Map data not displaying in 8.2.0

martb · June 20, 2022, 11:55am

HI,

I found what the problem is. I'm not 100% sure when the change was introduced, possibly 7.17 but if you don't set ecs_compatibility => disabled in your logstash file(filter) you will have conflicting mappings. Basically you end up with mixture of ECS geo mappings and your existing defined mappings.

To resolve this:

filter {
  geoip {
    source => "[host][ip]"
    ecs_compatibility => disabled
  }
}

Ref:
https://www.elastic.co/guide/en/logstash/7.17/ecs-ls.html
https://www.elastic.co/guide/en/logstash/current/plugins-filters-geoip.html

thanks for you help

Martin

Topic		Replies	Views
Kibana map - No results Found documents Kibana maps	7	1172	June 1, 2021
Kibana Tile Map not showing geo points Kibana	4	1739	September 20, 2017
Kibana Maps features not displaying (failed net::ERR_CONTENT_DECODING_FAILED) Kibana maps	8	1147	May 13, 2022
Layer dot found result Kibana maps , runtime-fields	29	1320	September 11, 2022
Upgraded to 8.2 and datastream, geo_point set as and stuck as string in data view Kibana	7	523	July 19, 2022

Map data not displaying in 8.2.0

Related Topics