fireeye using invalid field values according to ECS

[jsoriano]

[0] parsing field value failed: field "event.type"'s value "dns" is not one of the allowed values (access, admin, allowed, change, connection, creation, deletion, denied, end, error, group, indicator, info, installation, protocol, start, user)
[1] parsing field value failed: field "event.type"'s value "fileinfo" is not one of the allowed values (access, admin, allowed, change, connection, creation, deletion, denied, end, error, group, indicator, info, installation, protocol, start, user)
[2] parsing field value failed: field "event.type"'s value "flow" is not one of the allowed values (access, admin, allowed, change, connection, creation, deletion, denied, end, error, group, indicator, info, installation, protocol, start, user)
[3] parsing field value failed: field "event.type"'s value "tls" is not one of the allowed values (access, admin, allowed, change, connection, creation, deletion, denied, end, error, group, indicator, info, installation, protocol, start, user)

Part of #3016

[elasticmachine]

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

[jsoriano]

Reopening as there seems to be still issues: https://beats-ci.elastic.co/blue/organizations/jenkins/Ingest-manager%2Fintegrations/detail/PR-3017/3/tests

one or more errors found in document: [0] parsing field value failed: field "event.type"'s value "flow" is not one of the allowed values (access, admin, allowed, change, connection, creation, deletion, denied, end, error, group, indicator, info, installation, protocol, start, user)