# Input section
input {
  http {
    id => "tpot"
    host => "0.0.0.0"
    port => "64305"
    ecs_compatibility => disabled
  }
}

# Output section
output {
  elasticsearch {
    hosts => ["elasticsearch:9200"]
    # With templates now being legacy we need to set the daily index with its template manually. Otherwise a new index might be created with differents settings configured through Kibana.
    index => "logstash-%{+YYYY.MM.dd}"
    template => "/etc/logstash/tpot-template.json"
    template_overwrite => "true"
  }
  # Syslog Output Example
  # syslog {
  #   host => "192.168.1.1"
  #   port => 514
  #   protocol => tcp
  #   appname => "logstash-logs"
  #   severity => "6"
  # }
}