Elastic, Syslog-ng Kibana

Upgraded to latest of ES Stack, Kibana 5 and syslog-ng 3.9.1

I had a Kibana dashboard with a bar chart of unique count of systems that had sent a syslog heartbeat. So I could see any missed heartbeats for any host in the last 24 hours.

Post upgrade of syslog-ng the host_from, host fields do not seem to come into ES as usable fields because they are not indexed. So visualizations "bar charts by unique 'host" is broken. Has anyone seen this?

client-mode("http")

index("syslog-ng_${YEAR}.${MONTH}.${DAY}")

type("syslog") # Description: The type of the index. For example, type("test")

template("$(format-json --scope rfc3164 --scope nv-pairs --exclude R_DATE --key ISODATE)\n")