Capturing all coming logs and visualizing them can be a requirement andenabling that option in an on-prem environment can be achieved as describedin the official guide here https://documentation.wazuh.com/4.4/user-manual/manager/wazuh-archives.html; however, In K8s, restarting theFilebeat service causes restarting the Wazuh manager pod which will wipeup the changes and revert the initial configuration (archives disabled). This article describes…