input {
  tcp { 
    type => "apache"
    port => 3333
  } 
}

filter {
  grok {
    type => "apache"
    # See the following URL for a complete list of named patterns
    # logstash/grok ships with by default:
    # https://github.com/logstash/logstash/tree/master/patterns
    #
    # The grok filter will use the below pattern and on successful match use
    # any captured values as new fields in the event.
    pattern => "%{COMBINEDAPACHELOG}"
  }

  date {
    type => "apache"
    # Try to pull the timestamp from the 'timestamp' field (parsed above with
    # grok). The apache time format looks like: "18/Aug/2011:05:44:34 -0700"
    match => [ "timestamp", "dd/MMM/yyyy:HH:mm:ss Z" ]
  }
}

output {
  # Use stdout in debug mode again to see what logstash makes of the event.
  stdout {
    debug => true
  }
}