Elasticsearch Ingest Processors

A BoF session held at the elastic on tour event in Frankfurt in October 2018.

Alexander Reelsen

October 30, 2018

More Decks by Alexander Reelsen

See All by Alexander Reelsen

Understanding Apache Lucene - More than just full-text search

0

180

Elasticsearch: From Keyword Search To Data Science

0

210

Evolving Search at an ecommerce marketplace

0

260

The new generation of data stores

0

320

Search Evolution - Keeping up with the hype?

0

430

Mirror mirror... what am I typing next?

0

540

The New Generation of Data Stores

0

290

Elasticsearch: Distributed Search Under the Hood

0

200

Working distributed - but how?

0

260

Other Decks in Technology

See All in Technology

テストコードのないプロジェクトにテストを根付かせる

0

230

最低限これだけ押さえれ大丈夫_Claude Enterprise/Team企業展開ガバナンス入門

1

550

Dynamic Workersについて

2

480

組織の中で自分を経営する技術

0

230

AI-DLCを活用した高品質・安全なAI駆動開発実践 / AI Driven Development

1

260

OpenID Connectによるサービス間連携

0

140

JJUG CCC 2026 Spring　AI時代の開発こそ標準化を武器に！ ― 方式・プロセス・プラットフォームの標準化

2

630

Fabric-cicd によるAzure DevOps デプロイ

0

150

Javaで学ぶSOLID原則

1

240

基礎から解説！Icebergで紐解くSnowflake×Databricks連携の現在地

0

400

Oracle Cloud Infrastructure：2026年5月度サービス・アップデート

oracle4engineer

PRO

1

270

もりもり新機能を一挙紹介！ AgentCoreに入門して、AWS上にAIエージェントを構築しよう

PRO

5

260

Featured

See All Featured

Navigating the moral maze — ethical principles for Al-driven product design

2

370

0

610

A Guide to Academic Writing Using Generative AI - A Workshop

PRO

1

310

Future Trends and Review - Lecture 12 - Web Technologies (1019888BNR)

PRO

0

3.6k

The Organizational Zoo: Understanding Human Behavior Agility Through Metaphoric Constructive Conversations (based on the works of Arthur Shelley, Ph.D)

PRO

0

340

Darren the Foodie - Storyboard

PRO

3

3.4k

Skip the Path - Find Your Career Trail

1

130

Tips & Tricks on How to Get Your First Job In Tech

1

520

Refactoring Trust on Your Teams (GOTO; Chicago 2020)

35

3.5k

Believing is Seeing

1

130

Self-Hosted WebAssembly Runtime for Runtime-Neutral Checkpoint/Restore in Edge–Cloud Continuum

0

550

Deep Space Network (abreviated)

0

160

Transcript

Alexander Reelsen [email protected] @spinscale Elasticsearch Ingest Processors Luca Wintergerst [email protected]
@LucaWintergerst
‣ Update ‣ Writing your own processors ‣ Use-Cases ‣
Discussion Agenda
Update
‣ bytes (convert to human readable bytes) ‣ dissect (grok
without regexes, much faster) ‣ pipeline processor, referring to other pipelines New processors
‣ - drop processor to fully drop an event ‣
"drop" : { "if": "ctx.foo == 'bar'" } ‣ - scripting can invoke other processors ‣ "ctx.target_field = Processors.bytes(ctx.source_field)" ‣ if in every processor using scripting New processors
‣ performance bump in geoip processor ‣ per processor metrics
‣ index default pipeline: ‣ settings.index.default_pipeline: "my_pipeline" Others
‣ Aligning dissect filters in logstash/beats/ES ‣ https://github.com/elastic/dissect-specification ‣ UI
Future
Writing your own
‣ https://github.com/spinscale/cookiecutter-elasticsearch-ingest-processor ‣ https://github.com/spinscale/elasticsearch-ingest-langdetect ‣ https://github.com/spinscale/elasticsearch-ingest-opennlp Write your own ingest
plugin
Use-Cases
… ask all the things! Discussion