Geoip plugin and private address


I have IP ( private range ) , lot and lat coordinates (country, city ... information).
Is there any way to create geoip point field in message that Elasticsearch and Kibana both understand from these variables?

I tried some older manuals in forum, but not working for me in elasticsearch 6.2 stack.



Try this. If it does not work, show us what does not work.


I tried it before but when I tried visualize in coordinate map I received following error:

No Compatible Fields: The "testbeat-*" index pattern does not contain any of the following field types: geo_point

My config file:

input { stdin {} }

translate {
regex => true
dictionary_path => "./mutate/chemosvit-geo.yml"
field => "message"

    json {
        source => "translation"


output {

elasticsearch {
hosts => ""
manage_template => false
index => "testbeat-%{+YYYY.MM.dd}"
document_type => "doc"
user => blabla
password => blabla
ssl => false
ssl_certificate_verification => false
cacert => "/etc/logstash/root-ca.pem"
# truststore_password => changeit

Do you have a template for that index? If you are using the fieldname geoip you would need something like

  "settings": {
    "number_of_shards": 1
  "mappings": {
    "doc": {
      "properties": {
        "geoip": {
          "type": "geo_point"

Don`t have
I am going to study how to create it :smiley:


This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.