crowdstrike: clean up ingest pipeline

Use codegen for the pipeline. While doing this remove duplicated
processors, add tags to all processors, and group processors somewhat
more logically.

[git-generate]
SHA=54781ceda31cbf6b74a434549c6eeb1652e0065c
git clone --depth=1 [email protected]:efd6/fdr_gen.git
(
cd fdr_gen
git fetch --depth=1 origin ${SHA}
INGEST=../packages/crowdstrike/data_stream/fdr/elasticsearch/ingest_pipeline
go run ./default.go -out ${INGEST}/default.yml
go run ./categorize.go -out ${INGEST}/categorize.yml
go run ./data_protection.go -out ${INGEST}/data_protection_detection_summary.yml
go run ./network.go -dir inbound -out ${INGEST}/inbound_network.yml
go run ./network.go -dir outbound -out ${INGEST}/outbound_network.yml
)
rm -rf fdr_gen

cd packages/crowdstrike
elastic-package changelog add --description "Improve ingest pipeline maintainability." --type enhancement --next minor --link #16213

Author: efd6

packages/crowdstrike/changelog.yml

@@ -1,9 +1,13 @@
 # newer versions go on top
+- version: "2.11.0"
+  changes:
+    - description: Improve ingest pipeline maintainability.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/16213
 - version: "2.10.0"
   changes:
     - description: >-
-        Provide an alternate endpoint to query host data for GovCloud CIDs.
-        The GovCloud CIDs must enable the `GovCloud` flag in the integration configuration to ensure the correct endpoint is used.
+        Provide an alternate endpoint to query host data for GovCloud CIDs. The GovCloud CIDs must enable the `GovCloud` flag in the integration configuration to ensure the correct endpoint is used.
       type: enhancement
       link: https://github.com/elastic/integrations/pull/16007
 - version: "2.9.0"
@@ -62,8 +66,7 @@
 - version: "2.2.0"
   changes:
     - description: >-
-        Migrate to the "/spotlight/combined/vulnerabilities/v1" endpoint for vulnerability data.
-        Add support for the `facet` query parameter to control what data is returned in the API response.
+        Migrate to the "/spotlight/combined/vulnerabilities/v1" endpoint for vulnerability data. Add support for the `facet` query parameter to control what data is returned in the API response.
       type: enhancement
       link: https://github.com/elastic/integrations/pull/15049
 - version: "2.1.0"
@@ -78,12 +81,7 @@
       link: https://github.com/elastic/integrations/pull/15019
 - version: "2.0.0"
   changes:
-    - description: | 
-        Data deduplication is now disabled by default for the FDR data stream when configured with the aws-s3 input. 
-        Previously, the FDR data stream automatically handled deduplication by computing an Elasticsearch document _id 
-        using the aws-s3 input. To prevent duplicate documents, you must now explicitly enable the Data Deduplication setting. 
-        While enabling this setting prevents duplicates, it may result in a lower indexing rate because Elasticsearch 
-        must check for existing documents before indexing.
+    - description: "Data deduplication is now disabled by default for the FDR data stream when configured with the aws-s3 input. \nPreviously, the FDR data stream automatically handled deduplication by computing an Elasticsearch document _id \nusing the aws-s3 input. To prevent duplicate documents, you must now explicitly enable the Data Deduplication setting. \nWhile enabling this setting prevents duplicates, it may result in a lower indexing rate because Elasticsearch \nmust check for existing documents before indexing.\n"
       type: breaking-change
       link: https://github.com/elastic/integrations/pull/14762
 - version: "1.80.0"