No hosts list or country distribution showing #60
Comments
|
Hi, to make sure I understand, you generally get data in Kibana but the Hosts panel is empty? A common issue is that we only display arrows between known hosts (hosts running the agent). Please check whether the values for both Another thing you could try is to add another "force" panel in which you use the
See also issue #56. |
|
That's correct. I figured out that I need the GoIP library installed to get src_country, though I haven't figured out where to actually get that library and there doesn't seem to be any info in the docs on that, other than a mention that it's necessary. Any more information available on that? |
|
Ah, good point. On RPM based distros, do: and on debian based repos: Please make sure you have the latest version of the agent (0.3.2), because prior versions were not able to follow links when reading the geoip DB files. We'll update the documentation, thanks for pointing out the issue. |
|
Looks like geoip-database is installed on both my packetbeat server as well as my one client. Is there any troubleshooting I might perform to make sure it's working as it's supposed to? |
|
Please check that:
|
|
that file exists where the agent is running. |
|
Hmm, that's strange. If you copy one of the IP addresses from |
|
Ah. The solution presents itself. I am using an AWS load balancer. The src_ip is a 10.x.x.x address and therefore never gets looked up. Any way to make the map use the x-forwarded-for? |
|
Not at the moment, unfortunately, because x-forwarded-for doesn't get it's own field. We'll either add it to the list of exported headers or, better, make the list of exported headers configurable. |
|
Hello, I'm having a similar problem. All my transactions has the location "0.000000, 0.000000". I installed the GeoIP library and checked Packetbeat running in debug mode, everything appears to be fine. Any tricks? Thank you very much,
|
|
This is still broken in the latest beta2 for me. |
|
@mingfang (or @gabrielrcouto), what OS are you running and what GeoIP package did you installed. From what we know, this is working correctly for most people. |
|
I'm running my agent inside Docker https://github.com/mingfang/docker-packetbeat-agent I'm getting client_ip but no client_location. |
|
I looked at @mingfang's docker container. It installs the geoip-database package which contains the GeoLite Country database that will only return country names and not latitude/longitude values. The libbeat publisher requires that latitude and longitude be non-zero before it will insert the If you install the GeoLite City database then you should get latitude and longitude values and therefore have Try this in your container and you should start getting back locations. We should update the project documentation to inform users they should use the GeoLite City database. The defaults in geolite.go should also be changed to point to GeoLiteCity.dat rather than GeoIP.data. |
|
Yes, it works! |
|
Thanks @andrewkroh and @mingfang! I'll add this to the docs. |
|
Thank you very much @andrewkroh, I followed your instructions and now the location resolution is working on my Ubuntu Server installation. |
Encrypted token changed when we changed the projects in appveyor
Addition for jenkins to install docker-compose
Addition for jenkins to install docker-compose
* Disable low value linters. See related discussion in elastic#31683 * Fix new lint errors.
used the deploy script with ansible, had to tinker a bit because of my own issues, but I am not getting any results in the traffic distribution or the hosts list. Can you advise why that might be? Thanks!
The text was updated successfully, but these errors were encountered: