Tile map "no results found"

bishaka · August 11, 2016, 9:32pm

Hi,
I am trying to show the location information using a tile map in Kibana..However, when i try to visualize the tile map, i get "No Results Founds" on kibana

I have the following logs

    "path" => "/logs/access.log",
      "host" => "genehost",
      "type" => "accessllog",
      "TIME" => "12:45:47,",
  "Username" => "Nilam",
"VendorName" => "getUnbilledUsage",
       "url" => "https://",
  "clientip" => "10.99.198.99"

I have the following config file

filter {
if [type] == "iot_accesslog" {
grok {
# match => [ "message", "%{NOTSPACE:TIME}%{BASE10NUM}%{SPACE}%{WORD}%{SPACE}%{NOTSPACE} %{NOTSPACE} %{NOTSPACE:queueNum} %{NOTSPACE} %{NOTSPACE} %{NOT#SPACE} %{NOTSPACE} %{NOTSPACE} %{NOTSPACE} |%{NOTSPACE:Username}|%{NOTSPACE:VendorName}|%{NOTSPACE:url}" ]
match => [ "message", "%{NOTSPACE:TIME}%{BASE10NUM}%{SPACE}%{WORD}%{SPACE}%{NOTSPACE} %{NOTSPACE} %{NOTSPACE} %{NOTSPACE} %{NOTSPACE} %{NOTSPACE} %{NOTSPACE} %{NOTSPACE} %{NOTSPACE} |%{NOTSPACE:Username}|%{NOTSPACE:VendorName}|%{NOTSPACE:url}%{IP:clientip}" ]
}
}
geoip {
source => "clientip"
target => "geoip"
database => "/etc/logstash/GeoLiteCity.dat"
add_field => [ "[geoip][coordinates]", "%{[geoip][longitude]}" ]
add_field => [ "[geoip][coordinates]", "%{[geoip][latitude]}" ]
}
mutate {
convert => [ "[geoip][coordinates]", "float"]
}
}

When i use the command
curl -XGET localhost:9200/logstash-2016.08.11/_mapping?pretty, i get

{
"logstash-2016.08.11" : {
"mappings" : {
"accesslog" : {
"_all" : {
"enabled" : true,
"omit_norms" : true
},

    }, {
      "geo_point_fields" : {
        "mapping" : {
          "type" : "geo_point",
          "doc_values" : true
        },
        "match" : "*",
        "match_mapping_type" : "geo_point"
      }
    } ],

      "clientip" : {
        "type" : "string",
        "norms" : {
          "enabled" : false
        },
        "fielddata" : {
          "format" : "disabled"
        },
        "fields" : {
          "raw" : {
            "type" : "string",
            "index" : "not_analyzed",
            "ignore_above" : 256
          }
        }
      },
      "geoip" : {
        "dynamic" : "true",
        "properties" : {
          "ip" : {
            "type" : "ip"
          },
          "latitude" : {
            "type" : "float"
          },
          "location" : {
            "type" : "geo_point"
          },
          "longitude" : {
            "type" : "float"
          }
        }
      },
    }, {
      "geo_point_fields" : {
        "mapping" : {
          "type" : "geo_point",
          "doc_values" : true
        },
        "match" : "*",
        "match_mapping_type" : "geo_point"
      }
    } ],
    "properties" : {
      "@timestamp" : {
        "type" : "date",
        "format" : "strict_date_optional_time||epoch_millis"
      },
      "@version" : {
        "type" : "string",
        "index" : "not_analyzed"
      },
      "geoip" : {
        "dynamic" : "true",
        "properties" : {
          "ip" : {
            "type" : "ip"
          },
          "latitude" : {
            "type" : "float"
          },
          "location" : {
            "type" : "geo_point"
          },
          "longitude" : {
            "type" : "float"
          }
        }
      }
    }
  }
}

}
}

bishaka · August 15, 2016, 4:56pm

I am still stuck at this.. can someone please help?