Hi when sending info to elasticsearch I can't see the headers for the http protocol, Im using packet beats beta 2. I started with -d "httpdetailed" and I see the headers, but can't see them in elasticsearch
I've configured de packetbeat.yml like this:
protocols: http: # Configure the ports where to listen for HTTP traffic. You can disable # the http protocol by commenting the list of ports. ports: [80, 8080, 8000, 5000, 8002, 5601] # Uncomment the following to hide certain parameters in URL or forms attached # to HTTP requests. The names of the parameters are case insensitive. # The value of the parameters will be replaced with the 'xxxxx' string. # This is generally useful for avoiding storing user passwords or other # sensitive information. # Only query parameters and top level form parameters are replaced. # hide_keywords: ['pass', 'password', 'passwd'] send_response: true send_all_headers: true send_headers: ["User-Agent", "Cookie", "Set-Cookie"] split_coookie: true real_ip_header: "X-Forwarded-For"