Geoip plugin and private address

Hi,

I have IP ( private range ) , lot and lat coordinates (country, city ... information).
Is there any way to create geoip point field in message that Elasticsearch and Kibana both understand from these variables?

I tried some older manuals in forum, but not working for me in elasticsearch 6.2 stack.

Thx

Rudolf

Try this. If it does not work, show us what does not work.

Hi,

I tried it before but when I tried visualize in coordinate map I received following error:

No Compatible Fields: The "testbeat-*" index pattern does not contain any of the following field types: geo_point

My config file:

input { stdin {} }

filter{
translate {
regex => true
dictionary_path => "./mutate/chemosvit-geo.yml"
field => "message"
}

    json {
        source => "translation"
    }

}

output {

elasticsearch {
hosts => "esearch.chemosvit.sk:9200"
manage_template => false
index => "testbeat-%{+YYYY.MM.dd}"
document_type => "doc"
user => blabla
password => blabla
ssl => false
ssl_certificate_verification => false
cacert => "/etc/logstash/root-ca.pem"
# truststore_password => changeit
}
}

Do you have a template for that index? If you are using the fieldname geoip you would need something like

{
  "settings": {
    "number_of_shards": 1
  },
  "mappings": {
    "doc": {
      "properties": {
        "geoip": {
          "type": "geo_point"
        }
      }
    }
  }
}    

Don`t have
I am going to study how to create it :smiley:

Thx

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.