Elasticsearch Ingest Processors

Alexander Reelsen

October 30, 2018

260

Elasticsearch Ingest Processors

A BoF session held at the elastic on tour event in Frankfurt in October 2018.

Alexander Reelsen

October 30, 2018

Tweet

More Decks by Alexander Reelsen

See All by Alexander Reelsen

Elasticsearch: From Keyword Search To Data Science

0

200

Evolving Search at an ecommerce marketplace

0

230

The new generation of data stores

0

290

Search Evolution - Keeping up with the hype?

0

410

Mirror mirror... what am I typing next?

0

510

The New Generation of Data Stores

0

270

Elasticsearch: Distributed Search Under the Hood

0

170

Working distributed - but how?

0

230

Implementing a custom aws lambda runtime using Crystal

0

860

Other Decks in Technology

See All in Technology

データの整合性を保ちたいだけなんだ

8

3.1k

SREじゃなかった僕らがenablingを通じて「SRE実践者」になるまでのリアル / SRE Kaigi 2026

6

2.3k

Introduction to Sansan, inc / Sansan Global Development Center, Inc.

PRO

0

3k

名刺メーカーDevグループ紹介資料

PRO

0

1k

Kiro IDEのドキュメントを全部読んだので地味だけどちょっと嬉しい機能を紹介する

0

180

FinTech SREのAWSサービス活用/Leveraging AWS Services in FinTech SRE

0

130

Data Hubグループ紹介資料

PRO

0

2.7k

Cosmos World Foundation Model Platform for Physical AI

0

870

会社紹介資料 / Sansan Company Profile

PRO

15

400k

10Xにおける品質保証活動の全体像と改善 #no_more_wait_for_test

PRO

2

240

変化するコーディングエージェントとの現実的な付き合い方〜Cursor安定択説と、ツールに依存しない「資産」〜

4

1.4k

SREが向き合う大規模リアーキテクチャ〜信頼性とアジリティの両立〜

0

440

Featured

See All Featured

Joys of Absence: A Defence of Solitary Play

1

290

Documentation Writing (for coders)

77

5.3k

CoffeeScript is Beautiful & I Never Want to Write Plain JavaScript Again

162

16k

The innovator’s Mindset -  Leading Through an Era of Exponential Change - McGill University 2025

PRO

1

90

0

450

How to Align SEO within the Product Triangle To Get  Buy-In & Support - #RIMC

1

1.4k

JavaScript: Past, Present, and Future - NDC Porto 2020

52

5.8k

Why Your Marketing Sucks and What You Can Do About It - Sophie Logan

0

74

Put a Button on it: Removing Barriers to Going Fast.

60

4.2k

The Straight Up "How To Draw Better" Workshop

239

140k

Why Mistakes Are the Best Teachers: Turning Failure into a Pathway for Growth

0

51

Ethics towards AI in product and experience design

2

190

Transcript

Alexander Reelsen [email protected] @spinscale Elasticsearch Ingest Processors Luca Wintergerst [email protected]
@LucaWintergerst
‣ Update ‣ Writing your own processors ‣ Use-Cases ‣
Discussion Agenda
Update
‣ bytes (convert to human readable bytes) ‣ dissect (grok
without regexes, much faster) ‣ pipeline processor, referring to other pipelines New processors
‣ - drop processor to fully drop an event ‣
"drop" : { "if": "ctx.foo == 'bar'" } ‣ - scripting can invoke other processors ‣ "ctx.target_field = Processors.bytes(ctx.source_field)" ‣ if in every processor using scripting New processors
‣ performance bump in geoip processor ‣ per processor metrics
‣ index default pipeline: ‣ settings.index.default_pipeline: "my_pipeline" Others
‣ Aligning dissect filters in logstash/beats/ES ‣ https://github.com/elastic/dissect-specification ‣ UI
Future
Writing your own
‣ https://github.com/spinscale/cookiecutter-elasticsearch-ingest-processor ‣ https://github.com/spinscale/elasticsearch-ingest-langdetect ‣ https://github.com/spinscale/elasticsearch-ingest-opennlp Write your own ingest
plugin
Use-Cases
… ask all the things! Discussion