Azure Firewall integration

[ebeahan]

What does this PR do?

This PR adds a new integration for Azure Firewall.

Checklist

• I have reviewed tips for building integrations and this pull request is aligned with them.
• I have verified that all data streams collect metrics or logs.
• I have added an entry to my package's changelog.yml file.
• I have verified that Kibana version constraints are current according to guidelines.

How to test this PR locally

cd packages/azure
elastic-package test pipeline

Related issues

Relates to #1205

Screenshots

[elasticmachine]

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

[elasticmachine]

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS

Expand to view the summary

Build stats

• Start Time: 2022-07-08T14:17:03.279+0000

• Duration: 15 min 58 sec

Test stats 🧪

Test	Results
Failed	0
Passed	105
Skipped	0
Total	105

🤖 GitHub comments

To re-run your PR in the CI, just comment with:

• /test : Re-trigger the build.

[elasticmachine]

🌐 Coverage report

Name	Metrics % (covered/total)	Diff
Packages	100.0% (7/7)	💚
Files	81.25% (13/16)	👎 -15.676
Classes	81.25% (13/16)	👎 -15.676
Methods	80.451% (107/133)	👎 -8.894
Lines	81.81% (1853/2265)	👎 -8.403
Conditionals	100.0% (0/0)	💚

[efd6]

network_traffic has this as a long for the icmp datastream, but kubernetes has it as a keyword for an HTTP request code. I can't see it defined, so is there a preference?

[ebeahan]

Unless a numeric field needs to support range queries, ES recommends keyword for the better term query performance.

For ICMP messages, I think users are more likely query for a specific request code than across a range.

[ebeahan]

Last round of comments have been addressed - ready for another review round.

[ebeahan]

Thanks for the feedback, @efd6. I've incorporated your suggestions.

[efd6]

LGTM

[ebeahan]

@elastic/obs-cloud-monitoring would you also please review as package owners?

[kaiyan-sheng]

LGTM!