You did not look close
index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}"
Should be
index => "%{[@metadata][beat]}-%{[@metadata][version]}"
Without the date part at the end... I specifically put that so it uses what is known as the write alias.
Long story But the way we configure it logstash does not know we are passing through a datastream (which would use that default,) The data stream is set up by metricbest or winlogbest whatever you're using so we have to explicitly set that setting in logstash so it can only create.
If you were to clean up and do it exactly as I showed you, you should get the exact result.