Increase ignore_above for a few fields that can clearly contain longer legit values

[webmat]

Let's build a list here:

• file.path (4096 chars on Linux, check for Windows)
• file.target_path

[latundetoks]

event_data.CommandLine event_data.ScriptBlockText

Not sure where these Windows event_data.* fields go yet. No real conclusions https://github.com/elastic/ecs/issues/188#issuecomment-445392091

[praseodym]

Same for:

• url.original
• url.full
• url.path
• url.query
• url.fragment

[webmat]

Will spend a bit more time on all of this soon.

But one thing that would be helpful, if you know off the top of your head, is also mention the desired value.

For example, I'm pretty sure the file paths on Linux are 4k. Need to check on the Windows side and pick the highest.

Same for URL, I have a vague recollection of hearing about 2k according to the specs, but I think in reality browsers and servers support longer than that.

So if you remember any off the top of your head, please include the numbers. We'll look it up before making all this official :-)