Hi,
Does the Elasticsearch ingest plugin support the MaxMind GeoIP2 ISP database? I saw that is was added to Logstash a while back (https://github.com/logstash-plugins/logstash-filter-geoip/pull/111) however when trying to specify it in an ingest pipeline:
"field": "nginx.access.remote_ip",
"database_file": "GeoIP2-ISP.mmdb",
"target_field": "geoip",
"ignore_missing": true
I receive the below:
Failed to connect: Connection marked as failed because the onConnect callback failed: Error loading pipeline for fileset ingress-nginx/access: couldn't load pipeline: couldn't load json. Error: 400 Bad Request: {"error":{"root_cause":[{"type":"parse_exception","reason":"[database_file] Unsupported database type [GeoIP2-ISP]","header":{"processor_type":"geoip","property_name":"database_file"}}],"type":"parse_exception","reason":"[database_file] Unsupported database type [GeoIP2-ISP]","header":{"processor_type":"geoip","property_name":"database_file"}},"status":400}. Response body: {"error":{"root_cause":[{"type":"parse_exception","reason":"[database_file] Unsupported database type [GeoIP2-ISP]","header":{"processor_type":"geoip","property_name":"database_file"}}],"type":"parse_exception","reason":"[database_file] Unsupported database type [GeoIP2-ISP]","header":{"processor_type":"geoip","property_name":"database_file"}},"status":400}
Thanks,
Mike