Hello,
I am using the geoip filter in order to do some geoip lookup and I would like to be able to use the kibana 7.6 maps to get data into the maps. The geoip lookup seam to be working however there is no geo_point type field therefore the maps cannot recognize the data from the index.
The logstash7.6 code looks pretty simple:
geoip {
source => "src.ip"
target => "location"
}
The output seam to be OK as well:
"location" => {
"longitude" => -77.0428,
"location" => {
"lon" => -77.0428,
"lat" => -12.0464
},
"region_code" => "LMA",
"timezone" => "America/Lima",
"country_code2" => "PE",
"latitude" => -12.0464,
"continent_code" => "SA",
"ip" => "some ip address",
"country_code3" => "PE",
"country_name" => "Peru",
"city_name" => "Lima",
"region_name" => "Lima"
},
However in kibana I cannot see the index pattern when I try to add a new document layer:
I have tried creating a mapping but using kibana dev tool but I am getting the following errors:
PUT buyldn-*/_mapping/my_type
{
"my_type": {
"properties": {
"location": {
"type": "geo_point"
}
}
}
}
{
"error" : {
"root_cause" : [
{
"type" : "illegal_argument_exception",
"reason" : "Types cannot be provided in put mapping requests, unless the include_type_name parameter is set to true."
}
],
"type" : "illegal_argument_exception",
"reason" : "Types cannot be provided in put mapping requests, unless the include_type_name parameter is set to true."
},
"status" : 400
}
Any idea how to make it work?