Duplicate geolocalisation fields

When I start the geolocalisation processor plugin in v4.1 and have the Maxmind database configured, fields get created automatically. Yet the Documentation says that one has to go through the trouble of creating LUTs and e.g. pipeline rules in order to get geolocalisation.

It seems to me that these two ways of configuration can be used independently of one other. Perhaps it could be mentioned in the Docs that one does not need LUTs et al when using the plugin?

Hello && Welcome

I have also followed the documentation for GeoIP but I’m not seeing duplicate fields. Is it posible to show us what your seeing?

Hi,
For the examples below I have from the outset disabled my Geolocalisation LUT by connecting it to an adapter and cache that have nothing to do with geolocalisation so that LUT would error out. My maxmind database is configured.

The Geo-location processor plugin on the Configurations screen is also disabled.

I get this:

image

When I enable the Geo-location processor plugin I immediately start to get this:

image

So the above is being inserted without any LUT or pipeline doing geolocation stuff.

When I do connect the LUT and pipeline I get additional geolocation fields according to my rules, such as:

image

because my rule is like this:

image

Actually, the title I gave is misleading, I am not getting duplicate fields, I am getting double fields when I follow the docs. When I enable the plugin I am also prompted to Read more:

When I follow the link it says

I would think that my example above shows that no additional configuration is needed. The LUT seems to me to be superfluous. Does the LUT way of configuring yield other results than using the Geolocation processor?

Hello,

Thank you for the added info. I tried to duplicate you issue in my lab, but unfortunately I do not have the same results as you do.

Did you just install it or did you make configuration on your own?

Here is mine

rule "GeoIP lookup: src_ip"
when
  has_field("src_ip")
then
let geo = lookup("geoip", to_string($message.src_ip));
set_field("src_ip_geo_location", geo["coordinates"]);
set_field("src_ip_geo_country", geo["country"].iso_code);
set_field("src_ip_geo_city", geo["city"].names.en);
end

I’m not finding any duplicates fields.
I think it was easy to setup like in 5 minutes from the documention. Then I waited for messages to come through. That was it “Copy & Paste”.

Correct me if I’m wrong. So it seems thats you made other configuration/s and when you enabled the pipeline now it creates duplicate fields.

But if you can show what you did or maybe post something here for a that would be great.

Other then that I personally dont have issues with the documentation. But if there is a easier way, I would like to know.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.