New to Elasticsearch. How can we get the "host" field, as seen below in the sample from Wireshark, so we can view the data in Kibana?
Hypertext Transfer Protocol
GET /some/url
Host: www.someservername.com\r\n
<Host: www.someservername.com\r\n>
Connection: Keep-Alive\r\n
<Connection: Keep-Alive\r\n>
Accept-Encoding: gzip\r\n
<Accept-Encoding: gzip\r\n>
[HTTP request 1/1]
[Response in frame: 162]
I guess you're meaning the Host header field? Have you tried to enable send_all_headers in the HTTP plugin?
That was it! Thanks!
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.
© 2020. All Rights Reserved - Elasticsearch
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant logo are trademarks of the Apache Software Foundation in the United States and/or other countries.