Hi ,
I am currently using logstash to extract the source_ip and destination_ip fields from snort alerts and would like to plot them on a visualization map in Kibana. I read in a separate community post that you have to change the field from the management-> Index Patterns to ip from string however this option is greyed out. Is anybody aware how to do this please?
Thanks
If you want to display on a map you can use the geoip plugin to add location information as long as the ip addresses are public.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.