0

I have an index in ElasticSearch. There is a client_ip attribute on this index. In Kibana I have a Map option to create world map based dashboard. How can I leverage this option and the client_ip attribute on the index to show counts on the world map?

After I saw the first two answers below. Before I push the data to ES, I looked up GeoPoint [lon, lat] with client ip. In Kibana 3.1.2 I created a bettermap and pointed it to this geo field. Curling the request behind this bettermap returns a lot of data back. their geoPoints look good. However BetterMap doesn't return anything back. Anything reason why? Thank you

BozoJoe
  • 6,117
  • 4
  • 44
  • 66
bill
  • 1
  • 1
  • 2

2 Answers2

1

Kibana or Elasticsearch don't have the capability to convert IP to Geo information. You need to do it using Geo lite database or something and then push it to Elasticsearch as Geo point type. Then you can visualize using kibana.

If you are using logstash , you can use the Geo plugin to do this seamlessly.

Vineeth Mohan
  • 18,633
  • 8
  • 63
  • 77
0

You'd need to leverage a service to turns those IPs into ElasticSearch "Geo Point" types.

https://www.elasticsearch.org/guide/en/elasticsearch/reference/current/mapping-geo-point-type.html#mapping-geo-point-type

jhilden
  • 12,207
  • 5
  • 53
  • 76
  • This is what I have tried: I looked up geo database to get the GeoPoint [lon, lan] value from client ip address before I pushed it to ES index. – bill Mar 12 '15 at 23:19