So what does output { stdout { codec => rubydebug } } produce, and what don't you like about it?
My guess is you will end up wanting something like
ruby {
code => '
event.get("[Request][Headers]").each { |a|
name = a["Name"]
value = a["Value"]
event.set( "[Request][HeadersFlattened]#{name}", value)
}
'
}
Which will get you this if your event is a single JSON object from that array.
"HeadersFlattened" => {
"accept" => "application/json",
"content-type" => "multipart/form-data; boundary=----WebKitFormBoundaryBnMGtRJgyfhSDZt3",
"cookie" => "GREEDY",
"origin" => "https://www.example.net",
"user-agent" => "Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36",
"cache-control" => "no-cache",
"x-requested-with" => "XMLHttpRequest",
"Host" => "www.example.net",
"referer" => "https://www.example.net/bla.aspx",
"Content-Length" => "226245",
"accept-encoding" => "gzip, deflate, br",
"accept-language" => "es-ES,es;q=0.8",
"x-ajax" => "example"
},