feat: Preserve event.original when pipeline errors in integration-experience integrations (part 2)

[taylor-swanson]

Proposed commit message

• Add append processor to pipeline on_failure handlers to preserve event.original.
• Add append processor to pipeline to preserve event.original if error.message is set.

Integrations

• citrix_waf
• endace
• fortinet_fortiedr
• fortinet_fortigate
• fortinet_fortimail
• fortinet_fortimanager
• fortinet_fortiproxy
• goflow2
• hashicorp_vault
• hpe_aruba_cx

Checklist

• I have reviewed tips for building integrations and this pull request is aligned with them.
• I have verified that all data streams collect metrics or logs.
• I have added an entry to my package's changelog.yml file.
• I have verified that Kibana version constraints are current according to guidelines.
  - [ ] I have verified that any added dashboard complies with Kibana's Dashboard good practices

Related issues

• Relates Retain event.original value upon pipeline errors #12045
• Relates elastic/integration-experience#292

[elasticmachine]

💚 Build Succeeded

• Buildkite Build
• Commit: 78e4698

History

• 💚 Build #33387 succeeded 766916f
• 💔 Build #33379 failed 6b6fb30

cc @taylor-swanson

[elasticmachine]

Pinging @elastic/integration-experience (Team:Integration-Experience)

[elasticmachine]

Pinging @elastic/sec-linux-platform (Team:Security-Linux Platform)

[elastic-vault-github-plugin-prod]

Package citrix_waf - 1.19.0 containing this change is available at https://epr.elastic.co/package/citrix_waf/1.19.0/

[elastic-vault-github-plugin-prod]

Package endace - 0.2.0 containing this change is available at https://epr.elastic.co/package/endace/0.2.0/

[elastic-vault-github-plugin-prod]

Package fortinet_fortiedr - 1.20.0 containing this change is available at https://epr.elastic.co/package/fortinet_fortiedr/1.20.0/

[elastic-vault-github-plugin-prod]

Package fortinet_fortigate - 1.36.0 containing this change is available at https://epr.elastic.co/package/fortinet_fortigate/1.36.0/

[elastic-vault-github-plugin-prod]

Package fortinet_fortimail - 2.17.0 containing this change is available at https://epr.elastic.co/package/fortinet_fortimail/2.17.0/

[elastic-vault-github-plugin-prod]

Package fortinet_fortimanager - 2.17.0 containing this change is available at https://epr.elastic.co/package/fortinet_fortimanager/2.17.0/

[elastic-vault-github-plugin-prod]

Package fortinet_fortiproxy - 1.3.0 containing this change is available at https://epr.elastic.co/package/fortinet_fortiproxy/1.3.0/

[elastic-vault-github-plugin-prod]

Package goflow2 - 0.6.0 containing this change is available at https://epr.elastic.co/package/goflow2/0.6.0/

[elastic-vault-github-plugin-prod]

Package hashicorp_vault - 1.29.0 containing this change is available at https://epr.elastic.co/package/hashicorp_vault/1.29.0/

[elastic-vault-github-plugin-prod]

Package hpe_aruba_cx - 0.2.0 containing this change is available at https://epr.elastic.co/package/hpe_aruba_cx/0.2.0/