?<OSinfo>[^\)]+)\)\s+(?<platform>\S+)\s+\((?<platformdetails>[^\)]+)\)\s+(?<extensions>.+)"

Hi 

Sorry I managed to run rex spl query , please ignore my previous message .

Could you please guide me what spl command i should use to get as dashboard panel or visualization.

Thanks 

based on your second post looks like you got results

get a stats table as desired 

your search with| rex
|table useragent, OSinfo, platform, platformdetails, extensions

Right above Search;  You can  "save  as" your search as a report or a  "dashboard panel".  as a "statistics table"

The rex specifies a field to operate on - I assumed you had already extracted this (and called it useragentdetails. If it has been extracted to a different field then use that instead. Having said that, the event shown in your latest screenshot does not include any of the data you are interested in. Do you have any events that do? Can you paste them into a code block so we can see what you are dealing with?