Hey all,
I have a json log file that I want to plot onto maps in Kibana. A sample log entry looks like this:
{"ssid": "ABCDEFG", "@timestamp": "2018-09-22T17:20:35.000Z", "longitude": "12.345678901", "geo_point": "98.12345678,12.345678901", "device_type": "Client", "mac_address": "XX:XX:XX:XX:XX:XX", "latitude": "98.12345678", "rssi": "-55", "channel": "3", "manufacturer": "unknown"}
Kibana shows geo_point, latitude, and longitude as string types. I obviously need them to be geo_point in order to map them. This is my first time dealing with geo_point in kibana and I'm struggling to make sense of the various documentation articles on the matter.
What's the safest way to go about this? I can manipulate every point of this to include how the json log is written. Would it be best that I manipulate the json log format to be something like {"geopoint":{"latitude":"98.12345678", "longitude":"12.345678901"}} or would I be better off mutating this data in logstash or via elasticsearch?
If manipulating how the json data is written is not the correct way to go about this, step-by-step what do I need to do to configure the elastic stack to process this data correctly?
