Merge pull request #64 from weslambert/master

Logstash - Wazuh parsing updates

salt/logstash/files/dynamic/0006_input_beats.conf

@@ -15,6 +15,7 @@ filter {
       remove_tag => ["beat"]
       add_field => { "sensor_name" => "%{[beat][name]}" }
       add_field => { "syslog-host_from" => "%{[beat][name]}" }
+      remove_field => [ "beat", "prospector", "input", "offset" ]
     }
   }
   if [type] =~ "ossec" {
@@ -22,6 +23,7 @@ filter {
       rename => { "host" => "beat_host" }
       remove_tag => ["beat"]
       add_field => { "syslog-host_from" => "%{[beat][name]}" }
+      remove_field => [ "beat", "prospector", "input", "offset" ]
     }
   }
 }