Whether you are just starting your observability journey or already are an expert, our courses will help advance your knowledge and practical skills.
Expert insight, best practices and information on everything related to Observability issues, trends and solutions.
Explore our guides on a broad range of observability related topics.
Many of the logs generated by our customers include IP information. The Coralogix Geo Enrichment enables you to automatically add IP based geographical information to your logs in the form of new fields that can be queried, visualized, and reported on.
Some of these fields are:
The Country name, City name, Continent name, postal_code, and location geo_point.
Look at the example below. I have marked the fields that have been added once the enrichment was added.
To get started, simply navigate to the Data Flow menu, click on Data Enrichment and scroll to the Geo Enrichment section. In this section, you can define the fields in your logs that contain the IP fields that you would like to enrich with Geo information.
If you don’t have your IP fields set, or your data isn’t in JSON formatted, you can use Coralogix’s Rules Engine to extract the IP addresses found in your log records using the “Extract” or “Parse” rules.
Once you define the IP field, Coralogix will add geographical information to the logs based on the selected fields.
Note that these fields won’t be added if the enrichment DB does not have the queried IP.
You can see that the object clientIp_geoip was added to the log and it includes geographical information based on the IP address found in the field Ip. These added fields can now be queried and used to generate visualizations and alerts.