remove old Wazuh Hunt queries in defaults.yaml

salt/soc/defaults.yaml

@@ -1137,22 +1137,6 @@ soc:
             description: Show all Osquery Live Query results
             query: 'event.dataset: osquery_manager.result | groupby action_data.id action_data.query | groupby host.hostname'
             showSubtitle: true
-          - name: Wazuh/OSSEC Alerts
-            description: Show all Wazuh alerts at Level 5 or higher grouped by category
-            query: 'event.module:ossec AND event.dataset:alert AND rule.level:>4 | groupby rule.category rule.name'
-            showSubtitle: true
-          - name: Wazuh/OSSEC Alerts
-            description: Show all Wazuh alerts at Level 4 or lower grouped by category
-            query: 'event.module:ossec AND event.dataset:alert AND rule.level:<5 | groupby rule.category rule.name'
-            showSubtitle: true
-          - name: Wazuh/OSSEC Users and Commands
-            description: Show all Wazuh alerts grouped by username and command line
-            query: 'event.module:ossec AND event.dataset:alert | groupby user.escalated.keyword process.command_line'
-            showSubtitle: true
-          - name: Wazuh/OSSEC Processes
-            description: Show all Wazuh alerts grouped by process name
-            query: 'event.module:ossec AND event.dataset:alert | groupby process.name'
-            showSubtitle: true
           - name: Sysmon Events
             description: Show all Sysmon logs grouped by event type
             query: 'event.module:sysmon | groupby event.dataset'