Elasticsearch Ingest Processors

A BoF session held at the elastic on tour event in Frankfurt in October 2018.

Alexander Reelsen

October 30, 2018

More Decks by Alexander Reelsen

See All by Alexander Reelsen

Understanding Apache Lucene - More than just full-text search

0

160

Elasticsearch: From Keyword Search To Data Science

0

210

Evolving Search at an ecommerce marketplace

0

250

The new generation of data stores

0

310

Search Evolution - Keeping up with the hype?

0

420

Mirror mirror... what am I typing next?

0

520

The New Generation of Data Stores

0

290

Elasticsearch: Distributed Search Under the Hood

0

180

Working distributed - but how?

0

250

Other Decks in Technology

See All in Technology

マルチプロダクトの信頼性を効率良く保っていくために

PRO

0

160

[OpsJAWS 40]リリースしたら終わり、じゃなかった。セキュリティ空白期間をAWS Security Agentで埋める

3

240

AI時代に増えるデータ活用先

0

230

基盤を育てる外部SaaS連携の運用

gamonges_dresscode

1

120

国内外の生成AIセキュリティの最新動向 & AIガードレール製品「chakoshi」のご紹介 / Latest Trends in Generative AI Security (Domestic & International) & Introduction to AI Guardrail Product "chakoshi"

2

360

自分のハンドルは自分で握れ！ ― 自分のケイパビリティを増やし、メンバーのケイパビリティ獲得を支援する ― / Take the wheel yourself

1

900

EarthCopilotに学ぶマルチエージェントオーケストレーション

0

290

Revisiting [CLS] and Patch Token Interaction in Vision Transformers

0

360

AzureのIaC管理からログ調査まで、随所に役立つSkillsとCustom-Instructions / Boosting IaC and Log Analysis with Skills

0

230

[最強DB講義]推薦システム | 基礎編

PRO

1

170

Do Vibe Coding ao LLM em Produção para Busca Agêntica - TDC 2026 - Summit IA - São Paulo

3

110

Eight Engineering Unit 紹介資料

PRO

3

7.3k

Featured

See All Featured

The Organizational Zoo: Understanding Human Behavior Agility Through Metaphoric Constructive Conversations (based on the works of Arthur Shelley, Ph.D)

PRO

0

310

Being A Developer After 40

91

590k

186

16k

HU Berlin: Industrial-Strength Natural Language Processing with spaCy and Prodigy

PRO

0

320

Code Reviewing Like a Champion

528

40k

The Curse of the Amulet

1

11k

技術選定の審美眼（2025年版） / Understanding the Spiral of Technologies 2025 edition

PRO

118

110k

Dealing with People You Can't Stand - Big Design 2015

367

27k

The SEO identity crisis: Don't let AI make you average

0

440

How to Align SEO within the Product Triangle To Get  Buy-In & Support - #RIMC

1

1.5k

How to train your dragon (web standard)

97

6.6k

Practical Orchestrator

191

11k

Transcript

Alexander Reelsen [email protected] @spinscale Elasticsearch Ingest Processors Luca Wintergerst [email protected]
@LucaWintergerst
‣ Update ‣ Writing your own processors ‣ Use-Cases ‣
Discussion Agenda
Update
‣ bytes (convert to human readable bytes) ‣ dissect (grok
without regexes, much faster) ‣ pipeline processor, referring to other pipelines New processors
‣ - drop processor to fully drop an event ‣
"drop" : { "if": "ctx.foo == 'bar'" } ‣ - scripting can invoke other processors ‣ "ctx.target_field = Processors.bytes(ctx.source_field)" ‣ if in every processor using scripting New processors
‣ performance bump in geoip processor ‣ per processor metrics
‣ index default pipeline: ‣ settings.index.default_pipeline: "my_pipeline" Others
‣ Aligning dissect filters in logstash/beats/ES ‣ https://github.com/elastic/dissect-specification ‣ UI
Future
Writing your own
‣ https://github.com/spinscale/cookiecutter-elasticsearch-ingest-processor ‣ https://github.com/spinscale/elasticsearch-ingest-langdetect ‣ https://github.com/spinscale/elasticsearch-ingest-opennlp Write your own ingest
plugin
Use-Cases
… ask all the things! Discussion