Complete "full demo" example with Wazuh sample events

[misje]

The full demo docker-compose example lacks logic to populate Wazuh with demo events. Create a docker image that runs once, calling

1. docker run --rm -w "/home/node/app" -v "$(pwd):/home/node/app" node:lts-alpine node cli.js --all-modules --format bulk-api --index wazuh-alerts-4.x-sample > output.ndjson
2. curl -k -u 'admin:SecretPassword' https://localhost:9200/_bulk -H "Content-Type: application/x-ndjson" --data-binary "@output.ndjson"
3. Add missing "@timestamp" column:

curl -k -u 'admin:SecretPassword' -X POST https://localhost:9200/wazuh-alerts-*/_update_by_query -H "Content-Type: application/json" -d "$(cat <<EOF
{
"script": {
  "source": "String timestamp = ctx._source['timestamp']; if (timestamp != null) { DateTimeFormatter inputFormatter = DateTimeFormatter.ofPattern(\"yyyy-MM-dd'T'HH:mm:ss.SSSZ\"); ZonedDateTime parsedTime = ZonedDateTime.parse(timestamp, inputFormatter); String formattedTime = DateTimeFormatter.ISO_INSTANT.format(parsedTime); ctx._source['@timestamp'] = formattedTime; }",
  "lang": "painless"
}
}
EOF
)"

Use patched misje/wazuh-dashboard-plugins as a referene, since the Wazuh maintainers have not provided any feedback on my pull request to fix invalid IP addresses and invalid SHA-256 hashes in the example data. The entrypoint needs to patientely wait for OpenSearch to become available.