TUTORIALS

Create geo based queries, visualizations and reports using Geo Enrichment

Many of the logs generated by our customers include IP information. The Coralogix Geo Enrichment enables you to automatically add IP based geographical information to your logs in the form of new fields that can be queried, visualized, and reported on.

To get started, simply navigate to the ROI Tab,  click on “Enrich” and scroll to the “Geo Enrichment” section. In this section, you can define the fields in your logs that contain the IP fields that you would like to enrich with Geoinformation.

If you don’t have your IP fields set, or your data isn’t in JSON formatted, you can use Coralogix’s Rules Engine to extract the IP addresses found in your log records using the “Extract” or “Parse” rules.

Once you define the IP field, Coralogix will add geographical information to the logs based on the selected fields. This is a log with the field IpAddress:

This is the same log after IpAddress was defined as the field for Geo Enrichment:

You can see that the object event_data_IpAddress_geoip was added to the log and it includes geographical information based on the IP address found in the field IpAddress. These added fields can now be queried and used to generate visualizations and alerts (including ‘Coordinate map’ type Kibana visualizations).

Geo Enrichment is currently opened for a limited number of users. Do you want to join the group? Shoot us an email at [email protected] or chat with us 🙂

Start solving your production issues faster

Let's talk about how Coralogix can help you better understand your logs

Managed, Scaled and Compliant ELK Stack

No credit card required

Get a personalized demo

Jump on a call with one of our experts and get a live personalized demonstration