Write a Logstash pipeline configuration that accepts raw syslog input over port 5000. The configuration should use the grok filter to parse the timestamp, log level, source IP, and message. Finally, output the parsed data into an Elasticsearch index named 'syslog-%{+YYYY.MM.dd}'. Explain how each part of the configuration works.