input {
    file {
        path => "/data/*.log"
        start_position => "beginning"
    }
}

filter {

    grok {
        match => { "message" => "\[%{TIMESTAMP_ISO8601:timestamp} UTC\] \[%{LOGLEVEL:log-level}\] Used %{NUMBER:lua-speed-items} speeds from LUA profile or input map" }
        add_field => { "subType" => "traffic-speed-update" }
    }

	if "_grokparsefailure" in [tags] {
    grok {
        match => { "message" => "\[%{TIMESTAMP_ISO8601:timestamp} UTC\]\s\[%{LOGLEVEL:log-level}\]\s%{DATE_EU:request-date}\s%{TIME:request-time}\s%{DATA:response_duration}\s%{IP:request-ip}\s\W\s(?<user-agent>.+?(?=\s\d{3}\s))\s(?<response-code>\d{3})\s%{URIPATH:uri}" }
        add_tag => ["request"]
    }
  }
}

## Add your filters / logstash plugins configuration here

output {
	elasticsearch {
		hosts => "elasticsearch:9200"
		user => "elastic"
		password => "changeme"
		index => "osrm"
	}
}