Finding a public IP for geotagging

The scenario is enhancing my metricbeat data to help track a dozen laptops. I thought adding geo data to their low frequency uptime response would be a cheap way to do this. A custom pipeline that all metricbeats data goes through and then branches off if'uptime' was how I'd keep the lookups to a minimum.

Hit a couple snags though...

The add_host_metadata processor with netinfo.enabled: true will add a machine's local IP information.

  1. host.ip is an array of all the v4 and v6 addresses a machine reports. The geoip processor can't work on an array of course.

  2. host.ip doesn't contain a public IP for machines behind firewalls/balancers/etc anyway

So my question is mainly:

  1. How do I easily add a public IP field that I can use to geolocate devices.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.