[Response Ops][Event Log] New event log index mappings are not applied

[ymao1]

With the switch to remove version numbers from the event log index name, when new mappings are added to the event log, they are not applied on upgrade from previous version, only on a fresh installation. This is because we only install event log resources when we detect that they don't exist, we don't update them. We could either roll over the datastream indices on kibana restart (although that could cause a lot of small backing indices) or do what we do with AAD indices and update the mappings of existing concrete indices if they exist.

[elasticmachine]

Pinging @elastic/response-ops (Team:ResponseOps)