input {
  stdin { }
}

filter {
  grok {
    match => {
      "message" => '%{IP:client_ip} - - \[%{HTTPDATE:timestamp}\] "%{WORD:http_method} %{URIPATH:request_path}" %{NUMBER:http_status_code} %{NUMBER:response_size}'
    }
    # Optional: add a tag to the event for easier identification
    add_tag => ["parsed_log"]
  }

  # Optionally, convert the timestamp to the Logstash @timestamp
  date {
    match => [ "timestamp", "dd/MMM/yyyy:HH:mm:ss Z" ]
    target => "@timestamp"
  }
}

output {
  elasticsearch {
    hosts => ["http://es01:9200"]
    index => "logstash-%{+YYYY.MM.dd}"
  }
}