I realise this is an old post, but it comes up on google, so my workaround for this is:
You can reconstruct the logs using the hostname, full filename and the "offset" that gets added as metadata to the log entry itself. The "offset" is the byte offset in the file that was shipped. If you query specifying an offset of +- a sensible amount,, then sort by offset you'll end up with the log file reconstructed. It's a pain to do though, and file rotation screws it up a bit (filter by timespan as well in that case).
I wrote (hacked) some custom panels for Kibana 3 to do this (GUI for reading logs) , but am hoping elastic might deliver it built into Kibana 5 instead...
The ELK stack badly needs an easy way to do this IMO - ironically given it's at heart a search engine, it's awesome at drawing graphs, but not at actually returning the text that has been indexed!