Hi Experts,
I have 2 fields in my logs with the name , dlong,dlat and values are like 37.3394012451,-121.8950042724.
I want to show them on map in kibana . Please suggest how I can achieve this?
Thanks
VG
1 Like
To use tile maps in Kibana 4, you need to index the geo field as a geo_point type: https://www.elastic.co/guide/en/elasticsearch/reference/1.4/mapping-geo-point-type.html
Thank you Tanya,
Here I have a confusion , as you suggested I have to convert both the geo fields i.e slong,slat which are string as of now to geo_point type rt? so something like
"slong" : {"type": "geoip"},
"slat" : {"type": "geoip"},
Secondly if I convert both the fields into geoip do I need to use geoip {} filter in logstash ? as i want to show src filed IPs on map.
Thanks
VG
Yeah, you should use Logstash. Here is a good thread on this topic: Displaying Geo data on Tile Map
Thanks Tanya,
It helps alot, and it works for me ..
@Tanya,
Thank you for the assistance, I tried following and it works
mutate {
convert => {
"slat" => "float"
"slong" => "float"
}
add_field => {
"[geoip][location]" => [ "%{slong}", "%{slat}" ]
"[geoip][latitude]" => "%{slat}"
"[geoip][longitude]" => "%{slong}"
}
}
My next concern is how i can get Country name out of it ?
Thanks
Vikas
1 Like
If you have an IP address, you can get country from GeoIP mapping using a Logstash filter: https://www.elastic.co/guide/en/logstash/current/plugins-filters-geoip.html
Otherwise, to get country information from the geographical coordinates, you'd need to hit something like the Google geocoding API: https://developers.google.com/maps/documentation/geocoding/intro?csw=1 Logstash has an HTTP input which may but you may need to do that mapping outside of Logstash, as I don't believe there currently is an HTTP filter. You may want to ask this question in another thread on the Logstash channel.
Thank you Again Tanya , I'll open separate thread on LS.
1 Like