Elasticsearch Ingest Processors

Alexander Reelsen

October 30, 2018

250

Elasticsearch Ingest Processors

A BoF session held at the elastic on tour event in Frankfurt in October 2018.

Alexander Reelsen

October 30, 2018

Tweet

More Decks by Alexander Reelsen

See All by Alexander Reelsen

Elasticsearch: From Keyword Search To Data Science

0

190

Evolving Search at an ecommerce marketplace

0

230

The new generation of data stores

0

280

Search Evolution - Keeping up with the hype?

0

400

Mirror mirror... what am I typing next?

0

490

The New Generation of Data Stores

0

260

Elasticsearch: Distributed Search Under the Hood

0

170

Working distributed - but how?

0

230

Implementing a custom aws lambda runtime using Crystal

0

850

Other Decks in Technology

See All in Technology

CARTAのAI CoE が挑む「事業を進化させる AI エンジニアリング」 / carta ai coe evolution business ai engineering

carta_engineering

0

2k

MySQLとPostgreSQLのコレーション / Collation of MySQL and PostgreSQL

1

1k

シニアソフトウェアエンジニアになるためには

PRO

3

190

AI時代のワークフロー設計〜Durable Functions / Step Functions / Strands Agents を添えて〜

3

920

初めてのDatabricks AI/BI Genie

0

210

ActiveJobUpdates

1

140

Oracle Cloud Infrastructure IaaS 新機能アップデート 2025/09 - 2025/11

oracle4engineer

PRO

0

170

Haskell を武器にして挑む競技プログラミング ─ 操作的思考から意味モデル思考へ

7

1.6k

寫了幾年 Code，然後呢？軟體工程師必須重新認識的 DevOps

1

1.5k

mairuでつくるクレデンシャルレス開発環境 / Credential-less development environment using Mailru

5

550

子育てで想像してなかった「見えないダメージ」 / Unforeseen "hidden burdens" of raising children.

2

300

AlmaLinux + KVM + Cockpit で始めるお手軽仮想化基盤～開発環境などでの利用を想定して～

0

120

Featured

See All Featured

How to audit for AI Accessibility on your Front & Back End

0

120

Are puppies a ranking factor?

0

2.3k

A Tale of Four Properties

162

23k

Refactoring Trust on Your Teams (GOTO; Chicago 2020)

35

3.3k

How to Think Like a Performance Engineer

28

2.4k

Testing 201, or: Great Expectations

46

7.8k

Jess Joyce - The Pitfalls of Following Frameworks

PRO

1

20

ReactJS: Keep Simple. Everything can be a component!

666

130k

Design and Strategy: How to Deal with People Who Don’t "Get" Design

132

19k

More Than Pixels: Becoming A User Experience Designer

2

250

Sam Torres - BigQuery for SEOs

PRO

0

130

CSS Pre-Processors: Stylus, Less & Sass

359

30k

Transcript

Alexander Reelsen [email protected] @spinscale Elasticsearch Ingest Processors Luca Wintergerst [email protected]
@LucaWintergerst
‣ Update ‣ Writing your own processors ‣ Use-Cases ‣
Discussion Agenda
Update
‣ bytes (convert to human readable bytes) ‣ dissect (grok
without regexes, much faster) ‣ pipeline processor, referring to other pipelines New processors
‣ - drop processor to fully drop an event ‣
"drop" : { "if": "ctx.foo == 'bar'" } ‣ - scripting can invoke other processors ‣ "ctx.target_field = Processors.bytes(ctx.source_field)" ‣ if in every processor using scripting New processors
‣ performance bump in geoip processor ‣ per processor metrics
‣ index default pipeline: ‣ settings.index.default_pipeline: "my_pipeline" Others
‣ Aligning dissect filters in logstash/beats/ES ‣ https://github.com/elastic/dissect-specification ‣ UI
Future
Writing your own
‣ https://github.com/spinscale/cookiecutter-elasticsearch-ingest-processor ‣ https://github.com/spinscale/elasticsearch-ingest-langdetect ‣ https://github.com/spinscale/elasticsearch-ingest-opennlp Write your own ingest
plugin
Use-Cases
… ask all the things! Discussion