Merge pull request #1427 from Security-Onion-Solutions/fix/wazuh_filebeat

Fix Filebeat config for Wazuh

salt/filebeat/etc/filebeat.yml

@@ -203,15 +203,14 @@ filebeat.inputs:
 
 - type: log
   paths:
-    - /wazuh/alerts/alerts.json
+    - /wazuh/archives/archives.json
   fields:
     module: ossec
-    dataset: alert
     category: host
   processors:
   - drop_fields:
       fields: ["source", "prospector", "input", "offset", "beat"]
-
+  pipeline: "ossec"
   fields_under_root: true
   clean_removed: false
   close_removed: false