How to Set Up Graylog GeoIP Configuration
Gathering logs that contain IP addresses are quite common across your infrastructure. Your firewalls, web servers, wireless infrastructure and endpoints can contain IP addresses outside your organization. Having additional data on those logs that gives you the Geolocation of the IP address helps in your investigations and understanding of your traffic patterns. For Example, if you can see logs on a World Map, you know if you are communicating to a country you don’t normally talk to.