I have been trying to figure out how to get my geo ip location shown up on Kibana map. But I always get the following error:
The "metricbeat*" index pattern does not contain any of the following field types: geo_point
I have the ES 5.6 including the search, Kibana, metric beat, and file beat.
I managed to put some IP into the the metricbeat instances as env fields. The logstash was set up to accept data and put into ElasticSearch (ES).
I could see the data in geoip and I also set up the mapping for its location to be geo_point. But it kept giving me the error.
Please help!!!
Here please find the corresponding mapping (I got through GET /_template in Kibana's DevTools) and data in JSON below.
{
"metricbeat": {
"order": 0,
"template": "metricbeat-*",
"settings": {
"index": {
"mapping": {
"total_fields": {
"limit": "10000"
}
},
"refresh_interval": "5s"
}
},
......
"properties": {
"@timestamp": {
"type": "date"
},
"geoip": {
"type": "object",
"dynamic": true,
"properties": {
"location": {
"type": "geo_point"
},
"country_name": {
"type": "string"
},
"city_name": {
"type": "string"
},
"region_name": {
"type": "string"
}
},
......
Here is the data in JSON:
{
"_index": "metricbeat-2017.10.04",
"_type": "metricsets",
"_id": "AV7pxbrMOworNTwM-ObM",
"_version": 1,
"_score": null,
"_source": {
"host_ip": "198.241.217.201",
"@timestamp": "2017-10-04T23:43:21.818Z",
"system": {
"filesystem": {
"total": 0,
"device_name": "sysfs",
"free_files": 0,
"mount_point": "/sys",
"available": 0,
"files": 0,
"used": {
"pct": 0,
"bytes": 0
},
"free": 0
}
},
"geoip": {
"country_name": "United States",
"city_name": "San Francisco",
"region_name": "California",
"location": {
"lon": -122.3802,
"lat": 37.6198
}
},
"beat": {
"name": "wzhang_EPSim_21",
"hostname": "wzhang_EPSim_21",
"version": "5.6.2"
},