Geoip database format

Vitalijs_Grinbergs · June 14, 2018, 6:56am

Is there a way to use updated geoip database in .dat format?
I've used mmdb tools to convert .mmdb ti .csv and updated it with private IP subnets and geolocation according to https://github.com/threatstream/mhn/wiki/Customizing-Maxmind-IP-Geo-DB-for-Internal-Networks
As a result I've got .dat file.
That updated .dat file I've put in logstash filter.
geoip {
source => "clientip"
database => "/usr/share/logstash/mmcity.dat"

After logstash restart, the logstash-plain.log has ERROR: "The database provided is invalid or co
rrupted."

Please guide me to correct topic where I can use my updated mmcity.dat database.

logstash version 6.3

Thanks!

system · July 12, 2018, 7:09am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Maxmind mmdb - Logstash geoip Logstash	4	2511	July 6, 2017
Logstash Geoip Filter with a Custom Database Logstash	1	811	September 27, 2018
Geoip filter plugin dat extension and update Logstash	5	560	June 10, 2020
How to logstash geoip database file update? Logstash	3	6827	August 2, 2017
Private networks with GeoIP Logstash	3	2228	July 30, 2018

Geoip database format

Related topics