A slow/stale logstash should not result into an i/o timeout error. As Logstash should send a heartbeat signal every 5 seconds if a batch of events is in progress.
Where are filebeat and logstash running and how are they connected? Any firewalls, NAT, other network equipment in the middle, potentially closing/dropping connections?
As workaround, increase the timeout setting in the filebeat logstash output (defaults to 60 seconds). And see how it goes. I wonder if it's due to LS not sending the heartbeat, or network equipment.