Considering the newest user story on the main page is about ingesting Bro logs into the Elastic stack, this may be timely news.
The logstash-input-bro is used to watch Bro logs and ingest the log data. It is better than using Greg/grok/file plugins because it uses the headers in the bro log files in order to parse fields and field types automatically.
This is a bonus when changing/testing bro configurations, because no new grok changes are required to parse additional/changed fields in newer Bro logs.