I have the following logstash filter configuration, wherein the input is a JSON file which already has latitude and longitude data. When I index the data, in the document, I do find attributes of longitude, and latitude. How can I use this information for displaying points on the map? When I go to the Visualize tab, and try to select from dropdown, it says that there is no compatible type. I understand that I need to make them as geohash type. Any ideas of how can I get it working?
The geoip filter is only needed when you want to enrich an event with geo data by locating the IP address. If you've already got geo points, you don't need to use it. With the default logstash template, you'll need to stick your latitude and longitude values into the [geoip][latitude] and [geoip][longitude] fields and/or the [geoip][location] field. Say your existing fields are lat and lon, you can insert them correctly with the following mutate filter:
Ideally however, you should probably either override the default Logstash index template or create a new template which defines your existing field names as the geo_point type, then you only need to do the float conversion above and the fields should be usable as-is in Kibana.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.