Find a way for the system-log input to report the correct input.type when it delegates to other inputs

[belimawr]

The system-logs input is a "proxy input" that decides whether journald or log should be used as input for Filebeat's system module. At the moment of writing it is intended to be used only by the system integraiton.

One problem with the current implementation is that the input.type set in the event is system-logs instead of the actual name of the input running/collecting the data.

As a quick fix, we're overwriting input.type using ES ingest pipelines, however this is not ideal. This issue is about finding a way to get this fixed within Filebeat and have input.type correctly set.

• Relates: Investigate the best way to decide when to read system logs from files or journald #40526
• Relates: Correctly set 'input.type' when using the system integration #41246

[elasticmachine]

Pinging @elastic/elastic-agent-data-plane (Team:Elastic-Agent-Data-Plane)

[pierrehilbert]

Following the revert here: #41489
Should we keep this one open?

[belimawr]

We haven't deleted the input yet, we just reverted its usage, I'd keep it open for now, at least until we decide how we're handling journald in Filebeat's system module.