I had the same problem. Couldn't find a way around it. Our (dirty) hack/workaround is to have a scheduled task running every 5 minutes to:
- shutdown logstash indexer
- copy the file
- restart logstash and index file
This is okay for us as we don't need perfectly real-time indexing at least it works reliably since a couple of months. It also solved the problems with locked resources we encountered before...