Elasticsearch Ingest Processors

Alexander Reelsen

October 30, 2018

240

Elasticsearch Ingest Processors

A BoF session held at the elastic on tour event in Frankfurt in October 2018.

Alexander Reelsen

October 30, 2018

Tweet

More Decks by Alexander Reelsen

See All by Alexander Reelsen

Elasticsearch: From Keyword Search To Data Science

0

190

Evolving Search at an ecommerce marketplace

0

220

The new generation of data stores

0

270

Search Evolution - Keeping up with the hype?

0

400

Mirror mirror... what am I typing next?

0

490

The New Generation of Data Stores

0

260

Elasticsearch: Distributed Search Under the Hood

0

170

Working distributed - but how?

0

220

Implementing a custom aws lambda runtime using Crystal

0

800

Other Decks in Technology

See All in Technology

AI開発の定着を推進するために揃えるべき前提

1

440

Introduction to Bill One Development Engineer

PRO

0

320

ローカルLLM基礎知識 / local LLM basics 2025

25

11k

mablでリグレッションテストをデイリー実行するまで #mablExperience

0

440

PostgreSQL で列データ”ファイル”を利用する　～Arrow/Parquet を統合したデータベースの作成～

0

180

事業状況で変化する最適解。進化し続ける開発組織とアーキテクチャ

1

8.9k

Excelデータ分析で学ぶディメンショナルモデリング～アジャイルデータモデリングへ向けて～ by @Kazaneya_PR / 20251126

PRO

3

680

名刺メーカーDevグループ紹介資料

PRO

0

970

【ASW21-02】STAMP/CAST分析における生成AIの支援～羽田空港航空機衝突事故を題材として（Support of Generative AI in STAMP/CAST Analysis - A Case Study Based on the Haneda Airport Aircraft Accident -）

1

340

履歴テーブル、今回はこう作りました〜 Delegated Types編〜 / How We Built Our History Table This Time — With Delegated Types

12

7.4k

巨大モノリスのリプレイス──機能整理とハイブリッドアーキテクチャで挑んだ再構築戦略

PRO

0

400

都市スケールAR制作で気をつけること

0

210

Featured

See All Featured

What’s in a name? Adding method to the madness

productmarketing

PRO

24

3.8k

Making Projects Easy

120

6.5k

ピンチをチャンスに：未来をつくるプロダクトロードマップ #pmconf2020

127

54k

Build your cross-platform service in a week with App Engine

234

18k

How GitHub (no longer) Works

316

140k

The Straight Up "How To Draw Better" Workshop

239

140k

StorybookのUI Testing Handbookを読んだ

31

6.4k

It's Worth the Effort

187

29k

The Pragmatic Product Professional

36

7k

"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)

231

22k

Fantastic passwords and where to find them - at NoRuKo

52

3.5k

Easily Structure & Communicate Ideas using Wireframe

194

17k

Transcript

Alexander Reelsen [email protected] @spinscale Elasticsearch Ingest Processors Luca Wintergerst [email protected]
@LucaWintergerst
‣ Update ‣ Writing your own processors ‣ Use-Cases ‣
Discussion Agenda
Update
‣ bytes (convert to human readable bytes) ‣ dissect (grok
without regexes, much faster) ‣ pipeline processor, referring to other pipelines New processors
‣ - drop processor to fully drop an event ‣
"drop" : { "if": "ctx.foo == 'bar'" } ‣ - scripting can invoke other processors ‣ "ctx.target_field = Processors.bytes(ctx.source_field)" ‣ if in every processor using scripting New processors
‣ performance bump in geoip processor ‣ per processor metrics
‣ index default pipeline: ‣ settings.index.default_pipeline: "my_pipeline" Others
‣ Aligning dissect filters in logstash/beats/ES ‣ https://github.com/elastic/dissect-specification ‣ UI
Future
Writing your own
‣ https://github.com/spinscale/cookiecutter-elasticsearch-ingest-processor ‣ https://github.com/spinscale/elasticsearch-ingest-langdetect ‣ https://github.com/spinscale/elasticsearch-ingest-opennlp Write your own ingest
plugin
Use-Cases
… ask all the things! Discussion