[System module] Only one instance of Journald runs when both syslog and auth filesets are enabled

[belimawr]

1. Branch off main and merge onto it:
   i. Read journal entries from all boots #41244
   ii. system-logs input ignores folders and add tests #41296
   iii. Add the missing process.name field to System module, Syslog fileset #41354

2. Package Filebeat

3. Run the setup command

   ./filebeat setup --modules system
   

4. Run Filebeat with the following filebeat.yml and modules.d/system.yml

   filebeat.yml

   filebeat.inputs:
     - type: journald
       id: my-journald-normal-input
       tags:
          - journald-input
     - type: filestream
       id: my-filestream-id
       paths:
         - /tmp/flog.log
   
   filebeat.config.modules:
     path: ${path.config}/modules.d/*.yml
     reload.enabled: false
     reload.period: 1s
   
   setup.template:
     settings:
       index.number_of_shards: 1
   
   setup.kibana:
     host: "http://kibana:5601"
     username: admin
     password: testing
     ssl.verification_mode: none
   
   output.elasticsearch:
     hosts: ["http://elasticsearch:9200"]
     preset: latency
     protocol: "http"
   
     username: admin
     password: testing
     ssl.verification_mode: none

   modules.d/system.yml

   - module: system
     syslog:
       enabled: true
       var.use_journald: true
       input:
         tags:
           - from-journald
   
     auth:
       enabled: true
       var.use_journald: true
       var.tags:
         - from-journald

5. Go to Discover in Kibana, filter by tags: from-journald

6. Look at fileset.name from the events, there will be only one fileset instead of two, it's random

7. GOTO 1, you might find a different fileset on 5.

[elasticmachine]

Pinging @elastic/elastic-agent-data-plane (Team:Elastic-Agent-Data-Plane)