panw_cortex_xdr.alerts: Support alerts v2 API

[kcreddy]

Proposed commit message

v1 alerts API is marked legacy as per API doc.

Add v2 alerts API using CEL input. Although the v1 API is marked 
legacy, it is still working for certain users. Hence, there is separation
of v1 and v2 pipelines. 

Added a deprecation notice to v1 API in the integration.

Note

Prerequisite: #12857 must be merged to fix failing tests.

Checklist

• I have reviewed tips for building integrations and this pull request is aligned with them.
• I have verified that all data streams collect metrics or logs.
• I have added an entry to my package's changelog.yml file.
• I have verified that Kibana version constraints are current according to guidelines.
• I have verified that any added dashboard complies with Kibana's Dashboard good practices

How to test this PR locally

Added v2 sample logs to pipeline and system tests. Pipeline and system tests should pass.

Pipeline tests:

--- Test results for package: panw_cortex_xdr - START ---
╭─────────────────┬─────────────┬───────────┬───────────────────────────────────────────────────┬────────┬──────────────╮
│ PACKAGE         │ DATA STREAM │ TEST TYPE │ TEST NAME                                         │ RESULT │ TIME ELAPSED │
├─────────────────┼─────────────┼───────────┼───────────────────────────────────────────────────┼────────┼──────────────┤
│ panw_cortex_xdr │ alerts      │ pipeline  │ (ingest pipeline warnings test-panw-xdr-bioc.log) │ PASS   │ 340.011125ms │
│ panw_cortex_xdr │ alerts      │ pipeline  │ (ingest pipeline warnings test-panw-xdr-v2.log)   │ PASS   │ 360.285625ms │
│ panw_cortex_xdr │ alerts      │ pipeline  │ (ingest pipeline warnings test-panw-xdr.log)      │ PASS   │   383.7755ms │
│ panw_cortex_xdr │ alerts      │ pipeline  │ (ingest pipeline warnings test-reprocess.json)    │ PASS   │ 358.639084ms │
│ panw_cortex_xdr │ alerts      │ pipeline  │ test-panw-xdr-bioc.log                            │ PASS   │ 107.528625ms │
│ panw_cortex_xdr │ alerts      │ pipeline  │ test-panw-xdr-v2.log                              │ PASS   │ 146.064333ms │
│ panw_cortex_xdr │ alerts      │ pipeline  │ test-panw-xdr.log                                 │ PASS   │ 195.263583ms │
│ panw_cortex_xdr │ alerts      │ pipeline  │ test-reprocess.json                               │ PASS   │  62.740334ms │
╰─────────────────┴─────────────┴───────────┴───────────────────────────────────────────────────┴────────┴──────────────╯
--- Test results for package: panw_cortex_xdr - END   ---
Done

System tests (passed after fix in #12857 is implemented):

--- Test results for package: panw_cortex_xdr - START ---
╭─────────────────┬─────────────┬───────────┬───────────┬────────┬───────────────╮
│ PACKAGE         │ DATA STREAM │ TEST TYPE │ TEST NAME │ RESULT │  TIME ELAPSED │
├─────────────────┼─────────────┼───────────┼───────────┼────────┼───────────────┤
│ panw_cortex_xdr │ alerts      │ system    │ cel       │ PASS   │ 37.974077084s │
│ panw_cortex_xdr │ alerts      │ system    │ httpjson  │ PASS   │ 39.165434792s │
╰─────────────────┴─────────────┴───────────┴───────────┴────────┴───────────────╯
--- Test results for package: panw_cortex_xdr - END   ---
Done

Related issues

• Closes [Palto Alto Cortex ]: Palto Alto Cortex Integration Alerts collection Issue #12526

Screenshots

[elastic-vault-github-plugin-prod]

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

[elasticmachine]

💔 Build Failed

• Buildkite Build
• Commit: b5ed3b0

Failed CI Steps

• Check integrations panw_cortex_xdr

History

• 💔 Build #22486 failed fa527ef
• 💔 Build #22449 failed fffbfba
• 💚 Build #22210 succeeded 53f34b0
• 💔 Build #22139 failed 837e7e2
• 💔 Build #22130 failed f54b6b9

cc @kcreddy

[elastic-sonarqube]

Quality Gate failed

Failed conditions
0.0% Coverage on New Code (required ≥ 80%)

See analysis details on SonarQube

[elasticmachine]

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)