Scripted fields in kibana for IP public and Private

tatdat · June 16, 2017, 3:06am

Hi,

Im using Kibana 5.4.0
I have field netflow.ipv4_dst_addr. I want check this is private ỏ public ip.

Here is my script filed

def m = ^(?:10|127|172.(?:1[6-9]|2[0-9]|3[01])|192.168)..*$/.matcher(doc['netflow.ipv4_dst_addr'].value);
if ( m.matches() ) {
return "private"
} else {
return "public"
}

but kibana show compile error

Can u suggest me script field for this case ? And where is i can debug script field before put script to kibana?

Thanks

tatdat · June 19, 2017, 1:49am

Can Anyone help me. thanks!

Christian_Dahlqvist · June 19, 2017, 5:08am

Since this seems to be a static pattern, why not add a field at ingest time? This is likely to perform and scale better than a scripted field.

tatdat · June 20, 2017, 3:46pm

Thank for reply.

I used grok filter for this. it solved

system · July 18, 2017, 3:46pm

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Using scripted fields in Kibana? Kibana	3	575	December 12, 2017
Scripted fields in kibana to elastic? Kibana	4	816	March 5, 2020
Scripted Fields creation issue In Kibana Kibana	2	427	January 16, 2019
Timeout error becouse of scripted field Kibana	4	571	December 11, 2018
Scripted fields examples from the article result in a compile error Kibana	2	367	June 23, 2020

Scripted fields in kibana for IP public and Private

Related topics