Elasticsearch Ingest Processors

A BoF session held at the elastic on tour event in Frankfurt in October 2018.

Alexander Reelsen

October 30, 2018

More Decks by Alexander Reelsen

See All by Alexander Reelsen

Understanding Apache Lucene - More than just full-text search

0

160

Elasticsearch: From Keyword Search To Data Science

0

210

Evolving Search at an ecommerce marketplace

0

250

The new generation of data stores

0

310

Search Evolution - Keeping up with the hype?

0

420

Mirror mirror... what am I typing next?

0

520

The New Generation of Data Stores

0

290

Elasticsearch: Distributed Search Under the Hood

0

180

Working distributed - but how?

0

250

Other Decks in Technology

See All in Technology

インターネットの技術 / Internet technology

PRO

0

210

エージェントスキルを作って自分のインプットに役立てよう

0

350

EBS暗号化に失敗してEC2が動かなくなった話

2

200

Standards et agents IA : un tour d’horizon de MCP, A2A, ADK et plus encore

0

160

EarthCopilotに学ぶマルチエージェントオーケストレーション

0

290

コードや知識を組み込む / Incorporate Code and Knowledge

PRO

0

150

Digitization部紹介資料

PRO

1

7.3k

The Journey of Box Building

4

2.5k

2026年、知っておくべき最新サーバレスTips10選/serverless-10-tips

13

5.2k

弁護士ドットコム株式会社エンジニア職向け会社紹介資料

1

150

AI バイブコーティングでキーボード不要？！

0

560

All About Sansan – for New Global Engineers

PRO

1

1.4k

Featured

See All Featured

The Curse of the Amulet

1

11k

Git: the NoSQL Database

PRO

432

67k

Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure

49

9.9k

What’s in a name? Adding method to the madness

productmarketing

PRO

24

4k

ラッコキーワードサービス紹介資料

1

3.1M

How to make the Groovebox

2

2.1k

Groundhog Day: Seeking Process in Gaming for Health

0

140

Prompt Engineering for Job Search

0

270

Design of three-dimensional binary manipulators for pick-and-place task avoiding obstacles (IECON2024)

0

400

Automating Front-end Workflow

1370

200k

Crafting Experiences

1

110

Conquering PDFs: document understanding beyond plain text

PRO

4

2.6k

Transcript

Alexander Reelsen [email protected] @spinscale Elasticsearch Ingest Processors Luca Wintergerst [email protected]
@LucaWintergerst
‣ Update ‣ Writing your own processors ‣ Use-Cases ‣
Discussion Agenda
Update
‣ bytes (convert to human readable bytes) ‣ dissect (grok
without regexes, much faster) ‣ pipeline processor, referring to other pipelines New processors
‣ - drop processor to fully drop an event ‣
"drop" : { "if": "ctx.foo == 'bar'" } ‣ - scripting can invoke other processors ‣ "ctx.target_field = Processors.bytes(ctx.source_field)" ‣ if in every processor using scripting New processors
‣ performance bump in geoip processor ‣ per processor metrics
‣ index default pipeline: ‣ settings.index.default_pipeline: "my_pipeline" Others
‣ Aligning dissect filters in logstash/beats/ES ‣ https://github.com/elastic/dissect-specification ‣ UI
Future
Writing your own
‣ https://github.com/spinscale/cookiecutter-elasticsearch-ingest-processor ‣ https://github.com/spinscale/elasticsearch-ingest-langdetect ‣ https://github.com/spinscale/elasticsearch-ingest-opennlp Write your own ingest
plugin
Use-Cases
… ask all the things! Discussion