Create worldmap or Geomap with Loki Geoip

Grafana Dashboards
, ,
1

Hello ,
I am using Promtail to ingest Loki some OpenVpn from syslog-ng to Loki
i am using GeoIP stages as following

      - match:
          selector: '{job="syslog"}'
          stages:
            - regex:
                expression: '^(?P<time>\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}.\d{6}\+\d{2}:\d{2})\s(?P<source_fw>.+?)\s(?P<auth_source>.+?)\s(\d+?)\s-\s-\s(?P<user_name>.+?)\/(?P<client_ip>[\d.]+):\d+\speer\sinfo\:\sIV_VER=\d\..+'
            - geoip:
                db: "/siem_folder/promtail/GeoLite2-City.mmdb"
                source: client_ip
                db_type: "city"

The fields are looks as follows below in Grfana (Grafana v9.5.2) , i am trying to set worldmap or a geomap panel for username world connection but i cant set the it correctly

sum by (geoip_country_name) (count_over_time({job="syslog",user_name!=""} | json | geoip_country_name != "" [5m]))

in the panel settings i got

Country Code (not found)

Any idea how i should set it correctly ,
Please advice
Thanks

2023-06-04_13h17_46
2023-06-04_13h17_46512×543 34.6 KB

2

Use long lat, by choosing coordinates tab of markers property

Screenshot_20230604-044811_Chrome
Screenshot_20230604-044811_Chrome1080×2220 136 KB

1 Like
3

Thanks for the answer , but when i try to set as you instruct me i have following issue
2023-06-04_16h14_31
i assume the the Lat and lon are written in text , i don’t know how to convert them to float
any idea?
Thanks

4

Transform tab rhe covert to numeric

1 Like
5

Thank you, but sorry i am kind of newbie with those topic can explain please in more details Transform tab rhe covert to numeric << should i use template in stages for that?
Thanks

7

Thank you very much
Its works :slight_smile:
Thanks again

1 Like