Hi Srikar,
Although we provide very little documentation about it, Wazuh has indeed integration with ClamAV. To be more precise, it can fetch and decode ClamAV's logs. This can be achieved by two ways:
1º Forward every ClamAV log to Syslog(/var/log/syslog).
Uncomment LogSyslog true in /etc/clamav/clamd.conf . Wazuh reads by default said file, so no further work is needed.
2º Read from ClamAV's default log file(/var/log/clamav/freshclam.log)
If for whatever reason you don't want to enable Syslog, Wazuh can decode other files as long as they use Syslog format, such as freshclam.log. Just write the following lines in the agent's configuration file(/var/ossec/etc/ossec.conf):
<localfile>
<log_format>syslog</log_format>
<location>/var/log/clamav/freshclam.log</location>
</localfile>
Hope it helps,
Fernando