Elasticsearch Ingest Processors

Alexander Reelsen

October 30, 2018

240

Elasticsearch Ingest Processors

A BoF session held at the elastic on tour event in Frankfurt in October 2018.

Alexander Reelsen

October 30, 2018

Tweet

More Decks by Alexander Reelsen

See All by Alexander Reelsen

Elasticsearch: From Keyword Search To Data Science

0

170

Evolving Search at an ecommerce marketplace

0

190

The new generation of data stores

0

260

Search Evolution - Keeping up with the hype?

0

390

Mirror mirror... what am I typing next?

0

480

The New Generation of Data Stores

0

240

Elasticsearch: Distributed Search Under the Hood

0

170

Working distributed - but how?

0

210

Implementing a custom aws lambda runtime using Crystal

0

770

Other Decks in Technology

See All in Technology

S3アクセス制御の設計ポイント

3

210

「その開発、認知負荷高すぎませんか？」Platform Engineeringで始める開発者体験カイゼン術

PRO

2

1k

Claude Code でアプリ開発をオートパイロットにするためのTips集 Zennの場合 / Claude Code Tips in Zenn

5

2.5k

Oracle Cloud Infrastructure IaaS 新機能アップデート 2025/06 - 2025/08

oracle4engineer

PRO

0

120

Django's GeneratedField by example - DjangoCon US 2025

0

160

Wantedlyの開発組織における生成AIの浸透プロジェクトについて

2

120

2025/09/16 仕様駆動開発とAI-DLCが導くAI駆動開発の新フェーズ

masahiro_okamura

0

140

AIエージェントで90秒の広告動画を制作！台本・音声・映像・編集をつなぐAWS最新アーキテクチャの実践

3

380

MagicPod導入から半年、オープンロジQAチームで実際にやったこと

0

110

初めてAWSを使うときのセキュリティ覚書〜初心者支部編〜

1

290

AIがコード書きすぎ問題にはAIで立ち向かえ

1

790

今日から始めるAWSセキュリティ対策 3ステップでわかる実践ガイド

yoshidatakeshi1994

0

130

Featured

See All Featured

JavaScript: Past, Present, and Future - NDC Porto 2020

52

5.6k

For a Future-Friendly Web

180

9.9k

Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End

252

21k

RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub

139

34k

Making Projects Easy

117

6.4k

Agile that works and the tools we love

330

21k

Producing Creativity

PRO

347

40k

GitHub's CSS Performance

1032

460k

Embracing the Ebb and Flow

87

4.8k

[RailsConf 2023 Opening Keynote] The Magic of Rails

30

9.7k

Why You Should Never Use an ORM

PRO

59

9.5k

We Have a Design System, Now What?

53

7.8k

Transcript

Alexander Reelsen [email protected] @spinscale Elasticsearch Ingest Processors Luca Wintergerst [email protected]
@LucaWintergerst
‣ Update ‣ Writing your own processors ‣ Use-Cases ‣
Discussion Agenda
Update
‣ bytes (convert to human readable bytes) ‣ dissect (grok
without regexes, much faster) ‣ pipeline processor, referring to other pipelines New processors
‣ - drop processor to fully drop an event ‣
"drop" : { "if": "ctx.foo == 'bar'" } ‣ - scripting can invoke other processors ‣ "ctx.target_field = Processors.bytes(ctx.source_field)" ‣ if in every processor using scripting New processors
‣ performance bump in geoip processor ‣ per processor metrics
‣ index default pipeline: ‣ settings.index.default_pipeline: "my_pipeline" Others
‣ Aligning dissect filters in logstash/beats/ES ‣ https://github.com/elastic/dissect-specification ‣ UI
Future
Writing your own
‣ https://github.com/spinscale/cookiecutter-elasticsearch-ingest-processor ‣ https://github.com/spinscale/elasticsearch-ingest-langdetect ‣ https://github.com/spinscale/elasticsearch-ingest-opennlp Write your own ingest
plugin
Use-Cases
… ask all the things! Discussion