input {
  # Read all documents from Elasticsearch matching the given query
  # Stefan: I got tired of searching for how to add that so I created a local apache2 instance with mod_proxy sending all request to elastic and adding the parameter. You'll find the configuration in /etc/apache2/sites-enabled/000-default.conf 
  elasticsearch {
#    hosts => "http://localhost:80/elastic/"
    hosts => "http://77.68.122.54:9200"
    index => "*"
    size => 10000
    scroll => "2m"
    docinfo => true
    query => '{"query": { "range": { "date_timestamp": { "time_zone": "+02:00","gte": "2021-02-05T10:41:00.000Z","lte": "now" }}}}'
    user => "elastic"
    password => 'bsdB~(7X3bHNz!B*'
    ssl => false
  }
}

output { 
    elasticsearch {
      hosts => ["https://10.12.174.30:9200"]
      index => "%{[@metadata][_index]}"
      document_type => "%{[@metadata][_type]}"
      document_id => "%{[@metadata][_id]}"
      user => "elastic"
      password => "5EBucabWNjvFH6E5hb5eTQPfM4bgYqsQ"
      ssl_certificate_verification => false
      timeout => 3
      resurrect_delay => 3
    }
}