Hi
Kibana v4.1.1 is showing two geo_point fields in my index, called geo1 and geo1.
1 document I have in there have both fields, which when put into any other map plot correctly to London, UK and Surrey, UK. However when I try to plot with either of these fields in the Tile Map visualisation it plots in the Indian Ocean, as if it can't recognise the coordinates. The document itself is provided below, the mapping for both coordinate fields in elastic specifies geo_point. Any idea what could be going on?
{
"_index": "logstash-2015.09.15",
"_type": "bro-conn_log",
"_id": "AU_RRetAm7Ywd7rqXe30",
"_score": null,
"_source": {
"message": [ "1442316288.334983\tCi7BOD1UJatE5hbCwa\t123.123.123.123\t58186\t124.124.124.124\t80\ttcp\thttp\t11.164395\t611\t406997\tSF\tF\t0\tShADadfF\t212\t12247\t291\t427897\t(empty)"
],
"@version": "1",
"@timestamp": "2015-09-15T11:24:48.334Z",
"type": "bro-conn_log",
"host": "userpc",
"uid": "Ci7BOD1UJatE5hbCwa",
"id.orig_h": "123.123.123.123",
"id.orig_p": 58186,
"id.resp_h": "124.124.124.124",
"id.resp_p": 80,
"proto": "tcp",
"service": "http",
"duration": "11.164395",
"orig_bytes": 611,
"resp_bytes": 406997,
"conn_state": "SF",
"local_orig": "F",
"missed_bytes": 0,
"history": "ShADadfF",
"orig_pkts": 212,
"orig_ip_bytes": 12247,
"resp_pkts": 291,
"resp_ip_bytes": 427897,
"tunnel_parents": "(empty)",
"conn_state_full": "Normal SYN/FIN completion",
"id.orig_h_geo": {
"country_code3": "GBR",
"country_name": "United Kingdom",
"latitude": 51.5,
"longitude": -0.12999999999999545,
"coordinates": [
51.5,
-0.12999999999999545
]
},
"id.resp_h_geo": {
"country_code3": "GBR",
"country_name": "United Kingdom",
"region_name": "N7",
"city_name": "Tadworth",
"latitude": 51.2833,
"longitude": -0.23330000000001405,
"coordinates": [
51.2833,
-0.23330000000001405
]
}
},
"fields": {
"@timestamp": [
1442316288334
]
},
"sort": [
1442316288334
]
}