Thanks.
On the HTTPS configuration, documentation refers to " The ssl.certificate and ssl.key settings are ONLY needed if Elasticsearch is configured to require client based PKI authentication"
Since the elasticsearch doesnt require client auth, it has been simplified with output looking like below:
output.elasticsearch: hosts: ["escluster.es.amazonaws.com"] protocol: https
Also I have log level set to debug, which gives me no additional trace than what I have mentioned earlier