Some ELK hacks, which was difficult to google or learn

1. By default, when data is sent from Logstash to Elasticsearch with elasticsearch {} plugin, index with 2 shards is created - primary and replica.

This is not acceptable when you are limited with disk space.
I found only one solution for this proble - edit corresponding Index Template in Kibana.

{
  "index": {
    "number_of_replicas": "0"
  }
}

Because these are default values when a new index is created:

index:
  number_of_shards: 1
  number_of_replicas: 1

Discussion on SoF: https://stackoverflow.com/questions/35615727/how-to-configure-logstash-to-create-an-elasticsearch-index/

2. Some exmaples of Logstash configuration

https://github.com/newrelic/logstash-examples/