Defined sys. audit files for both linux and windows & removed auxilia…

…ry var.

manifests/params_agent.pp

@@ -73,9 +73,6 @@
 
  $active_response_ca_verification = 'yes'
 
- ## system audit
- $ossec_rootcheck_system_audit = $::wazuh::params_agent::default_rootcheck_system_audit
-
  # OS specific configurations
  case $::kernel {
  'Linux': {
@@ -119,6 +116,10 @@
  $ossec_rootcheck_rootkit_files = '/var/ossec/etc/shared/rootkit_files.txt'
  $ossec_rootcheck_rootkit_trojans = '/var/ossec/etc/shared/rootkit_trojans.txt'
  $ossec_rootcheck_skip_nfs = 'yes'
+ $ossec_rootcheck_system_audit = [
+ "/var/ossec/etc/shared/system_audit_rcl.txt",
+ "/var/ossec/etc/shared/system_audit_ssh.txt",
+ ]
 
  # SCA
 
@@ -236,11 +237,6 @@
 
  $manage_repo = true
 
- $default_rootcheck_system_audit = [
- "./shared/system_audit_rcl.txt",
- "./shared/system_audit_ssh.txt",
- ]
-
  case $::osfamily {
  'Debian': {
  $service_has_status = false
@@ -409,6 +405,7 @@
  $ossec_rootcheck_windows_disabled = 'no'
  $ossec_rootcheck_windows_windows_apps = './shared/win_applications_rcl.txt'
  $ossec_rootcheck_windows_windows_malware = './shared/win_malware_rcl.txt'
+ $ossec_rootcheck_system_audit = []
 
  # sca
  $sca_windows_enabled = 'yes'