This is a feature request but also a bug fix request too.
The current log stash version wikimedia uses is really old + it has a bug in the one in wikimedia uses where sometimes ssl will not work properly.
"Reverted a change in our harden SSL fix, that prevented Logstash Forwarder and Lumberjack output clients to connect to 1.5.3 instances (#3657)"
+ Logstash 2.x has more default plugins but some of those plugins are removed as default in 5.x.
This will also add support for elasticsearch 2.x