[BUG] Can't upsert index template for concrete index while creating detectors on datastream indices

[kritikashahi]

What is the bug? When creating detectors in security analytics on datastream indices, it detector creation fails with error: Can't upsert index template for concrete index. Also the datastream indices are not showing up in dropdown for Select indexes/aliases.

How can one reproduce the bug? Steps to reproduce the behavior:

1. Go to security analytics -> create a detector.
2. enter the custom datastream index pattern (as datastreams are not showing up)
3. fill other details, click on next
4. Add alert trigger details and click on create detector.

What is the expected behavior? The detector should be created successfully

What is your host/environment?

• OS: linux
• Version: 2.16.0
• Plugins: security analytics

Additional Context Detector is created successfully when using a specific data stream index instead of using the datastream name (pattern) to create detector

[lyradc]

When attempting to create a detector referencing a datastream name the following error is returned: [illegal_argument_exception] composable template [datastream] with index patterns [datastream_ds*], priority [150] would cause data streams [datastream_ds] to no longer match a data stream template

When attempting to create a detector referencing a datastream's backing index the detector is created but then the following error is presented: