ipcat is a project for classifying IP : "Datacenter or not", and which provider.
Here is the optimized filter for logstash :
Interesting, can you provide a config example?
Same usage as geoip.
You can use something like that :
input {
# get some apache log
}
filter {
ipcat {
source => "clientip"
#default target is "ipcat"
}
}
output {
if [ipcat] {
file {
path => "/var/log/logstash/ipcat.log"
}
}
}