Elasticsearch Ingest Processors

Alexander Reelsen

October 30, 2018

220

Elasticsearch Ingest Processors

A BoF session held at the elastic on tour event in Frankfurt in October 2018.

Alexander Reelsen

October 30, 2018

Tweet

More Decks by Alexander Reelsen

See All by Alexander Reelsen

Elasticsearch: From Keyword Search To Data Science

0

150

Evolving Search at an ecommerce marketplace

0

170

The new generation of data stores

0

250

Search Evolution - Keeping up with the hype?

0

380

Mirror mirror... what am I typing next?

0

470

The New Generation of Data Stores

0

240

Elasticsearch: Distributed Search Under the Hood

0

160

Working distributed - but how?

0

200

Implementing a custom aws lambda runtime using Crystal

0

750

Other Decks in Technology

See All in Technology

Yamla: Rustでつくるリアルタイム性を追求した機械学習基盤 / Yamla: A Rust-Based Machine Learning Platform Pursuing Real-Time Capabilities

4

220

Tech-Verse 2025 Keynote

0

1.7k

事業成長の裏側：エンジニア組織と開発生産性の進化 / 20250703 Rinto Ikenoue

2

18k

20250705 Headlamp: 專注可擴展性的 Kubernetes 用戶界面

0

200

マーケットプレイス版Oracle WebCenter Content For OCI

oracle4engineer

3

950

生まれ変わった AWS Security Hub (Preview) を紹介 #reInforce_osaka / reInforce New Security Hub

masahirokawahara

0

410

CI/CD/IaC 久々に0から環境を作ったらこうなりました

1

220

なぜ私はいま、ここにいるのか？ #もがく中堅デザイナー #プロダクトデザイナー

0

1.3k

Geminiとv0による高速プロトタイピング

0

230

敢えて生成AIを使わないマネジメント業務

1

250

SmartNewsにおける 1000+ノード規模 K8s基盤でのコスト最適化 – Spot・Gravitonの大規模導入への挑戦

0

120

Backlog ユーザー棚卸しRTA、多分これが一番早いと思います

__allllllllez__

1

130

Featured

See All Featured

The Power of CSS Pseudo Elements

77

5.8k

Easily Structure & Communicate Ideas using Wireframe

194

16k

Keith and Marios Guide to Fast Websites

411

22k

Fight the Zombie Pattern Library - RWD Summit 2016

233

17k

Creating an realtime collaboration tool: Agile Flush - .NET Oxford

30

2.1k

Producing Creativity

346

40k

For a Future-Friendly Web

179

9.8k

GitHub's CSS Performance

1031

460k

The MySQL Ecosystem @ GitHub 2015

251

13k

Principles of Awesome APIs and How to Build Them.

126

17k

Chrome DevTools: State of the Union 2024 - Debugging React & Beyond

7

730

How to train your dragon (web standard)

94

6.1k

Transcript

Alexander Reelsen [email protected] @spinscale Elasticsearch Ingest Processors Luca Wintergerst [email protected]
@LucaWintergerst
‣ Update ‣ Writing your own processors ‣ Use-Cases ‣
Discussion Agenda
Update
‣ bytes (convert to human readable bytes) ‣ dissect (grok
without regexes, much faster) ‣ pipeline processor, referring to other pipelines New processors
‣ - drop processor to fully drop an event ‣
"drop" : { "if": "ctx.foo == 'bar'" } ‣ - scripting can invoke other processors ‣ "ctx.target_field = Processors.bytes(ctx.source_field)" ‣ if in every processor using scripting New processors
‣ performance bump in geoip processor ‣ per processor metrics
‣ index default pipeline: ‣ settings.index.default_pipeline: "my_pipeline" Others
‣ Aligning dissect filters in logstash/beats/ES ‣ https://github.com/elastic/dissect-specification ‣ UI
Future
Writing your own
‣ https://github.com/spinscale/cookiecutter-elasticsearch-ingest-processor ‣ https://github.com/spinscale/elasticsearch-ingest-langdetect ‣ https://github.com/spinscale/elasticsearch-ingest-opennlp Write your own ingest
plugin
Use-Cases
… ask all the things! Discussion