- Packetbeat Reference: other versions:
- Overview
- Getting Started With Packetbeat
- Upgrading Packetbeat
- Configuring Packetbeat
- Configuration Options (Reference)
- Network Device Configuration
- Flows Configuration
- Transaction Protocols Configuration
- Monitored Processes Configuration
- General Configuration
- Elasticsearch Output Configuration
- Logstash Output Configuration
- Kafka Output Configuration
- Redis Output Configuration
- File Output Configuration
- Console Output Configuration
- SSL Configuration
- Paths Configuration
- Logging Configuration
- Run Options Configuration
- Processors
- Filtering and Enhancing the Exported Data
- Configuring Packetbeat to Use Ingest Node
- Exporting GeoIP Information
- Configuring Packetbeat to Use Logstash
- Using Environment Variables in the Configuration
- Setting Traffic Capturing Options
- Configuring Thrift-RPC Support
- Maintaining the Real-Time State of the Network Topology
- YAML Tips and Gotchas
- Configuration Options (Reference)
- Exported Fields
- AMQP Fields
- Beat Fields
- Cassandra Fields
- Cloud Provider Metadata Fields
- Common Fields
- DNS Fields
- Flow Event Fields
- HTTP Fields
- ICMP Fields
- Memcache Fields
- MongoDb Fields
- MySQL Fields
- NFS Fields
- PostgreSQL Fields
- Raw Fields
- Redis Fields
- Thrift-RPC Fields
- Transaction Event Fields
- Measurements (Transactions) Fields
- Securing Packetbeat
- Visualizing Packetbeat Data in Kibana
- Troubleshooting
- Developer Guide: Adding a New Protocol
WARNING: Version 5.2 of Packetbeat has passed its EOL date.
This documentation is no longer being maintained and may be removed. If you are running this version, we strongly advise you to upgrade. For the latest information, see the current release documentation.
HTTP Fields
editHTTP Fields
editHTTP-specific event fields.
http Fields
editInformation about the HTTP request and response.
request Fields
editHTTP request
http.request.params
editThe query parameters or form values. The query parameters are available in the Request-URI and the form values are set in the HTTP body when the content-type is set to x-www-form-urlencoded.
http.request.headers
edittype: dict
A map containing the captured header fields from the request. Which headers to capture is configurable. If headers with the same header name are present in the message, they will be separated by commas.
http.request.body
edittype: text
The body of the HTTP request.
response Fields
editHTTP response
http.response.code
editexample: 404
The HTTP status code.
http.response.phrase
editexample: Not found.
The HTTP status phrase.
http.response.headers
edittype: dict
A map containing the captured header fields from the response. Which headers to capture is configurable. If headers with the same header name are present in the message, they will be separated by commas.
http.response.body
editThe body of the HTTP response.
On this page