Private ip geoip JSON object / structure and some questions

ppafford · November 14, 2018, 2:47am

Side Note: Im using Fliebeat Apache Module and updating the index from filebeat-* to logstash-* (This is working) just wanted to add this info just in case this changes how to proceed

from https://www.elastic.co/guide/en/elasticsearch/reference/current/indices-get-mapping.html

GET /_all/_mapping

output

"geoip": {
"properties": {
	"city_name": {
		"type": "keyword",
		"ignore_above": 1024
	},
	"continent_name": {
		"type": "keyword",
		"ignore_above": 1024
	},
	"country_iso_code": {
		"type": "keyword",
		"ignore_above": 1024
	},
	"location": {
		"type": "geo_point"
	},
	"region_iso_code": {
		"type": "keyword",
		"ignore_above": 1024
	},
	"region_name": {
		"type": "keyword",
		"ignore_above": 1024
	}
}

also follow up on the location, does lat or lon need to go first? I saw this post Creating geoip data for internal networks but wanted to confirm

Im not sure what else Im missing to see them be in the map view

Topic		Replies	Views
Private ip geoip from dictionary Logstash	8	4260	January 1, 2019
Logstash Setup with GeoIP Logstash	18	2301	October 9, 2019
Creating geoip data for internal networks Logstash	12	13770	July 6, 2017
Translate private ip to geo location using external dictionary Logstash	6	762	May 30, 2020
Geoip plugin and private address Logstash	5	1046	April 25, 2018

Private ip geoip JSON object / structure and some questions

Related topics