How to convert string to geoip datatype while ingesting data from logstash to elastic search

Swati123 · April 30, 2019, 1:59pm

Hi all,

I have a log field by default as string src_ip = 10.14.114.18 I am able to have it as ip datatype in kibana by running default mappings API.

But for visualization, I need this as geoip datatype so that it can be used in coordinate or region maps

I am ingesting data from logstash to elastic-search.

Can anyone help me on this to get src_ip field as geoip.i had also tried geoip processor as -
geoip {
source => "source_ip"
}
but it doesn't worked out this still as string datatype in kibana.

Badger · April 30, 2019, 3:01pm

geoip { source => "source_ip" }

will write geo information into the field geoip. If you change that to overwrite source_ip using the target option you will have to add a template to your index.

system · May 28, 2019, 3:01pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
How to convert src_ip to ip Logstash	12	4642	January 26, 2018
Turn Packetbeat IP data from String to IP field type Logstash	5	1921	July 6, 2017
Correct src_ip field datatype to 'ip' Elasticsearch	8	4011	December 17, 2018
Convert a field from string to ip type Logstash	5	19899	July 6, 2017
Logstash ip data type Logstash	2	1017	May 12, 2020

How to convert string to geoip datatype while ingesting data from logstash to elastic search

Related topics