KVInventoR

Hi @dmachard of course, I can try to connect another out dns servers to push dnstap messages and check performance but everything, which related to geoip can break performance and...

also, probably you saw, but I found it's really useful: https://www.youtube.com/watch?v=M8nYWBpbwWg

I tried to use file module: ``` output: - type: stdout - type: file path: /logging/ip_test.log ``` but for me it just printed: tail -f /logging/ip_test.log ``` %{log} %{log} %{log}...

one more point: if geoip module is enabled, it will be good to have some geo statistics, like: top countries, top asn and etc...

hm, I also added: ``` - remove_field: fields: - geoip ``` and in logs I got next: ``` 2022/05/12 08:28:29 filtergeoip2.go:86 [info] geoip2 fsnotify initialized for /GeoLite2-City.mmdb panic: interface conversion:...

@helgeolav this is my current config: ``` cat config/config.yml --- # chsize: 1000 input: - type: file path: /logging/test_input.log start_position: end sincedb_write_interval: 5 filter: - type: grok match: ["%{IPTABLES_SRC}"] source:...

oh, sorry, I found an issue with remove_field ``` - type: remove_field fields: - geoip ```

Hi, please excuse the long-time delay, I switched to another project. Currently, going to restore work on this solution for monitoring system.