Elasticsearch Ingest Processors

Alexander Reelsen

October 30, 2018

230

Elasticsearch Ingest Processors

A BoF session held at the elastic on tour event in Frankfurt in October 2018.

Alexander Reelsen

October 30, 2018

Tweet

More Decks by Alexander Reelsen

See All by Alexander Reelsen

Elasticsearch: From Keyword Search To Data Science

0

160

Evolving Search at an ecommerce marketplace

0

180

The new generation of data stores

0

260

Search Evolution - Keeping up with the hype?

0

380

Mirror mirror... what am I typing next?

0

480

The New Generation of Data Stores

0

240

Elasticsearch: Distributed Search Under the Hood

0

170

Working distributed - but how?

0

210

Implementing a custom aws lambda runtime using Crystal

0

770

Other Decks in Technology

See All in Technology

信頼できる開発プラットフォームをどう作るか？-Governance as Codeと継続的監視／フィードバックが導くPlatform Engineeringの進め方

1

220

[OCI Technical Deep Dive] OracleのAI戦略(2025年8月5日開催)

oracle4engineer

PRO

1

250

Mackerel in さくらのクラウド

1

340

Observability for LLM Application lifecycle

ivry_presentationmaterials

1

160

はじめての転職講座/The Guide of First Career Change

5

4.5k

薬屋のひとりごとにみるトラブルシューティング

0

390

【OptimizationNight】数理最適化のラストワンマイルとしてのUIUX

2

560

o11yツールを乗り換えた話

2

1.7k

Exadata Database Service on Dedicated Infrastructure セキュリティ、ネットワーク、および管理について

oracle4engineer

PRO

1

330

[OCI Technical Deep Dive] OCIで生成AIを活用するためのソリューション解説(2025年8月5日開催)

oracle4engineer

PRO

0

130

Android Studio の新しいAI機能を試してみよう / Try out the new AI features in Android Studio

0

120

会社にデータエンジニアがいることでできるようになること

8

1.2k

Featured

See All Featured

Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything

31

2.5k

Fashionably flexible responsive web design (full day workshop)

407

66k

Fantastic passwords and where to find them - at NoRuKo

51

3.4k

Intergalactic Javascript Robots from Outer Space

272

27k

Gamification - CAS2011

81

5.4k

Evolution of real-time – Irina Nazarova, EuRuKo, 2024

8

890

Helping Users Find Their Own Way: Creating Modern Search Experiences

29

2.8k

Keith and Marios Guide to Fast Websites

411

22k

JavaScript: Past, Present, and Future - NDC Porto 2020

50

5.5k

Being A Developer After 40

90

590k

Building Applications with DynamoDB

96

6.6k

Designing Dashboards & Data Visualisations in Web Apps

231

53k

Transcript

Alexander Reelsen [email protected] @spinscale Elasticsearch Ingest Processors Luca Wintergerst [email protected]
@LucaWintergerst
‣ Update ‣ Writing your own processors ‣ Use-Cases ‣
Discussion Agenda
Update
‣ bytes (convert to human readable bytes) ‣ dissect (grok
without regexes, much faster) ‣ pipeline processor, referring to other pipelines New processors
‣ - drop processor to fully drop an event ‣
"drop" : { "if": "ctx.foo == 'bar'" } ‣ - scripting can invoke other processors ‣ "ctx.target_field = Processors.bytes(ctx.source_field)" ‣ if in every processor using scripting New processors
‣ performance bump in geoip processor ‣ per processor metrics
‣ index default pipeline: ‣ settings.index.default_pipeline: "my_pipeline" Others
‣ Aligning dissect filters in logstash/beats/ES ‣ https://github.com/elastic/dissect-specification ‣ UI
Future
Writing your own
‣ https://github.com/spinscale/cookiecutter-elasticsearch-ingest-processor ‣ https://github.com/spinscale/elasticsearch-ingest-langdetect ‣ https://github.com/spinscale/elasticsearch-ingest-opennlp Write your own ingest
plugin
Use-Cases
… ask all the things! Discussion