Feat: make AWS patterns ECS compliant

[kares]

This work represents an effort to make LS' AWS patterns ECS compliant and up-to-date. LS only supports a few patterns from the AWS family, as opposed to Beats. For such patterns (S3_ACCESS_LOG and ELB_ACCESS_LOG) we usually follow the Beat counter-part to provide compatibility in terms of capture names.

This isn't the case for CLOUDFRONT_ACCESS_LOG which Beats has no support for.

As usual, while looking at these some minor fixes to bring matching up-to-date while maintaining backwards compatibility. There's also 2 minor fixes for the legacy pattern.

NOTE: marked as draft as this needs a rebase to re-use the URIQUERY pattern from: https://github.com/logstash-plugins/logstash-patterns-core/pull/262

[kares]

@ebeahan @webmat if you guys find some time for a review, it's a draft as some finishing touches will follow but pretty much done in terms of ECS with a couple open points as outlined in the comments above ... :bow: