Mapping an IP field
Elasticsearch is used in a lot of systems to collect and search logs such as Kibana (https://www.elastic.co/products/kibana) and LogStash (https://www.elastic.co/products/logstash). To improve search in these scenarios, it provides the IPv4 and IPv6 type that can be used to store IP address in an optimized way.
Getting ready
You need an up-and-running Elasticsearch installation as we described in the Downloading and installing Elasticsearch recipe in Chapter 2, Downloading and Setup.
How to do it...
You need to define the type of the field that contains IP address as ip
as follows:
Using the preceding order example, we can extend it adding the customer IP with:
"customer_ip": { "type": "ip", "store": "yes" }
The IP must be in the standard point notation form, that is:
"customer_ip":"19.18.200.201"
How it works...
When Elasticsearch is processing a document, if a field is an IP one, it tries to convert its value to a numerical form and generate...