Elasticsearch Ingest Processors

A BoF session held at the elastic on tour event in Frankfurt in October 2018.

Alexander Reelsen

October 30, 2018

More Decks by Alexander Reelsen

See All by Alexander Reelsen

Understanding Apache Lucene - More than just full-text search

0

170

Elasticsearch: From Keyword Search To Data Science

0

210

Evolving Search at an ecommerce marketplace

0

250

The new generation of data stores

0

320

Search Evolution - Keeping up with the hype?

0

430

Mirror mirror... what am I typing next?

0

530

The New Generation of Data Stores

0

290

Elasticsearch: Distributed Search Under the Hood

0

190

Working distributed - but how?

0

250

Other Decks in Technology

See All in Technology

ServiceによるKubernetes通信制御ーClusterIPを例に

1

160

Oracle AI Database@Google Cloud：サービス概要のご紹介

oracle4engineer

PRO

6

1.4k

"うちにはまだ早い"は本当？ ─ 小さく始めるPlatform Engineering入門

6

520

マンション備え付けのネットワークとLTE回線を組み合わせたネットワークの安定化の考案

1

120

拝啓、あの夏の僕へ〜あなたも知っているApp Runnerの世界〜

0

240

AIの揺らぎに“コシ”を与える階層化品質設計

0

270

Digital Independence: Why, When and How

0

310

Forget technical debt

0

190

AI 時代の Platform Engineering

recruitengineers

PRO

1

160

変化の激しい時代をゴキゲンに生き抜くために〜ストレスマネジメントのススメ〜

PRO

5

1.3k

ワールドカフェ再び、そしてゴール・ルール・ロール・ツール / World Café Revisited, and the Goals-Rules-Roles-Tools

PRO

0

150

Purview Endpoint DLP 動かしてみた

0

360

Featured

See All Featured

How to Build an AI Search Optimization Roadmap - Criteria and Steps to Take #SEOIRL

1

2k

End of SEO as We Know It (SMX Advanced Version)

3

4.2k

Claude Code のすすめ

67

220k

Discover your Explorer Soul

2

1.1k

Designing Experiences People Love

143

24k

[SF Ruby Conf 2025] Rails X

2

1k

Chasing Engaging Ingredients in Design

0

190

Java REST API Framework Comparison - PWX 2021

34

9.3k

The Language of Interfaces

162

26k

How to Get Subject Matter Experts Bought In and Actively Contributing to SEO & PR Initiatives.

0

110

It's Worth the Effort

188

29k

The #1 spot is gone: here's how to win anyway

tamaranovitovic

2

1k

Transcript

Alexander Reelsen [email protected] @spinscale Elasticsearch Ingest Processors Luca Wintergerst [email protected]
@LucaWintergerst
‣ Update ‣ Writing your own processors ‣ Use-Cases ‣
Discussion Agenda
Update
‣ bytes (convert to human readable bytes) ‣ dissect (grok
without regexes, much faster) ‣ pipeline processor, referring to other pipelines New processors
‣ - drop processor to fully drop an event ‣
"drop" : { "if": "ctx.foo == 'bar'" } ‣ - scripting can invoke other processors ‣ "ctx.target_field = Processors.bytes(ctx.source_field)" ‣ if in every processor using scripting New processors
‣ performance bump in geoip processor ‣ per processor metrics
‣ index default pipeline: ‣ settings.index.default_pipeline: "my_pipeline" Others
‣ Aligning dissect filters in logstash/beats/ES ‣ https://github.com/elastic/dissect-specification ‣ UI
Future
Writing your own
‣ https://github.com/spinscale/cookiecutter-elasticsearch-ingest-processor ‣ https://github.com/spinscale/elasticsearch-ingest-langdetect ‣ https://github.com/spinscale/elasticsearch-ingest-opennlp Write your own ingest
plugin
Use-Cases
… ask all the things! Discussion