diff --git a/ansible/install/roles/logstash/templates/02-beats-input.conf.j2 b/ansible/install/roles/logstash/templates/02-beats-input.conf.j2
index 72a6298..b65dbe7 100644
--- a/ansible/install/roles/logstash/templates/02-beats-input.conf.j2
+++ b/ansible/install/roles/logstash/templates/02-beats-input.conf.j2
@@ -8,6 +8,12 @@ input {
   }
 }
 
+filter {
+    grok {
+        match => { "message" => "%{COMBINEDAPACHELOG}"}
+    }
+}
+
 output {
   elasticsearch {
     hosts => "localhost:{{es_local_port}}"
diff --git a/elastic/logstash/beats.conf b/elastic/logstash/beats.conf
index 93b90fd..ede0aba 100644
--- a/elastic/logstash/beats.conf
+++ b/elastic/logstash/beats.conf
@@ -4,11 +4,11 @@ input {
   }
 }
 
-# The filter part of this file is commented out to indicate that it is
-# optional.
-# filter {
-#
-# }
+filter {
+    grok {
+        match => { "message" => "%{COMBINEDAPACHELOG}"}
+    }
+}
 
 output {
   elasticsearch {