Elasticsearch Ingest Processors

Alexander Reelsen

October 30, 2018

260

Elasticsearch Ingest Processors

A BoF session held at the elastic on tour event in Frankfurt in October 2018.

Alexander Reelsen

October 30, 2018

Tweet

More Decks by Alexander Reelsen

See All by Alexander Reelsen

Elasticsearch: From Keyword Search To Data Science

0

200

Evolving Search at an ecommerce marketplace

0

240

The new generation of data stores

0

290

Search Evolution - Keeping up with the hype?

0

420

Mirror mirror... what am I typing next?

0

510

The New Generation of Data Stores

0

270

Elasticsearch: Distributed Search Under the Hood

0

180

Working distributed - but how?

0

240

Implementing a custom aws lambda runtime using Crystal

0

860

Other Decks in Technology

See All in Technology

ファイルシステムの不整合

PRO

2

110

「技術的にできません」を越えて価値を生み出せ──研究開発チームをPMが率いて生み出した価値創出

1

230

新規事業開発でのAWS活用

1

190

Azure Copilot Migration Agent / #jazug

1

240

あすけん_Developers_Summit_2026_-_Vibe_Coding起点での新機能開発で__あすけん_が乗り越えた壁.pdf

0

350

今こそ学びたいKubernetesネットワーク～CNIが繋ぐNWとプラットフォームの「フラッと」な対話

9

790

20260222ねこIoTLT　ねこIoTLTをふりかえる

0

160

Oracle Cloud Infrastructureデータベース・クラウド：各バージョンのサポート期間

oracle4engineer

PRO

57

47k

チーム開発の基礎_研究を事業につなげるために

cyberagentdevelopers

PRO

8

4k

StrandsAgentsで構築したAIエージェントにMCP Apps機能を追加してみた

0

130

生成AIの研究活用_AILab2025研修

cyberagentdevelopers

PRO

11

5.7k

AWS Transformを使ってCOBOLプログラムのモダナイズに挑戦

1

100

Featured

See All Featured

Crafting Experiences

1

63

AI Search: Where Are We & What Can We Do About It?

0

7k

The Illustrated Guide to Node.js - THAT Conference 2024

1

270

The Spectacular Lies of Maps

PRO

1

560

The Power of CSS Pseudo Elements

80

6.2k

ピンチをチャンスに：未来をつくるプロダクトロードマップ #pmconf2020

128

55k

The Myth of the Modular Monolith - Day 2 Keynote - Rails World 2024

26

3.4k

Creating an realtime collaboration tool: Agile Flush - .NET Oxford

35

2.4k

YesSQL, Process and Tooling at Scale

174

15k

Information Architects: The Missing Link in Design Systems

0

800

Collaborative Software Design: How to facilitate domain modelling decisions

0

150

How to Align SEO within the Product Triangle To Get  Buy-In & Support - #RIMC

1

1.4k

Transcript

Alexander Reelsen [email protected] @spinscale Elasticsearch Ingest Processors Luca Wintergerst [email protected]
@LucaWintergerst
‣ Update ‣ Writing your own processors ‣ Use-Cases ‣
Discussion Agenda
Update
‣ bytes (convert to human readable bytes) ‣ dissect (grok
without regexes, much faster) ‣ pipeline processor, referring to other pipelines New processors
‣ - drop processor to fully drop an event ‣
"drop" : { "if": "ctx.foo == 'bar'" } ‣ - scripting can invoke other processors ‣ "ctx.target_field = Processors.bytes(ctx.source_field)" ‣ if in every processor using scripting New processors
‣ performance bump in geoip processor ‣ per processor metrics
‣ index default pipeline: ‣ settings.index.default_pipeline: "my_pipeline" Others
‣ Aligning dissect filters in logstash/beats/ES ‣ https://github.com/elastic/dissect-specification ‣ UI
Future
Writing your own
‣ https://github.com/spinscale/cookiecutter-elasticsearch-ingest-processor ‣ https://github.com/spinscale/elasticsearch-ingest-langdetect ‣ https://github.com/spinscale/elasticsearch-ingest-opennlp Write your own ingest
plugin
Use-Cases
… ask all the things! Discussion