Review Indexer repository for legacy modules

[AlexRuiz7]

Description

As part of the Legacy Removal epic, we need to ensure there are no references for legacy stuff.

Tasks

In this repository:

• Check for references to OSSEC
• Check for references to removed daemons (see Legacy Removal)

[f-galland]

We are still relying on the old ossec path only in our integrations' compose files and pipeline files:

$ grep -Ril ossec | grep -Ev '.jar$|.jmod$|.zip$|^.gradle|.tar.gz$'
integrations/splunk/logstash/pipeline/manager-to-splunk.conf
integrations/elastic/logstash/pipeline/manager-to-elastic.conf
integrations/docker/compose.manager-elastic.yml
integrations/docker/compose.manager-splunk.yml
integrations/docker/compose.manager-opensearch.yml
integrations/opensearch/logstash/pipeline/manager-to-opensearch.conf
integrations/tools/events-generator/wazuh-alerts/alerts.json
integrations/tools/events-generator/run.py

However, we cannot remove these until the manager itself stops using these directories.

[f-galland]

No references to the legacy modules whatsoever:

fede@tyner:~/src/wazuh-indexer (303-remove-legacy-references)
$ grep -REl 'wazuh-agentd|wazuh-agentlessd|wazuh-analysisd|wazuh-apid|wazuh-authd|wazuh-clusterd|wazuh-csyslogd|wazuh-db|wazuh-dbd|wazuh-execd|wazuh-integratord|wazuh-logcollector|wazuh-maild|wazuh-modulesd|wazuh-remoted|wazuh-reportd|wazuh-syscheckd'
fede@tyner:~/src/wazuh-indexer (303-remove-legacy-references)

[AlexRuiz7]

Blocked until we know the new path for the alerts.json file in 5.0.0.

The references to ossec come from the path of this file in our development environments for the third-party integrations.

/var/ossec/logs/alerts/alerts.json

[AlexRuiz7]

Integrations with the Manager will no longer exist for 5.0.0.

We can safely remove these environments.