aljaz/cowrie
1
0
Fork 0
mirror of https://github.com/aljazceru/cowrie.git synced 2026-01-29 19:14:22 +01:00
Code Issues Packages Projects Releases Wiki Activity

add ASN numbers to logstash output

Browse Source
This commit is contained in:
Michel Oosterhof
2014-11-18 10:40:29 +00:00
parent 428c27d3c3
commit 53ba93acd0
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
utils/logstash-kippo.conf
View File

@@ -31,6 +31,12 @@ filter {
add_field => [ "[geoip][coordinates]", "%{[geoip][longitude]}" ]
add_field => [ "[geoip][coordinates]", "%{[geoip][latitude]}" ]
}
geoip {
source => "src_ip"
database => "/opt/logstash/vendor/geoip/GeoIPASNum.dat"
}
mutate {
convert => [ "[geoip][coordinates]", "float" ]
}