Elasticsearch Ingest Processors

Alexander Reelsen

October 30, 2018

240

Elasticsearch Ingest Processors

A BoF session held at the elastic on tour event in Frankfurt in October 2018.

Alexander Reelsen

October 30, 2018

Tweet

More Decks by Alexander Reelsen

See All by Alexander Reelsen

Elasticsearch: From Keyword Search To Data Science

0

170

Evolving Search at an ecommerce marketplace

0

210

The new generation of data stores

0

270

Search Evolution - Keeping up with the hype?

0

400

Mirror mirror... what am I typing next?

0

490

The New Generation of Data Stores

0

250

Elasticsearch: Distributed Search Under the Hood

0

170

Working distributed - but how?

0

220

Implementing a custom aws lambda runtime using Crystal

0

790

Other Decks in Technology

See All in Technology

アウトプットから始めるOSSコントリビューション〜eslint-plugin-vueの場合〜 #vuefes

3

1.9k

現場の壁を乗り越えて、「計装注入」が拓くオブザーバビリティ / Beyond the Field Barriers: Instrumentation Injection and the Future of Observability

PRO

1

700

ざっくり学ぶ『エンジニアリングリーダー技術組織を育てるリーダーシップとセルフマネジメント』 / 50 minute Engineering Leader

6

3.5k

AI機能プロジェクト炎上の 3つのしくじりと学び

0

160

スタートアップの現場で実践しているテストマネジメント #jasst_kyushu

0

140

プロファイルとAIエージェントによる効率的なデバッグ / Effective debugging with profiler and AI assistant

1

560

Okta Identity Governanceで実現する最小権限の原則

0

200

AI駆動で進める依存ライブラリ更新 ─ Vue プロジェクトの品質向上と開発スピード改善の実践録

1

340

GraphRAG グラフDBを使ったLLM生成（自作漫画DBを用いた具体例を用いて）

1

160

AIとの協業で実現！レガシーコードをKotlinらしく生まれ変わらせる実践ガイド

PRO

1

150

Open Table Format (OTF) が必要になった背景とその機能 (2025.10.28)

2

490

CLIPでマルチモーダル画像検索 →とても良い

1

630

Featured

See All Featured

Learning to Love Humans: Emotional Interface Design

274

41k

The Cult of Friendly URLs

79

6.6k

Creating an realtime collaboration tool: Agile Flush - .NET Oxford

34

2.3k

A designer walks into a library…

pauljervisheath

209

24k

Navigating Team Friction

190

15k

Unsuck your backbone

671

58k

Statistics for Hackers

799

220k

Building Better People: How to give real-time feedback that sticks.

370

20k

実際に使うSQLの書き方徹底解説 / pgcon21j-tutorial

PRO

190

55k

[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails

37

2.6k

The Psychology of Web Performance [Beyond Tellerrand 2023]

49

3.1k

150

16k

Transcript

Alexander Reelsen [email protected] @spinscale Elasticsearch Ingest Processors Luca Wintergerst [email protected]
@LucaWintergerst
‣ Update ‣ Writing your own processors ‣ Use-Cases ‣
Discussion Agenda
Update
‣ bytes (convert to human readable bytes) ‣ dissect (grok
without regexes, much faster) ‣ pipeline processor, referring to other pipelines New processors
‣ - drop processor to fully drop an event ‣
"drop" : { "if": "ctx.foo == 'bar'" } ‣ - scripting can invoke other processors ‣ "ctx.target_field = Processors.bytes(ctx.source_field)" ‣ if in every processor using scripting New processors
‣ performance bump in geoip processor ‣ per processor metrics
‣ index default pipeline: ‣ settings.index.default_pipeline: "my_pipeline" Others
‣ Aligning dissect filters in logstash/beats/ES ‣ https://github.com/elastic/dissect-specification ‣ UI
Future
Writing your own
‣ https://github.com/spinscale/cookiecutter-elasticsearch-ingest-processor ‣ https://github.com/spinscale/elasticsearch-ingest-langdetect ‣ https://github.com/spinscale/elasticsearch-ingest-opennlp Write your own ingest
plugin
Use-Cases
… ask all the things! Discussion