logstash-filter-geoip
logstash-filter-geoip copied to clipboard
logstash-plugins
fix: missing network field in output (city, isp, anonymous)
Thanks for contributing to Logstash! If you haven't already signed our CLA, here's a handy link: https://www.elastic.co/contributor-agreement/
I fixed the part that didn't work as expected according to the official documentation. plugins-filters-geoip.html#plugins-filters-geoip-field-mapping
I have identified the author of this document through this commit. Please check and confirm. @edmocosta https://github.com/logstash-plugins/logstash-filter-geoip/commit/a53f34b797cdf571f1fe163724af7e53def9b029
AS-IS
{
"lite2_city": {
"geo": {
"region_iso_code": "KR-11",
"city_name": "Songpa-gu",
"country_iso_code": "KR",
"timezone": "Asia/Seoul",
"country_name": "South Korea",
"continent_code": "AS",
"location": { "lon": 0.0, "lat": 0.0 },
"region_name": "Seoul",
"postal_code": "055"
},
"ip": "{IPADDR}"
},
"country": {
"geo": {
"country_name": "South Korea",
"continent_name": "Asia",
"country_iso_code": "KR"
},
"ip": "{IP}"
},
"lite2_asn": {
"as": { "number": 9318, "organization": { "name": "SK Broadband Co Ltd" } },
"ip": "{IPADDR}"
},
"as": { "number": 9318, "organization": { "name": "SK Broadband Co Ltd" } },
"anonymous_ip": {
"ip_traits": {
"residential_proxy": false,
"anonymous": false,
"tor_exit_node": false,
"public_proxy": false,
"hosting_provider": false,
"anonymous_vpn": false
}
},
"domain": { "domain": null },
"ip": "{IPADDR}",
"lite2_country": {
"geo": {
"country_name": "South Korea",
"continent_name": "Asia",
"country_iso_code": "KR"
},
"ip": "{IPADDR}"
},
"mmdb": { "organization": "SK Broadband", "isp": "SK Broadband" }
}
TO-BE
{
"lite2_city": {
"geo": {
"region_iso_code": "KR-11",
"city_name": "Songpa-gu",
"country_iso_code": "KR",
"timezone": "Asia/Seoul",
"country_name": "South Korea",
"continent_code": "AS",
"location": { "lon": 0.0, "lat": 0.0 },
"region_name": "Seoul",
"postal_code": "055"
},
"ip_traits": { "network": "0.0.0.0/20" }, // add
"ip": "0.0.0.0"
},
"country": {
"geo": {
"country_name": "South Korea",
"continent_name": "Asia",
"country_iso_code": "KR"
},
"ip": "0.0.0.0"
},
"lite2_asn": {
"as": { "number": 9318, "organization": { "name": "SK Broadband Co Ltd" } },
"ip": "0.0.0.0"
},
"anonymous_ip": {
"ip_traits": {
"tor_exit_node": false,
"public_proxy": false,
"anonymous_vpn": false,
"residential_proxy": false,
"anonymous": false,
"hosting_provider": false,
"network": "0.0.0.0/16" // add
}
},
"city": {
"geo": {
"region_iso_code": "KR-11",
"city_name": "Gwangjin-gu",
"country_iso_code": "KR",
"timezone": "Asia/Seoul",
"country_name": "South Korea",
"continent_code": "AS",
"location": { "lon": 0.0, "lat": 0.0 },
"region_name": "Seoul",
"postal_code": "050"
},
"ip_traits": { "network": "0.0.0.0/24" },
"ip": "0.0.0.0"
},
"domain": { "domain": null },
"isp": {
"as": { "number": 9318, "organization": { "name": "SK Broadband Co Ltd" } },
"mmdb": { "organization": "SK Broadband", "isp": "SK Broadband" },
"ip_traits": { "network": "0.0.0.0/24" }, // add
"ip": "0.0.0.0"
},
"lite2_country": {
"geo": {
"country_name": "South Korea",
"continent_name": "Asia",
"country_iso_code": "KR"
},
"ip": "0.0.0.0"
}
}
❌ Author of the following commits did not sign a Contributor Agreement: 6985f1885caa6d5b33b307798cb6f21e4a482ed3
Please, read and sign the above mentioned agreement if you want to contribute to this project
![cla-checker-service[bot] avatar](https://avatars.githubusercontent.com/u/6764390?v=4 "Published by a pub.dev verified publisher"){kind=small}