jbsky
IPv6 does not add GeoIP fields - Graylog 5.0 and 5.1
When the message is an IPv4 message, the GeoIP fields for ASN, Country and City are created and added so that you can search on them and display them on the Map. When the message is an IPv6 message, the GeoIP fields are NOT created. I can load the message and test it against the "SourceIP geo-lookup-city " extractor and it shows the city, same for "SourceIP geo-lookup-asn" and the "SourceIP geo-lookup-country" extractors. It just not seem to add them when the messages are being processed.
Hello,
Please provide more technical details about the problem.
From memory, the lookup tables only have IPv4, I don't think IPv6 works, but I could be wrong :).
Regards,
Hi, I am not sure what you are asking for. As I said, if I go to System - Inputs Click on Manage Extractors Edit - SourceIP geo-lookup-city
Load an IPv4 or an IPv6 message and test it, it will show the city
When in Search (for example), if I click an IPv4 message, it will show the City, country etc. If I click an IPv6 message, it does not show those details.