Hi when sending info to elasticsearch I can't see the headers for the http protocol, Im using packet beats beta 2. I started with -d "httpdetailed" and I see the headers, but can't see them in elasticsearch
I've configured de packetbeat.yml like this:
protocols:
http:
# Configure the ports where to listen for HTTP traffic. You can disable
# the http protocol by commenting the list of ports.
ports: [80, 8080, 8000, 5000, 8002, 5601]
# Uncomment the following to hide certain parameters in URL or forms attached
# to HTTP requests. The names of the parameters are case insensitive.
# The value of the parameters will be replaced with the 'xxxxx' string.
# This is generally useful for avoiding storing user passwords or other
# sensitive information.
# Only query parameters and top level form parameters are replaced.
# hide_keywords: ['pass', 'password', 'passwd']
send_response: true
send_all_headers: true
send_headers: ["User-Agent", "Cookie", "Set-Cookie"]
split_coookie: true
real_ip_header: "X-Forwarded-For"
send_all_headers