Hi
I want to test the GEO capabilities of Elastic.
If my logs do not have any "geo_ coordinates", does that mean that I cannot test the GEO capabilities? Is it possible to add the geo coordinates (or other type of GEO) manually?
What type of logs/data do I need to have?
I am attaching an example of my logs.
Thank you in advance
hey,
you can use the geoip processor to look up information about the ip address. This includes information like country, state or city (depending on granularity of the available information). As those are text strings used for the enrichment, there is no need for geo based datatypes like a point or a shape.
Would that be sufficient for you?
--Alex
But I guess it will only work if I have IP addresses in my logs, right?
yes, but the example above included one, thus my assumption this would be true. Do you have another use-case in mind?
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.
