mimecast: add support for v2 API endpoints

efd6 commented 2 days ago

Proposed commit message

Migrate the message_release_logs agent to the Mimecast v2 API and add v2 API
agents for:

* archive_search_logs
* audit_events
* dlp_logs
* threat_intel_malware_customer
* threat_intel_malware_grid
* ttp_ap_logs
* ttp_ip_logs
* ttp_url_logs

The migration of message_release_logs means that this is a breaking change.

[!NOTE] The addition of siem_logs v2 support depends in a stack upgrade, so that will be done in a future PR so that users on v8.14.x can get the benefit of the v2 change for the other endpoints.

[!NOTE] Test vectors for the ttp_ip_logs were not available from the test instance. If they become available they will be added. In the meantime, the change here uses v1 data via a v2 API call structure. This is likely OK since the majority of v2 data shapes match the v1 shape.

[!NOTE] Best reviewed commit-wise.

The commits can be grouped in to families:

common:

archive_search_logs

dlp_logs

message_release_logs

ttp_ap_logs

ttp_ip_logs

ttp_url_logs

audit

audit_events

malware:

threat_intel_malware_customer

threat_intel_malware_grid

Checklist

[ ] I have reviewed tips for building integrations and this pull request is aligned with them.
[ ] I have verified that all data streams collect metrics or logs.
[ ] I have added an entry to my package's changelog.yml file.
[ ] I have verified that Kibana version constraints are current according to guidelines.
[ ] I have verified that any added dashboard complies with Kibana's Dashboard good practices