View geospatial data on Kibana
Question
In elasticsearch I memorized a series of documents having the following structure:
{
"_index": "logstash-2018.05.10",
"_type": "doc",
"_id": "VM-QSWMBq8te9tFe-bcj",
"_version": 1,
"_score": null,
"_source": {
"location": {
"lat": 42,
"lon": 12.5
},
"@timestamp": "2018-05-10T10:20:24.988Z",
"port": 53950,
"tags": [
"geoinfo"
],
"host": "gateway",
"@version": "1",
"message": "{\"@version\":1,\"level\":\"INFO\",\"logger_name\":\"it.test.elk.ELKTestApplication\",\"appName\":\"docker-elk-master\",\"thread_name\":\"main\",\"message\":\"LAT: 42, LON: 12.5\"}\r",
"type": "java"
},
"fields": {
"@timestamp": [
"2018-05-10T10:20:24.988Z"
]
},
"sort": [
1525947624988
]
}
The corresponding index is this (I only show a small part):
{
"logstash-2018.05.10": {
"aliases": {},
"mappings": {
"doc": {
...
"properties": {
...
"geoip": {
"dynamic": "true",
"properties": {
"ip": {
"type": "ip"
},
"latitude": {
"type": "half_float"
},
"location": {
"type": "geo_point"
},
"longitude": {
"type": "half_float"
}
}
},
...
"location": {
"properties": {
"lat": {
"type": "float"
},
"lon": {
"type": "float"
}
}
},
...
}
}
},
...
}
}
}
On Kibana -> Coordinates Map, I tried to show the geospatial information contained in the location field, but nothing is seen. Maybe location should be a geo_point?
Where am I wrong?
1 answers
solution1
0 2018-05-11 16:16:45
In the Discover view, if the field appears with a ? next to it (or it doesn't have a globe next to it), it means that Kibana doesn't know it's a geo_point (even if Elasticsearch does). To fix that, you need to go into kibana index settings (for logstash-* ) and hit the refresh button.
After you've hit reload, type location into the search box on the index definition screen and make sure it shows up as a geo_point .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.