I am running ELK 6.2.3 and with ingest geoip plugin my ELK is sending over 500 DNS requests to 8.8.8.8 per minute this is generating too many log files. If i drop packet on the server itself no data in ingested in to the index. Any idea why would the ingest geoip make so many dns requests to 8.8.8.8?
Please ask questions about Elasticsearch ingest pipelines in the Elasticsearch category. As I understand your question Logstash isn't involved here.
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.