don't use reserved _timestamp

resources/elk6/pipeline/1000_nessus_process_file.conf

@@ -28,9 +28,9 @@ filter {
   if "nessus" in [tags] or "tenable" in [tags] {
 
     date {
-      match => [ "_timestamp", "UNIX" ]
+      match => [ "scan_time", "UNIX" ]
       target => "@timestamp"
-      remove_field => ["_timestamp"]
+      remove_field => ["scan_time"]
     }
 
     #If using filebeats as your source, you will need to replace the "path" field to "source"

resources/elk6/pipeline/2000_qualys_web_scans.conf

@@ -20,9 +20,9 @@ input {
 filter {
   if "qualys" in [tags] {
     date {
-      match => [ "_timestamp", "UNIX" ]
+      match => [ "scan_time", "UNIX" ]
       target => "@timestamp"
-      remove_field => ["_timestamp"]
+      remove_field => ["scan_time"]
     }
 
     grok {

resources/elk6/pipeline/3000_openvas.conf

@@ -21,9 +21,9 @@ input {
 filter {
   if "openvas_scan" in [tags] {
     date {
-      match => [ "_timestamp", "UNIX" ]
+      match => [ "scan_time", "UNIX" ]
       target => "@timestamp"
-      remove_field => ["_timestamp"]
+      remove_field => ["scan_time"]
     }
 
     grok {