elasticsearch 使用logstash从MaxMind获取ISP信息,elasticsearch,logstash,elastic-stack,geoip,maxmind,elasticsearch,Logstash,Elastic Stack,Geoip,Maxmind" /> elasticsearch 使用logstash从MaxMind获取ISP信息,elasticsearch,logstash,elastic-stack,geoip,maxmind,elasticsearch,Logstash,Elastic Stack,Geoip,Maxmind" />
Fatal编程技术网
  • elasticsearch/
  • elasticsearch 使用logstash从MaxMind获取ISP信息

elasticsearch 使用logstash从MaxMind获取ISP信息

logstash

elasticsearch 使用logstash从MaxMind获取ISP信息,elasticsearch,logstash,elastic-stack,geoip,maxmind,elasticsearch,Logstash,Elastic Stack,Geoip,Maxmind,我想使用数据库GeoIP2-ISP.mmdb从带有logstash的IP地址获取Internet服务提供商。GeoLite2-City.mmdb数据库工作正常,这是我的代码: geoip { source => "ip" database => "/home/ec2-user/logstash-5.2.0/GeoLite2-City.mmdb" target => "geoip" add_field => [ "[geoip][c

我想使用数据库GeoIP2-ISP.mmdb从带有logstash的IP地址获取Internet服务提供商。GeoLite2-City.mmdb数据库工作正常,这是我的代码:

geoip {     
    source => "ip"
    database => "/home/ec2-user/logstash-5.2.0/GeoLite2-City.mmdb"
    target => "geoip"
    add_field => [ "[geoip][coordinates]", "%{[geoip][longitude]}" ]
    add_field => [ "[geoip][coordinates]", "%{[geoip][latitude]}" ]
    add_tag => "geoip"          
}       

mutate {        
    convert => [ "[geoip][coordinates]", "float"]       
}
我试图使用相同的代码获取ISP信息,但不幸失败:

geoip {     
    source => "ip"
    database => "/home/ec2-user/logstash-5.2.0/GeoIP2-ISP.mmdb"
    target => "geoip"   
}
作为错误消息,我有:

需要帮忙吗?谢谢