Add states-inventory-processes index template definition (#401)

* Add stateless index template definition

Event generator is pending

* Update to 8.11.0

* Adding template mappings and settings for states-inventory-processes index

* Fix indentation issue in subset.yml

* Add process.tty as a custom field

* Update states-inventory-processes index template definition

* Remove events generators

* Remove duplicated code

* Remove hidden flag on index template

---------

Co-authored-by: Álex Ruiz <[email protected]>

ecs/states-inventory-processes/fields/custom/agent.yml

@@ -0,0 +1,12 @@
+---
+- name: agent
+  title: Wazuh Agents
+  short: Wazuh Inc. custom fields.
+  type: group
+  group: 2
+  fields:
+    - name: groups
+      type: keyword
+      level: custom
+      description: >
+        The groups the agent belongs to.

ecs/states-inventory-processes/fields/mapping-settings.json

@@ -0,0 +1,4 @@
+{
+    "dynamic": "strict",
+    "date_detection": false
+}

ecs/states-inventory-processes/fields/subset.yml

@@ -0,0 +1,42 @@
+---
+name: wazuh-states-inventory-processes
+fields:
+  base:
+    fields:
+      "@timestamp": {}
+      tags: []
+  agent:
+    fields:
+      id: {}
+      groups: {}
+  process:
+    fields:
+      pid: {}
+      name: ""
+      parent:
+        fields:
+          pid: {}
+      command_line: ""
+      args: ""
+      user:
+        fields:
+          id: ""
+      real_user:
+        fields:
+          id: ""
+      saved_user:
+        fields:
+          id: ""
+      group:
+        fields:
+          id: ""
+      real_group:
+        fields:
+          id: ""
+      saved_group:
+        fields:
+          id: ""
+      start: {}
+      thread:
+        fields:
+          id: ""

ecs/states-inventory-processes/fields/template-settings-legacy.json

@@ -0,0 +1,18 @@
+{
+  "index_patterns": ["wazuh-states-inventory-processes*"],
+  "order": 1,
+  "settings": {
+    "index": {
+      "number_of_shards": "1",
+      "number_of_replicas": "0",
+      "refresh_interval": "5s",
+      "query.default_field": [
+        "agent.id",
+        "agent.groups",
+        "process.name",
+        "process.pid",
+        "process.command_line"
+      ]
+    }
+  }
+}

ecs/states-inventory-processes/fields/template-settings.json

@@ -0,0 +1,20 @@
+{
+  "index_patterns": ["wazuh-states-inventory-processes*"],
+  "priority": 1,
+  "template": {
+    "settings": {
+      "index": {
+        "number_of_shards": "1",
+        "number_of_replicas": "0",
+        "refresh_interval": "5s",
+        "query.default_field": [
+          "agent.id",
+          "agent.groups",
+          "process.name",
+          "process.pid",
+          "process.command_line"
+        ]
+      }
+    }
+  }
+}