Http header data extract

Hi everyone, I am new to ELK and have started with Logstash already. One of my Task it to use http as an Input and extract the Header data out of it and send it to Elasticsearch and then to Kibana in later stage. Here is my Output:

{
          "host" => "0:0:0:0:0:0:0:1",
      "@version" => "1",
       "message" => "hi its me",
    "@timestamp" => 2019-06-11T14:14:14.923Z,
       "headers" => {
            "http_accept" => "*/*",
          "cache_control" => "no-cache",
           "http_version" => "HTTP/1.1",
           "request_path" => "/",
         "content_length" => "9",
          "postman_token" => "9c29159c-ec34-448c-a038-673cce84e783",
              "http_host" => "localhost:8080",
         "request_method" => "GET",
        "http_user_agent" => "PostmanRuntime/7.13.0",
             "connection" => "keep-alive",
                   "user" => "muntazir",
           "content_type" => "text/plain",
        "accept_encoding" => "gzip, deflate"
    }
}

Can you please guide, how can i extract Information from the Header section like "http_host", "request_method", "user", "host" etc? What should I use, any filter or there any other ways?
Best regards,

Is that the output from

output { stdout { codec => rubydebug } }

If so, you can index it as-is and refer to fields like headers.http_host in kibana. If not, what produced that text?

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.