input {
  file {
    path => "/data/apache_logs*"
    mode => "read"
  }
}

filter {
  grok {
      match => { "message" => "%{COMBINEDAPACHELOG}" }
      remove_field => [ "message" ]
  }
  date {
    match => [ "timestamp" , "dd/MMM/yyyy:HH:mm:ss Z" ]
  }
}

output {
  elasticsearch {
    hosts => ["elasticsearch:9200"]
    index => "apache-%{+YYYY.MM.dd}"
  }
}