Add Geolocation to Graylog 2

The Graylog Map Widget is the plugin providing geolocation capabilities to Graylog. The plugin is compatible with Graylog 2.0.0 and higher, and it is installed by default, although some configuration is still required on your side. This section explains how to configure the plugin in detail.

In case you need to reinstall the plugin for some reason, you can find it inside the Graylog tarball in our downloads page. Follow the instructions in Installing and loading plugins to install it.

Configure the database

In first place, you need to download a geolocation database. We currently support MaxMind City databases in the MaxMind DB format, as the GeoIP2 City Database or GeoLite2 City Database that MaxMind provides.

The next step is to store the geolocation database in all servers running Graylog. As an example, if you were using the Graylog OVA, you could save the database in the /var/opt/graylog/data folder, along with other data used by Graylog. Make sure you grant the right permissions so the user running Graylog can read the file. Continue reading “Add Geolocation to Graylog 2” »

Share