GeoPoint

Mheni · September 21, 2018, 1:17pm

Hello;

My csv File contain two seperated ( with pipe) columns longititude and latitude ... How can i put them to a single GeoPoint Location??

PUT /GeoLoc
{
    "mappings": {
        "doc": {
            "properties": {
                "location": {
                    "type": "geo_point"
                }
            }
        }
    }
}

fkelbert · September 21, 2018, 3:39pm

Generally, you would insert the data as follows:

PUT GeoLoc/doc/1
{ 
  "location": {
    "lat": 41.12,
    "lon": -71.34
  }
}

This is further described in the Geopoint documentation.

Now, it depends how you are ingesting data into Elasticsearch. Are you using Beats, Logstash, or some other homebrewn solution?

Logstash solution

Mheni · September 21, 2018, 3:56pm

this insert is a single point. I have to put file with 1000 geoPoint

fkelbert · September 21, 2018, 4:05pm

Sure, that's why I was asking for additional details of your setup. You can either fire 1000 PUT operations from your own application, or use Logstash or Filebeat to process your file. All of these are valid solutions, but it depends. Any of them might be the best in your case.

Please also look into the Logstash link that I provided. It will give you an idea on how to configure Logstash to achieve what you want using the mutate filter.

Mheni · September 24, 2018, 1:40pm

thank you Florian,

what about GeoIp if I have a column named ipAddress.

fkelbert · September 24, 2018, 1:55pm

Hi Mheni,

Can you please be more precise? What is the content of this column? What is its data format? What do you want achieve with the data that's in it?

Please be very specific when asking questions and do provide examples. Otherwise, it is very hard to know what you want to achieve and thus impossible to help.

Mheni · September 24, 2018, 2:06pm

the structure of my csv file ; 4 columns sepratad by | containing Date, Time, Source Ip Adress and Destination IpAddress. How can i configure Logstash to put these Ip on Map?

Date|Time|Source|destination
20180308|235537|78.191.69.130|78.191.68.189

fkelbert · September 24, 2018, 4:14pm

Your Logstash configuration below. Please also see the documentation on Logstash geoip filter and Logstash csv filter.

input {
  file {
    path => "input.csv"
  }
}

filter {
  csv {
    separator => "|"
    columns => [ "date", "time", "source", "destination" ]
  }
  geoip {
    source => "source"
    target => "geoip_source"
  }
  geoip {
    source => "destination"
    target => "geoip_destination"
  }
}

output {
  elasticsearch {
    index => "geoip-example"
  }
}

Mheni · September 25, 2018, 9:14am

Thank you Florient,
And for Kibana how to put the Mapping, and how to visualise all sources IP for example.

system · October 23, 2018, 9:14am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.