It seems we can enable 3 features which will capture lots of data. Is there anyway to fine tune this without logstash? Trying to save diskspace 
We are working on a filtering concept here: https://github.com/elastic/beats/issues/451
And for filebeat, include and exclude lines was just introduced: https://github.com/elastic/beats/pull/430 This feature is not release yet, so you would have to use the nightly build.
In addition, topbeat specific, you can select via a set of regexps which processes to collect information for. The bulk of the data collected is usually process data, so this is a very good way to reduce disk space.