Elasticsearch Ingest Processors

Alexander Reelsen

October 30, 2018

240

Elasticsearch Ingest Processors

A BoF session held at the elastic on tour event in Frankfurt in October 2018.

Alexander Reelsen

October 30, 2018

Tweet

More Decks by Alexander Reelsen

See All by Alexander Reelsen

Elasticsearch: From Keyword Search To Data Science

0

190

Evolving Search at an ecommerce marketplace

0

220

The new generation of data stores

0

270

Search Evolution - Keeping up with the hype?

0

400

Mirror mirror... what am I typing next?

0

490

The New Generation of Data Stores

0

260

Elasticsearch: Distributed Search Under the Hood

0

170

Working distributed - but how?

0

220

Implementing a custom aws lambda runtime using Crystal

0

800

Other Decks in Technology

See All in Technology

不確実性に備える ABEMA の信頼性設計とオブザーバビリティ基盤

4

7.9k

Dev Containers と Skaffold で実現するクラウドネイティブ開発環境ローカルのみという制約に挑む / Cloud-Native Development with Dev Containers and Skaffold: Tackling the Local-Only Constraint

PRO

0

140

AI エージェント活用のベストプラクティスと今後の課題

2

310

マルチドライブアーキテクチャ: 複数の駆動力でプロダクトを前進させる

0

11k

プロダクト負債と歩む持続可能なサービスを育てるための挑戦

PRO

1

1k

なぜブラウザで帳票を生成したいのか　どのようにブラウザで帳票を生成するのか

1

210

変わるもの、変わらないもの：OSSアーキテクチャで実現する持続可能なシステム

PRO

0

860

Greenは本当にGreenか？ - B/GデプロイとAPI自動テストで安心デプロイ

1

130

都市スケールAR制作で気をつけること

0

200

ローカルVLM OCRモデル + Gemini 3.0 Proで日本語性能を試す

1

170

持続可能なアクセシビリティ開発

6

330

『星の世界の地図の話: Google Sky MapをAI Agentでよみがえらせる』 - Google Developers DevFest Tokyo 2025

0

350

Featured

See All Featured

How to Think Like a Performance Engineer

28

2.3k

89

9.9k

個人開発の失敗を避けるイケてる考え方 / tips for indie hackers

118

20k

Code Review Best Practice

72

19k

Why You Should Never Use an ORM

PRO

60

9.6k

sergeychernyshev

33

1.3k

VelocityConf: Rendering Performance Case Studies

333

24k

No one is an island. Learnings from fostering a developers community.

21

3.5k

Creating an realtime collaboration tool: Agile Flush - .NET Oxford

34

2.3k

Learning to Love Humans: Emotional Interface Design

274

41k

How GitHub (no longer) Works

315

140k

The Web Performance Landscape in 2024 [PerfNow 2024]

11

940

Transcript

Alexander Reelsen [email protected] @spinscale Elasticsearch Ingest Processors Luca Wintergerst [email protected]
@LucaWintergerst
‣ Update ‣ Writing your own processors ‣ Use-Cases ‣
Discussion Agenda
Update
‣ bytes (convert to human readable bytes) ‣ dissect (grok
without regexes, much faster) ‣ pipeline processor, referring to other pipelines New processors
‣ - drop processor to fully drop an event ‣
"drop" : { "if": "ctx.foo == 'bar'" } ‣ - scripting can invoke other processors ‣ "ctx.target_field = Processors.bytes(ctx.source_field)" ‣ if in every processor using scripting New processors
‣ performance bump in geoip processor ‣ per processor metrics
‣ index default pipeline: ‣ settings.index.default_pipeline: "my_pipeline" Others
‣ Aligning dissect filters in logstash/beats/ES ‣ https://github.com/elastic/dissect-specification ‣ UI
Future
Writing your own
‣ https://github.com/spinscale/cookiecutter-elasticsearch-ingest-processor ‣ https://github.com/spinscale/elasticsearch-ingest-langdetect ‣ https://github.com/spinscale/elasticsearch-ingest-opennlp Write your own ingest
plugin
Use-Cases
… ask all the things! Discussion