(solved) IP anonymization (hasing) in Ingest Pipeline

dot-mike · August 25, 2025, 9:46pm

Hi community,

I'm wondering what are the possibilities of IP anonymization with Ingest Pipeline in Kibana? I'm asking because for my use case I should be able to anonymize IP address and be able to decrypt it with special key at later point if needed. So, I need a way to hash the IP and be able to decrypt it later. Is this something we can do natively in Kibana?

In logstash you have the Fingerprint filter Plugin :

If set to IPV4_NETWORK the input data needs to be a IPv4 address and the hash value will be the masked-out address using the number of bits specified in the key option. For example, with "1.2.3.4" as the input and key set to 16, the hash becomes "1.2.0.0".

leandrojmp · August 26, 2025, 1:40am

No, this is not possible, you can create a hash using an ingest pipeline, but you cannot decrypt it once ingested.

dot-mike · August 26, 2025, 11:50am

Many thanks for the quick reply. I guess I have to look for another solution where the content is hashed at ingest time (before forwarded to ES).

Topic		Replies	Views
Logstash Anonymize plugin Logstash	3	916	July 6, 2017
Can Kibana do DNS lookups on IP addresses ingested for enriching the data, without using Logstash Kibana	2	291	October 28, 2020
How to Parse Log to Get IP Address Elasticsearch elastic-stack-alerting	11	3774	June 11, 2022
Need to map ip address from logs to map with corresponding hostname Kibana	5	1366	February 14, 2022
Hints for use of Ingest pipeline? To map IP address to Region+City and never store IP address Elasticsearch ingest-pipeline	2	314	May 30, 2022

(solved) IP anonymization (hasing) in Ingest Pipeline

Related topics