Add filebeat modules

salt/filebeat/modules/osquery.yml.disabled

@@ -0,0 +1,15 @@
+# Module: osquery
+# Docs: https://www.elastic.co/guide/en/beats/filebeat/7.x/filebeat-module-osquery.html
+
+- module: osquery
+  result:
+    enabled: true
+
+    # Set custom paths for the log files. If left empty,
+    # Filebeat will choose the paths depending on your OS.
+    #var.paths:
+
+    # If true, all fields created by this module are prefixed with
+    # `osquery.result`. Set to false to copy the fields in the root
+    # of the document. The default is true.
+    #var.use_namespace: true