Did you install the latest index template from winlogbeat 6.0.0 to Elasticsearch? Since you are using Logstash you have to do in manually because the Beat isn't directly connection to ES.
# Write the template to disk.
PS> .\winlogbeat.exe export template | Out-File -Encoding UTF8 winlogbeat.template.json
# Install it to ES.
PS > Invoke-RestMethod -Method Put -ContentType "application/json" -InFile winlogbeat.template.json -Uri http://elasticsearch:9200/_template/winlogbeat-6.0.0
And after you have installed the index template to ES check your Logstash config to make sure that it is using a version in the index name like shown in these docs.
output {
elasticsearch {
hosts => "localhost:9200"
manage_template => false
index => "%{[@metadata][beat]}-%{[@metadata][version]}-%{+YYYY.MM.dd}"
document_type => "%{[@metadata][type]}"
}
}