[system] Missing event.original mappings

[andrewkroh]

A mapping for event.original is missing from the auth and security data streams.

# Data streams that support preserve_original_event.
% find . -name '*.hbs*' | xargs grep preserve_original_event$
./data_stream/security/agent/stream/httpjson.yml.hbs:  - preserve_original_event
./data_stream/auth/agent/stream/log.yml.hbs:  - preserve_original_event
./data_stream/system/agent/stream/httpjson.yml.hbs:  - preserve_original_event
./data_stream/application/agent/stream/httpjson.yml.hbs:  - preserve_original_event

# Check if event.original exists in fields.yml files.
% go install github.com/andrewkroh/go-examples/fields-yml@main
% for i in $(find system/data_stream -maxdepth 1 | grep -E '/(security|auth|system|application)$'); do fields-yml -w=false $i/fields/*.yml | grep -q ^event.original && echo Found in $i || echo Missing from $i; done 
Missing from system/data_stream/security
Missing from system/data_stream/auth
Found in system/data_stream/system
Found in system/data_stream/application

[elasticmachine]

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

[elasticmachine]

Pinging @elastic/elastic-agent-data-plane (Team:Elastic-Agent-Data-Plane)