Elasticsearch Ingest Processors

Alexander Reelsen

October 30, 2018

250

Elasticsearch Ingest Processors

A BoF session held at the elastic on tour event in Frankfurt in October 2018.

Alexander Reelsen

October 30, 2018

Tweet

More Decks by Alexander Reelsen

See All by Alexander Reelsen

Elasticsearch: From Keyword Search To Data Science

0

190

Evolving Search at an ecommerce marketplace

0

220

The new generation of data stores

0

280

Search Evolution - Keeping up with the hype?

0

400

Mirror mirror... what am I typing next?

0

490

The New Generation of Data Stores

0

260

Elasticsearch: Distributed Search Under the Hood

0

170

Working distributed - but how?

0

230

Implementing a custom aws lambda runtime using Crystal

0

830

Other Decks in Technology

See All in Technology

生成AI時代の自動E2Eテスト運用とPlaywright実践知_引持力哉

legalontechnologies

PRO

0

210

ブロックテーマとこれからの WordPress サイト制作 / Toyama WordPress Meetup Vol.81

0

510

学習データって増やせばいいんですか？

1

250

Edge AI Performance on Zephyr Pico vs. Pico 2

0

110

法人支出管理領域におけるソフトウェアアーキテクチャに基づいたテスト戦略の実践

1

210

[デモです] NotebookLM で作ったスライドの例

0

100

生成AI・AIエージェント時代、データサイエンティストは何をする人なのか？そして、今学生であるあなたは何を学ぶべきか？

2

2.1k

Playwright x GitHub Actionsで実現する「レビューしやすい」E2Eテストレポート

0

410

【pmconf2025】PdMの「責任感」がチームを弱くする？「分業型」から全員がユーザー価値に本気で向き合う「共創型開発チーム」への変遷

toshimasa012345

0

270

今年のデータ・ML系アップデートと気になるアプデのご紹介

1

140

Playwrightのソースコードに見る、自動テストを自動で書く技術

13

5k

【AWS re:Invent 2025速報】AIビルダー向けアップデートをまとめて解説！

4

470

Featured

See All Featured

Large-scale JavaScript Application Architecture

515

110k

Dealing with People You Can't Stand - Big Design 2015

367

27k

Embracing the Ebb and Flow

88

4.9k

Git: the NoSQL Database

PRO

432

66k

The World Runs on Bad Software

PRO

72

12k

個人開発の失敗を避けるイケてる考え方 / tips for indie hackers

121

20k

Building Flexible Design Systems

yeseniaperezcruz

330

39k

Designing for Performance

610

69k

Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure

48

9.8k

What’s in a name? Adding method to the madness

productmarketing

PRO

24

3.8k

Building a Scalable Design System with Sketch

463

34k

Optimising Largest Contentful Paint

37

3.5k

Transcript

Alexander Reelsen [email protected] @spinscale Elasticsearch Ingest Processors Luca Wintergerst [email protected]
@LucaWintergerst
‣ Update ‣ Writing your own processors ‣ Use-Cases ‣
Discussion Agenda
Update
‣ bytes (convert to human readable bytes) ‣ dissect (grok
without regexes, much faster) ‣ pipeline processor, referring to other pipelines New processors
‣ - drop processor to fully drop an event ‣
"drop" : { "if": "ctx.foo == 'bar'" } ‣ - scripting can invoke other processors ‣ "ctx.target_field = Processors.bytes(ctx.source_field)" ‣ if in every processor using scripting New processors
‣ performance bump in geoip processor ‣ per processor metrics
‣ index default pipeline: ‣ settings.index.default_pipeline: "my_pipeline" Others
‣ Aligning dissect filters in logstash/beats/ES ‣ https://github.com/elastic/dissect-specification ‣ UI
Future
Writing your own
‣ https://github.com/spinscale/cookiecutter-elasticsearch-ingest-processor ‣ https://github.com/spinscale/elasticsearch-ingest-langdetect ‣ https://github.com/spinscale/elasticsearch-ingest-opennlp Write your own ingest
plugin
Use-Cases
… ask all the things! Discussion