input {
  file {
    path => "/access.log"
#    start_position => "beginning"
    mode => "tail"
    file_completed_action => "log"
    file_completed_log_path => "/dev/null"
  }
}

filter {
  if [path] =~ "access" {
    mutate { replace => { "type" => "apache_access" } }
    grok {
      match => { "message" => "%{COMBINEDAPACHELOG}" }
    }
  }
  date {
    match => [ "timestamp" , "dd/MMM/yyyy:HH:mm:ss Z" ]
  }
}

output {
  elasticsearch {
    hosts => ["elasticsearch:9200"]
    index => "nginx"
    document_type => "access_log"
  }
#  stdout { codec => rubydebug }
}