here are multiple "hackish" ways to do it:
scan kernel logs, as mentioned by Jiri (but you have to do it right after starting the container, otherwise it gets messy);
check the interface counters (sent/received packets/bytes) in the container, then compare with the interfaces in the host, and find the pair that matches exactly (but with sent and receive directions flipped);
use an iptables LOG rule.
The last option is, IMHO, the more reliable one (and the easiest to use), but it's still very hackish. The idea is very simple:
Add an iptables rule to log e.g. ICMP traffic arriving on the Docker bridge:
sudo iptables -I INPUT -i docker0 -p icmp -j LOG
Send a ping to the container you want to identify:
IPADDR=$(docker inspect -f='{{.NetworkSettings.IPAddress}}' d6ed83a8e282)
ping -c 1 $IPADDR
Check kernel logs:
dmesg | grep $IPADDR
You will see a line looking like this:
[…] IN=docker0 OUT= PHYSIN=vethv94jPK MAC=fe:2c:7f:2c:ab:3f:42:83:95:74:0b:8f:08:00 SRC=172.17.0.79 …
If you want to be fancy, just extract PHYSIN=… with awk or sed.
Remove the iptables logging rule (unless you want to leave it there because you will regularly ping containers to identify them).
iptables -I INPUT -i docker0 -p tcp --dport 9200 -j ACCEPT