Visualization of IPs based on hit amount

steven.walsh · January 14, 2019, 11:43am

Hello all,

We're currently experiencing an issue on the sites we manage were web-scrapers are coming in and increasing our traffic. We have software for this but they are circumventing this by hitting the site once or twice and then changing IPS, so the third party software we use can't identify them in time. There's work there to resolve that but that's another topic.

I want to create a visualization to display the number of IP addresses with a certain amount of hits, say less than 5, between 5-15 etc. but I just can't get it displaying correctly. Having hits less than 5 is unusual for our sites so we'd like to build on this data and maybe create a watcher or some such for future notification.

We're using apache logs for this and we have what I think is standard enough. If more specific information on our solution is required let me know. Thanks in advance

jen-huang · January 15, 2019, 2:05am

Could you provide some example logs of your hits?

steven.walsh · January 17, 2019, 10:45am

Hi Jen, sorry on the delay. Example below of the field data for each log event, hope that's enough to go on

So I know in my head what to do; add the number of hits for each individual geoip.ip field, if total less than 5 add that to one section of visualization, if total between 5-15 add to another and so on. Still just can't get that out on to the screen

system · February 14, 2019, 10:45am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Visualise IP hits from IP range Kibana	2	1009	April 22, 2020
Kibana Dashboard question Kibana	4	806	July 6, 2017
Kibana visualize not showing full results Kibana	2	428	March 27, 2018
Most visited domains (IPs) Logstash	2	207	July 21, 2021
Visualize number of times an IP hits a URL Kibana	3	745	December 17, 2019

Visualization of IPs based on hit amount

Related topics