[EDR Workflows] Get host details from CrowdStrike API

[tomsonpl]

Summary

This PR introduces functionality to fetch host details from the CrowdStrike API via our connector when no corresponding host document is found in Elasticsearch. This ensures we have a fallback mechanism to retrieve essential data directly from CrowdStrike, improving data availability and resilience in edge cases.

Key Changes

• New Method: Implemented functionality to query the CrowdStrike API through the connector for host details when Elasticsearch lacks the necessary document.
• Integration: Incorporated the new fallback mechanism into the getAgentStatuses method.
• Error Handling: Enhanced logging and error management to handle scenarios where neither Elasticsearch nor the CrowdStrike API returns host details.

Why this is needed?

This change addresses gaps in host data when Elasticsearch lacks the necessary documents. By adding the CrowdStrike API as a fallback, we ensure seamless retrieval of agent status information, enhancing the reliability and accuracy of our system.

[tomsonpl]

/ci

[tomsonpl]

/ci

[elasticmachine]

Pinging @elastic/security-defend-workflows (Team:Defend Workflows)

[elasticmachine]

:yellow_heart: Build succeeded, but was flaky

• Buildkite Build
• Commit: afeadddc617b58486b594899ac8b05770e76d151

Failed CI Steps

• Jest Tests #8

Test Failures

• [job] [logs] Jest Tests #8 / Category can submit without setting a category

Metrics [docs]

✅ unchanged

History

• :yellow_heart: Build #253838 was flaky cb414e964b3314d4f263c0bee3e9676c7bb76311
• :green_heart: Build #253565 succeeded ac057fe5e94cb39e8cba89c2e1f9f2df5bf9535a
• :broken_heart: Build #253505 failed f237ced56e4f047e954141829a772075c829a92d

cc @tomsonpl