[Security Solution][Detections] Add size param to search for previous threshold signals

[marshallmain]

Summary

Closes #90753
The default number of buckets returned is only 10, so if a threshold rule triggered with more than 10 different values then some values would not be correctly filtered out on the next rule run. This PR increases the number of buckets to 10000, matching the max number of buckets in the aggregation that finds new signals.

Checklist

Delete any items that are not applicable to this PR.

• Any text added follows EUI's writing guidelines, uses sentence case text and includes i18n support
• Documentation was added for features that require explanation or tutorials
• Unit or functional tests were updated or added to match the most common scenarios
• Any UI touched in this PR is usable by keyboard only (learn more about keyboard accessibility)
• Any UI touched in this PR does not create any new axe failures (run axe in browser: FF, Chrome)
• If a plugin configuration key changed, check if it needs to be allowlisted in the cloud and added to the docker list
• This renders correctly on smaller devices using a responsive layout. (You can test this in your browser)
• This was checked for cross-browser compatibility

For maintainers

• This was checked for breaking API changes and was labeled appropriately

[elasticmachine]

Pinging @elastic/security-detections-response (Team:Detections and Resp)

[marshallmain]

@elasticmachine merge upstream

[marshallmain]

@elasticmachine merge upstream

[kibanamachine]

💚 Build Succeeded

• continuous-integration/kibana-ci/pull-request
• Commit: cf5c955

Metrics [docs]

✅ unchanged

History

• 💔 Build #105242 failed 7255ab0

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream