input {
  beats {
    port => 5044
  }
}

filter {
  grok {
    match => { "message" => "\[%{TIMESTAMP_ISO8601:observed_at}\] %{LOGLEVEL:level} %{GREEDYDATA:event_message}" }
    tag_on_failure => ["portfolio_parse_failure"]
  }
}

output {
  elasticsearch {
    hosts => ["http://elasticsearch:9200"]
    user => "elastic"
    password => "elastic"
    index => "portfolio-logs-%{+YYYY.MM.dd}"
  }
  stdout {
    codec => rubydebug
  }
}