Clarify the doc about database auto-update

Question

Clarify the doc about database auto-update

kaisecheng opened this issue 3 years ago · 4 comments

Users have questions regarding the disabling auto-update and the consequence of not having a fresh database.

Is the 30 day freshness check tied to the auto-update functionality only or is it something the plugin itself will enforce? ie if you use default OR a custom endpoint, the autoupdate functionality will be enabled and enforce freshness and disable geo enrichment if not fresh. With specifying a different database path that you instead manually update yourself, the freshness check then is disabled and you instead would be enriching based on old geoip database data rather than losing the functionality all together as with the autoupdater?

Please review the doc https://www.elastic.co/guide/en/logstash/7.15/plugins-filters-geoip.html and clarify the confusion

Answer 1 · 2021-10-18T15:26:49.000Z

@geekpete you are more than welcome to provide feedback on the doc. Which part is confusing or needs to improve?

Answer 2 · 2021-10-19T09:02:39.000Z

airgap setup works with Logstash v7.15.1+. User updates geoip plugin version in Logstash v7.14.1 and lose the direction.
Should we mention the minimum version in the doc?

Answer 3 · 2021-10-21T08:45:02.000Z

https://www.elastic.co/guide/en/logstash/current/plugins-filters-geoip.html#plugins-filters-geoip-database_auto

In air-gapped environments, Logstash can use CC license databases indefinitely

This is not accurate to describe the purpose of air-gapped. Proxy endpoint can provide CC/ EULA database to satisfy the freshness check. User has responsible to keep EULA database in proxy endpoint up-to-date

Answer 4 · 2021-10-21T09:58:23.000Z

The doc miss "CC database can use indefinitely if update never works"