Map widget plugin

davidoff · 2017-02-28 11:36:46 UTC

Hi, ive installed graylog 2.2 from repo with map widget plugin. so it doesnt work. I do everything that was written in manual. In messages i have field “ip”, but doesn`t have ip_geolocation. Could the reason is that in “ip” field on test env is like 172.16.0.2 ?

Some configs:

Enabled:yes
Database type: City database
Database path: /opt/graylog-geo/GeoLite2-City.mmdb

Message Processors Configuration
The following message processors are executed in order. Disabled processors will be skipped.

Processor Status
1 Pipeline Processor active
2 Message Filter Chain active
3 GeoIP Resolver active

ls -l /opt/graylog-geo/GeoLite2-City.mmdb
-rw-r–r-- 1 graylog graylog 51575973 фев 8 06:00 /opt/graylog-geo/GeoLite2-City.mmdb

Can you help me ?

jochen · 2017-02-28 13:10:45 UTC

What exactly did you install? The Map Widget plugin is being shipped with Graylog itself.

davidoff · 2017-02-28 13:30:17 UTC

yep, i mean that i have installed correct version

ls -l /usr/share/graylog-server/plugin/
итого 19204
-rw-r–r-- 1 root root 499210 фев 20 17:07 graylog-plugin-anonymous-usage-statistics-2.2.1.jar
-rw-r–r-- 1 root root 27030 фев 20 17:07 graylog-plugin-beats-2.2.1.jar
-rw-r–r-- 1 root root 2935745 фев 20 17:07 graylog-plugin-collector-2.2.1.jar
-rw-r–r-- 1 root root 4132492 фев 20 17:07 graylog-plugin-enterprise-integration-2.2.1.jar
-rw-r–r-- 1 root root 6483651 фев 20 17:07 graylog-plugin-map-widget-2.2.1.jar
-rw-r–r-- 1 root root 5581585 фев 20 17:07 graylog-plugin-pipeline-processor-2.2.1.jar

jochen · 2017-02-28 14:12:07 UTC

Yes, IP addresses from a private IP range (see RFC 1918) will obviously not yield geo coordinates via Maxmind GeoIP.

jan · 2017-03-01 07:51:47 UTC

Additional @davidoff you should check the processing order of plugins - the geo-ip should be the latest.