Fix filebeat config

wazuh/Dockerfile

@@ -25,9 +25,6 @@ RUN yum --enablerepo=updates clean metadata && \
 RUN curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-oss-${FILEBEAT_VERSION}-x86_64.rpm &&\
   rpm -i filebeat-oss-${FILEBEAT_VERSION}-x86_64.rpm && rm -f filebeat-oss-${FILEBEAT_VERSION}-x86_64.rpm
 
-RUN curl -so /etc/filebeat/filebeat.yml https://raw.githubusercontent.com/wazuh/wazuh/${TEMPLATE_VERSION}/extensions/filebeat/7.x/filebeat.yml &&\
-  chmod go+r /etc/filebeat/filebeat.yml
-
 RUN curl -so /etc/filebeat/wazuh-template.json https://raw.githubusercontent.com/wazuh/wazuh/${TEMPLATE_VERSION}/extensions/elasticsearch/7.x/wazuh-template.json &&\
   chmod go+r /etc/filebeat/wazuh-template.json
 
@@ -48,6 +45,10 @@ RUN chmod 755 /init.bash && \
    sync && /init.bash && \
    sync && rm /init.bash
 
+COPY config/filebeat.yml /etc/filebeat/
+
+RUN chmod go-w /etc/filebeat/filebeat.yml
+
 COPY config/etc/ /etc/
 
 # Setting volumes

wazuh/config/filebeat.yml

@@ -0,0 +1,21 @@
+
+# Wazuh - Filebeat configuration file
+filebeat.modules:
+  - module: wazuh
+    alerts:
+      enabled: true
+    archives:
+      enabled: false
+
+setup.template.json.enabled: true
+setup.template.json.path: '/etc/filebeat/wazuh-template.json'
+setup.template.json.name: 'wazuh'
+setup.template.overwrite: true
+setup.ilm.enabled: false
+output.elasticsearch:
+  hosts: ['http://elasticsearch:9200']
+  #ssl.certificate_authorities:
+  #ssl.certificate:
+  #ssl.key:
+  #username:
+  #password: