Try to use pipeline rule like this, which uses function parse_unix_milliseconds() and I divide epoch in microseconds by 1000 to get miliseconds required by pipeline function.
rule "Epoch Convert"
when
has_field("eventtime")
then
let ts_millis = to_long($message.eventtime) / 1000;
let new_date = parse_unix_milliseconds(ts_millis);
set_field("epoch_timestamp", new_date);
//set_field("timestamp", new_date);
end
Replace eventtime with your real field which contains epoch in microseconds. Uncomment line //set_field("timestamp", new_date); if you want to replace timestamp field by epoch in apache.