[Community]: GeoIP missing SET geo.location processor

### What documentation page is affected

The GeoIP processor link misses the SET processor which is necessary for custom datasets.  Without this users are left with 2 distinct fields (*.lat & *.lon).

[GeoIP Processor](https://www.elastic.co/docs/reference/beats/filebeat/filebeat-geoip)

### What change would you like to see?

Add a set processor so folks will know how to apply, and a link to the mapping necessary for the field:  [geo-point mapping](https://www.elastic.co/docs/reference/elasticsearch/mapping-reference/geo-point)

`{
      "geoip": {
        "ignore_failure": true,
        "field": "threat.indicator.ip",
        "target_field": "threat.indicator.geo"
      }
    },
    {
      "set": {
        "ignore_failure": true,
        "field": "threat.indicator.geo.location",
        "value": "{{threat.indicator.geo.location.lat}}, {{threat.indicator.geo.location.lon}}"
      }
    }`

### Additional info

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Community]: GeoIP missing SET geo.location processor #1474

What documentation page is affected

What change would you like to see?

Additional info

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[Community]: GeoIP missing SET geo.location processor #1474

Description

What documentation page is affected

What change would you like to see?

Additional info

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions