What are ingest pipelines in Elasticsearch?
Answer
Ingest pipelines allow you to pre-process documents before they are indexed, without needing Logstash for simple transformations. A pipeline is a sequence of processors that transform the document. Common built-in processors include: set (add/overwrite a field), remove (delete a field), rename (rename a field), grok (parse unstructured text with regex patterns), date (parse a date string into a date field), convert (change field type), and script (run a Painless script). Specify the pipeline during indexing with the ?pipeline=my-pipeline query parameter. Pipelines are ideal for log enrichment, IP geolocation, and data normalization.
Previous
What are update_by_query and delete_by_query in Elasticsearch?
Next
What are geo queries in Elasticsearch?
More Elasticsearch Questions
View all →- Intermediate What is the difference between query context and filter context in Elasticsearch?
- Intermediate What is a bool query in Elasticsearch?
- Intermediate What are aggregations in Elasticsearch?
- Intermediate What is the difference between text and keyword field types?
- Intermediate What are index templates and component templates in Elasticsearch?