input {
	beats {
		port => 5044
	}

	tcp {
		port => 5000
	}
	udp {
    	port => 10514
		codec => "json_lines"
		type => "rsyslog"
	}
}

# filter {
#     json {
#         source => "message"
#         skip_on_invalid_json => true
#     }
# }

output {
	elasticsearch {
		index => "rsyslog-%{+YYYY.MM.dd}"
		hosts=> "${ELASTIC_HOSTS}"
		user=> "${ELASTIC_USER}"
		password=> "${ELASTIC_PASSWORD}"
		cacert=> "certs/ca/ca.crt"
	}
    # file {

    #     path => "/var/logstash/logs/%{facility}-%{+YYYY-MM-dd}.log"
    #     codec => line { format => "custom format: %{message}"}
    # }
}