Add the ability to change the default `manager.name` filter (better server migration support)

[theblackhole]

There's a problem with the current default filter system : you can't change the manager.name filter. This is an issue when you migrate your data from one server to another and they don't have the same name.

Indeed, we had an old wazuh server called wazuh-server. We had to shut it down but we still need to search old data so I deployed a less powerful/expensive archive server called wazuh-archive. I followed the backup-restore procedure described in the documentation in order to migrate the data to the archive server. With some tweaks related to the small RAM, everything worked (including restoring old logs)

The problem is that because of the default filter manager.name which is automatically set to the name of the current server and which cannot be changed, it is impossible to show the security events of the old server wazuh-server.

I know logs has been indexed because when I create a new filter, the old server appears in the list...

...but of course I can't use them together

Update : I deployed a new wazuh archive server with the same hostname as the old one (wazuh-server) and it worked. This confirms that my backups are good and that it is indeed a problem with the default filter behaviour

[paulo-gervilla]

Same problem here!