syslog

How to configure Syslog log collection with Elasticsearch+Kibana+Logstash?

Hello.
Tell me how to set up the collection of Syslog logs from hardware on Elasticsearch + Kibana + Logstash (ELK).
Hardware Zyxel Zywall, Eltex Tau and CentOS servers.
I did the server setup according to this article https://www.digitalocean.com/community/tutorials/h...
And
https://blog.devita.co/2014/09/04/monitoring-pfsen...
Sending logs from Zyxel is on port 514.
Output logs of this format

02-17-2015	15:29:07	Local1.Info	192.168.91.254	Feb 17 15:29:09 zywall-zw1100 CEF:0|ZyXEL|ZyWALL 1100||0|IKE|4|src=xxx.xxx.xxx.xxxdst=xx.xx.xx.xxspt=500 dpt=500 msg=Recv:[HASH][NOTIFY:R_U_THERE_ACK]

But the logs never come. I looked at the logs, everything seems to be fine. Where to dig further I do not know.
Disabled FirewallD and Selinux set SELINUX=permissive.
I am successfully logged into the web interface.
The actual configs for logstash
pastebin.com/wJYdNefH 01-inputs.conf
pastebin.com/CtevsM1T logstash.conf
pastebin.com/9aBPVzfL 10-syslog.conf
pastebin.com/ZaJqrcF9 30-outputs.conf
By the way, I don't see the process in htop logstash, is it supposed to be like this?