aws using invalid field values according to ECS

[jsoriano]

[0] parsing field value failed: field "event.category"'s value "network_traffic" is not one of the allowed values (authentication, configuration, database, driver, file, host, iam, intrusion_detection, malware, network, package, process, registry, session, threat, web)
[1] parsing field value failed: field "event.outcome"'s value "allow" is not one of the allowed values (failure, success, unknown)
[2] parsing field value failed: field "event.outcome"'s value "deny" is not one of the allowed values (failure, success, unknown)
[3] parsing field value failed: field "event.type"'s value "flow" is not one of the allowed values (access, admin, allowed, change, connection, creation, deletion, denied, end, error, group, indicator, info, installation, protocol, start, user)

"network_traffic" => "network"
"allow" => "success"
"deny" => "failure"
"flow" => "connection"?

Part of #3016

[jsoriano]

@elastic/obs-cloud-monitoring do you have a timeline for this issue? This is blocking elastic/elastic-package#771. Thanks!

[kaiyan-sheng]

@jsoriano Sorry about that!! Let me start a PR on this and we might need some help from the security team to review the changes.