Elasticsearch Ingest Processors

Alexander Reelsen

October 30, 2018

260

Elasticsearch Ingest Processors

A BoF session held at the elastic on tour event in Frankfurt in October 2018.

Alexander Reelsen

October 30, 2018

Tweet

More Decks by Alexander Reelsen

See All by Alexander Reelsen

Elasticsearch: From Keyword Search To Data Science

0

190

Evolving Search at an ecommerce marketplace

0

230

The new generation of data stores

0

290

Search Evolution - Keeping up with the hype?

0

410

Mirror mirror... what am I typing next?

0

510

The New Generation of Data Stores

0

270

Elasticsearch: Distributed Search Under the Hood

0

170

Working distributed - but how?

0

230

Implementing a custom aws lambda runtime using Crystal

0

860

Other Decks in Technology

See All in Technology

M&A 後の統合をどう進めるか ─ ナレッジワーク × Poetics が実践した組織とシステムの融合

PRO

1

280

All About Sansan – for New Global Engineers

PRO

1

1.3k

外部キー制約の知っておいて欲しいこと - RDBMSを正しく使うために必要なこと / FOREIGN KEY Night

PRO

1

170

Tebiki Engineering Team Deck

0

23k

ブロックテーマでサイトをリニューアルした話 / 2026-01-31 Kansai WordPress Meetup

0

350

AI推進者の視点で見る、Bill OneのAI活用の今

PRO

2

310

SREじゃなかった僕らがenablingを通じて「SRE実践者」になるまでのリアル / SRE Kaigi 2026

6

1.6k

ゼロから始めたFindy初のモバイルアプリ開発

2

630

みんなだいすきALB、NLBの仕組みから最新機能まで総おさらい / Mastering ALB & NLB: Internal Mechanics and Latest Innovations

0

200

Introduction to Sansan, inc / Sansan Global Development Center, Inc.

PRO

0

2.9k

Kubecon NA 2025: DRA 関連の Recap と社内 GPU 基盤での課題

0

110

セキュリティについて学ぶ会 / 2026 01 25 Takamatsu WordPress Meetup

1

260

Featured

See All Featured

455

43k

Self-Hosted WebAssembly Runtime for Runtime-Neutral Checkpoint/Restore in Edge–Cloud Continuum

0

310

GraphQLの誤解/rethinking-graphql

74

11k

Digital Projects Gone Horribly Wrong (And the UX Pros Who Still Save the Day) - Dean Schuster

0

250

Agile that works and the tools we love

331

21k

WENDY [Excerpt]

9

36k

Designing for Performance

610

70k

Getting science done with accelerated Python computing platforms

1

110

Heart Work Chapter 1 - Part 1

PRO

5

35k

A brief & incomplete history of  UX Design for the World Wide Web: 1989–2019

1

290

Efficient Content Optimization with Google Search Console & Apps Script

PRO

0

310

The B2B funnel & how to create a winning content strategy

PRO

0

270

Transcript

Alexander Reelsen [email protected] @spinscale Elasticsearch Ingest Processors Luca Wintergerst [email protected]
@LucaWintergerst
‣ Update ‣ Writing your own processors ‣ Use-Cases ‣
Discussion Agenda
Update
‣ bytes (convert to human readable bytes) ‣ dissect (grok
without regexes, much faster) ‣ pipeline processor, referring to other pipelines New processors
‣ - drop processor to fully drop an event ‣
"drop" : { "if": "ctx.foo == 'bar'" } ‣ - scripting can invoke other processors ‣ "ctx.target_field = Processors.bytes(ctx.source_field)" ‣ if in every processor using scripting New processors
‣ performance bump in geoip processor ‣ per processor metrics
‣ index default pipeline: ‣ settings.index.default_pipeline: "my_pipeline" Others
‣ Aligning dissect filters in logstash/beats/ES ‣ https://github.com/elastic/dissect-specification ‣ UI
Future
Writing your own
‣ https://github.com/spinscale/cookiecutter-elasticsearch-ingest-processor ‣ https://github.com/spinscale/elasticsearch-ingest-langdetect ‣ https://github.com/spinscale/elasticsearch-ingest-opennlp Write your own ingest
plugin
Use-Cases
… ask all the things! Discussion