Elasticsearch Ingest Processors

Alexander Reelsen

October 30, 2018

250

Elasticsearch Ingest Processors

A BoF session held at the elastic on tour event in Frankfurt in October 2018.

Alexander Reelsen

October 30, 2018

Tweet

More Decks by Alexander Reelsen

See All by Alexander Reelsen

Elasticsearch: From Keyword Search To Data Science

0

190

Evolving Search at an ecommerce marketplace

0

230

The new generation of data stores

0

280

Search Evolution - Keeping up with the hype?

0

400

Mirror mirror... what am I typing next?

0

500

The New Generation of Data Stores

0

260

Elasticsearch: Distributed Search Under the Hood

0

170

Working distributed - but how?

0

230

Implementing a custom aws lambda runtime using Crystal

0

850

Other Decks in Technology

See All in Technology

スクラムマスターが スクラムチームに入って取り組む5つのこと - スクラムガイドには書いてないけど入った当初から取り組んでおきたい大切なこと -

0

1.1k

善意の活動は、なぜ続かなくなるのかーふりかえりが"構造を変える判断"になった半年間ー

0

210

Eight Engineering Unit 紹介資料

PRO

0

6.1k

Data Hubグループ紹介資料

PRO

0

2.5k

Qiita Bash アドカレ LT #1

0

150

Sansan Engineering Unit 紹介資料

PRO

1

3.6k

スクラムを一度諦めたチームにアジャイルコーチが入ってどう変化したか

0

140

研究開発部メンバーの働き⽅ / Sansan R&D Profile

PRO

4

21k

ECS_EKS以外の選択肢_ROSA入門_.pdf

1

120

プロンプトエンジニアリングを超えて：自由と統制のあいだでつくる Platform × Context Engineering

0

140

Oracle Database@Google Cloud：サービス概要のご紹介

oracle4engineer

PRO

1

820

1

330

Featured

See All Featured

Put a Button on it: Removing Barriers to Going Fast.

60

4.1k

Claude Code どこまでも/ Claude Code Everywhere

61

51k

Design and Strategy: How to Deal with People Who Don’t "Get" Design

132

19k

B2B Lead Gen: Tactics, Traps & Triumph

0

37

CSS Pre-Processors: Stylus, Less & Sass

359

30k

How to Get Subject Matter Experts Bought In and Actively Contributing to SEO & PR Initiatives.

0

38

Building Adaptive Systems

44

2.9k

Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything

31

2.6k

Leadership Guide Workshop - DevTernity 2021

1

180

The Art of Programming - Codeland 2020

56

14k

Fight the Zombie Pattern Library - RWD Summit 2016

234

17k

Save Time (by Creating Custom Rails Generators)

PRO

32

1.9k

Transcript

Alexander Reelsen [email protected] @spinscale Elasticsearch Ingest Processors Luca Wintergerst [email protected]
@LucaWintergerst
‣ Update ‣ Writing your own processors ‣ Use-Cases ‣
Discussion Agenda
Update
‣ bytes (convert to human readable bytes) ‣ dissect (grok
without regexes, much faster) ‣ pipeline processor, referring to other pipelines New processors
‣ - drop processor to fully drop an event ‣
"drop" : { "if": "ctx.foo == 'bar'" } ‣ - scripting can invoke other processors ‣ "ctx.target_field = Processors.bytes(ctx.source_field)" ‣ if in every processor using scripting New processors
‣ performance bump in geoip processor ‣ per processor metrics
‣ index default pipeline: ‣ settings.index.default_pipeline: "my_pipeline" Others
‣ Aligning dissect filters in logstash/beats/ES ‣ https://github.com/elastic/dissect-specification ‣ UI
Future
Writing your own
‣ https://github.com/spinscale/cookiecutter-elasticsearch-ingest-processor ‣ https://github.com/spinscale/elasticsearch-ingest-langdetect ‣ https://github.com/spinscale/elasticsearch-ingest-opennlp Write your own ingest
plugin
Use-Cases
… ask all the things! Discussion