We've been hitting by regular out-of-sync journalbeat events.
Too old events that want to get written again on closed indices.
When logstash tries to write those into closed and/or freezed indices.
that creates errors.
So far, we work around it by triggering the manually installed script .
It parses error logs and opens up and unfreezes those necessary closed indices.
That allows logstash to do thy bidding.
And other processes are in charge of closing those indices again.
It'd be interesting to update the journalbeat to a superior version than
the current installed one which is old. At least, to check whether that spurious
We possibly want to upgrade with upstream versions as we are currently using an old
5.5 version we packaged or backported back in the day 
root@logstash0:~# dpkg -l journalbeat | grep ii ii journalbeat 5.5.0+git20170727.1-1~swh+1~bpo10+1 amd64 Journalbeat is a log shipper from systemd/journald to Logstash/Elasticsearch
 See comments below with some more details T3545#69778