Seems i have found the problem, some logs are working ok and some are not. Turns out that the logs that are not working use a circular logging format called clog.
Now the next question is can filebeat handel this changing the config or am i out of luck? Reverting back to syslog will be like having to turn in a ferrari and stapping in a lada 