For scp, "When copying a source file to a target file which already exists, scp will replace the contents of the target file (keeping the inode)." So I think that might be the non-optimal solution.
Does scp truncate the file first or does it overwrite the file in place? In the latter case you'll probably be fine, otherwise you'll probably need to write a script that runs after the rsync operation and either appends new lines to the files that Filebeat monitors or overwrites them in place.