How to map geo_point in indices that are created automatically by elasticsearch-kopf?

Elastic Stack Elasticsearch
1

Hello community,

This is my first topic in this forum, so I hope I am posting this in the right place...I recently have been using AWS cloudwatch logs combined with kinesis, kibana and elasticsearch-kopf plugin (which creates daily indices).

Here is al link to AWS github that I used to create what I described above:
One-Click Setup: CloudWatch Logs + Elasticsearch + Kibana

Below you can see a screenshot of what my kopf tool looks like.

Screen Shot 2016-03-11 at 9.28.23 AM.png2858×1414 200 KB

Screen Shot 2016-03-11 at 9.29.27 AM.png2862×1410 330 KB

Here is an example my mapping for a daily index:
{ "_default_":{ "properties":{ "@timestamp":{ "format":"dateOptionalTime", "doc_values":true, "type":"date" }, "@message":{ "type":"string" }, "@id":{ "type":"string" } }, "_all":{ "enabled":false } }, "development":{ "properties":{ "@timestamp":{ "format":"dateOptionalTime", "doc_values":true, "type":"date" }, "@log_stream":{ "type":"string" }, "@message":{ "type":"string" }, "Context":{ "properties":{ "LocationId":{ "type":"string" }, "SubCategoryId":{ "type":"string" }, "HttpServerName":{ "type":"string" }, "HttpRequestUri":{ "type":"string" }, "CategoryId":{ "type":"string" }, "RequestId":{ "type":"string" }, "Coordinate":{ "type":"string" }, "ServiceId":{ "type":"string" }, "UserId":{ "type":"string" }, "HttpMethod":{ "type":"string" } } }, "Message":{ "type":"string" }, "@id":{ "type":"string" }, "Thread":{ "properties":{ "Name":{ "type":"string" }, "Id":{ "type":"long" }, "Priority":{ "type":"long" } } }, "Timestamp":{ "format":"dateOptionalTime", "type":"date" }, "Marker":{ "type":"string" }, "@log_group":{ "type":"string" }, "@owner":{ "type":"string" } }, "_all":{ "enabled":false } } }
From the mapping above, you can see that the Coordinate property type is a stringtype but it would be nice if I can find a way to ensure that this property is of type geo_point.

Keep in mind that if I manually change the mapping for Coordinate to geo_point, it will work and Kibana will recognize it as a geo_pointtype. However, when kopf automatically creates another daily index, it will map Coordinate as a stringtype and Kibana will get a mapping conflict.

Screen Shot 2016-03-11 at 9.51.07 AM.png2868×1412 320 KB

2

You need to create a template to handle this.
Take a look at the one that Logstash uses for an example.