input {
  file {
    path => "/data/fulfilment-processor.log"
  }
}

filter {
  grok {
      match => { "message" => "%{DATE:date} %{TIME:time} %{ISO8601_TIMEZONE:tz} \[%{WORD:lvl}\] %{GREEDYDATA:entry}" }
      add_field => {
        "log_timestamp" => "%{date} %{time} %{tz}"
        "source" => "fulfilment_processor"
      }
      remove_field => [ "message", "date", "time", "tz" ]
  }

  date {
    match => [ "log_timestamp" , "yy-MM-dd HH:mm:ss.SSS ZZ" ]
    remove_field => [ "log_timestamp" ]
  }

  translate {    
    field => "[lvl]"
    destination => "[level]"
    dictionary => {
      "VRB" => "TRACE"
      "DBG" => "DEBUG"
      "INF" => "INFO"
      "WRN" => "WARN"
      "ERR" => "ERROR"
      "FTL" => "FATAL"
    }
    remove_field => [ "lvl" ]
  }
}

output {
  elasticsearch {
    hosts => ["elasticsearch:9200"]
    index => "fulfilment-log"
  }
}