Need Clarification on incoming request's to ES

Through packet beats I am monitoring 9200 port and giving to ES. I am seeing so many unexpected incoming events to ES. In my elastic search setup I am using kibana, Sense & elastic head. I want to know which application is sending this queries and why???

Some of Most repeated requests are here:

"ip": "172.16.22.14", "method": "HEAD", "params": "", "path": "/", "port": 9200, "proc": "", "query": "HEAD /", "responsetime": 0, "server": "", "status": "OK", "type": "http"

"ip": "172.16.22.14", "method": "POST", "params": "", "path": "/_bulk", "port": 9200, "proc": "", "query": "POST /_bulk", "responsetime": 19, "server": "", "status": "OK", "type": "http"

Packetbeat is send data to Elasticsearch as bulk requests over HTTP, so I suspect that is what all the _bulk requests is from. As Packetbeat is monitoring its own traffic, you have created a feedback loop that will continuously generate results. When I built a similar test to look at Kibana traffic, I introduces a small client node on the same host that only listened to localhost, to which Packetbeat alone would send data.