Elasticsearch Ingest Processors

A BoF session held at the elastic on tour event in Frankfurt in October 2018.

Alexander Reelsen

October 30, 2018

Tweet

More Decks by Alexander Reelsen

See All by Alexander Reelsen

Understanding Apache Lucene - More than just full-text search

0

140

Elasticsearch: From Keyword Search To Data Science

0

200

Evolving Search at an ecommerce marketplace

0

250

The new generation of data stores

0

300

Search Evolution - Keeping up with the hype?

0

420

Mirror mirror... what am I typing next?

0

520

The New Generation of Data Stores

0

280

Elasticsearch: Distributed Search Under the Hood

0

180

Working distributed - but how?

0

250

Other Decks in Technology

See All in Technology

AI時代のシステム開発者の仕事_20260328

0

310

Cursor Subagentsはいいぞ

2

120

TUNA Camp 2026 京都Stage ヒューリスティックアルゴリズム入門

0

630

互換性のある（らしい）DBへの移行など考えるにあたってたいへんざっくり

PRO

0

350

SaaSに宿る21g

2

180

「活動」は激変する。「ベース」は変わらない～ 4つの軸で捉える_AI時代ソフトウェア開発マネジメント

0

130

MIX AUDIO EN BROADCAST

0

130

AIエージェント勉強会第3回エージェンティックAIの時代がやってきた

0

170

SSoT（Single Source of Truth）で「壊して再生」する設計

2

400

Zephyr(RTOS)でOpenPLCを実装してみた

0

160

AIエージェント時代に必要なオペレーションマネージャーのロールとは

0

230

Sansanの認証基盤を支えるアーキテクチャとその振り返り

PRO

1

120

Featured

See All Featured

XXLCSS - How to scale CSS and keep your sanity

249

1.3M

SEO in 2025: How to Prepare for the Future of Search

3

3.4k

The Curse of the Amulet

1

11k

"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)

231

22k

How to Ace a Technical Interview

281

24k

Abbi's Birthday

2

6k

Keith and Marios Guide to Fast Websites

413

23k

How to Align SEO within the Product Triangle To Get  Buy-In & Support - #RIMC

1

1.5k

Getting science done with accelerated Python computing platforms

2

160

Digital Projects Gone Horribly Wrong (And the UX Pros Who Still Save the Day) - Dean Schuster

0

910

The AI Revolution Will Not Be Monopolized: How open-source beats economies of scale, even for LLMs

PRO

3

3.2k

Leveraging Curiosity to Care for An Aging Population

1

200

Transcript

Alexander Reelsen [email protected] @spinscale Elasticsearch Ingest Processors Luca Wintergerst [email protected]
@LucaWintergerst
‣ Update ‣ Writing your own processors ‣ Use-Cases ‣
Discussion Agenda
Update
‣ bytes (convert to human readable bytes) ‣ dissect (grok
without regexes, much faster) ‣ pipeline processor, referring to other pipelines New processors
‣ - drop processor to fully drop an event ‣
"drop" : { "if": "ctx.foo == 'bar'" } ‣ - scripting can invoke other processors ‣ "ctx.target_field = Processors.bytes(ctx.source_field)" ‣ if in every processor using scripting New processors
‣ performance bump in geoip processor ‣ per processor metrics
‣ index default pipeline: ‣ settings.index.default_pipeline: "my_pipeline" Others
‣ Aligning dissect filters in logstash/beats/ES ‣ https://github.com/elastic/dissect-specification ‣ UI
Future
Writing your own
‣ https://github.com/spinscale/cookiecutter-elasticsearch-ingest-processor ‣ https://github.com/spinscale/elasticsearch-ingest-langdetect ‣ https://github.com/spinscale/elasticsearch-ingest-opennlp Write your own ingest
plugin
Use-Cases
… ask all the things! Discussion