Jamf Pro: add support for ECS entity fields

[chemamartinez]

Proposed commit message

Adds ECS entity field support to the Jamf Pro integration for both
the inventory and events data streams.

Maps managed status, OS version, last activity timestamp, group
memberships, and local admin accounts to host.entity.* and
user.entity.* fields:

- host.entity.attributes.managed from general.remote_management.managed
- host.os.* (name, version, full, platform) moved from standalone
  os.* to the host.os.* namespace in both pipelines
- host.entity.lifecycle.last_activity from general.last_contact_time
  (inventory) and webhook.event_timestamp (events)
- user.group.id and user.group.name from group_memberships[*].
  It requires the GROUP_MEMBERSHIPS section to be enabled.
- user.entity.attributes.administered_by from local_user_accounts[*]
  where admin == true, collecting {user_id, username, email} per entry.
  It requires the LOCAL_USER_ACCOUNTS section to be enabled.

Checklist

• I have reviewed tips for building integrations and this pull request is aligned with them.
• I have verified that all data streams collect metrics or logs.
• I have added an entry to my package's changelog.yml file.
• I have verified that Kibana version constraints are current according to guidelines.
• I have verified that any added dashboard complies with Kibana's Dashboard good practices

Related issues

• Closes Jamf Pro: add support for entity fields #18293

[github-actions]

Vale Linting Results

Summary: 6 warnings found

⚠️ Warnings (6)

File	Line	Rule	Message
packages/jamf_pro/docs/README.md	204	Elastic.QuotesPunctuation	Place punctuation inside closing quotation marks.
packages/jamf_pro/docs/README.md	205	Elastic.Latinisms	Latin terms and abbreviations are a common source of confusion. Use 'for example' instead of 'e.g'.
packages/jamf_pro/docs/README.md	206	Elastic.Latinisms	Latin terms and abbreviations are a common source of confusion. Use 'for example' instead of 'e.g'.
packages/jamf_pro/docs/README.md	511	Elastic.QuotesPunctuation	Place punctuation inside closing quotation marks.
packages/jamf_pro/docs/README.md	512	Elastic.Latinisms	Latin terms and abbreviations are a common source of confusion. Use 'for example' instead of 'e.g'.
packages/jamf_pro/docs/README.md	513	Elastic.Latinisms	Latin terms and abbreviations are a common source of confusion. Use 'for example' instead of 'e.g'.

---

The Vale linter checks documentation changes against the Elastic Docs style guide.

To use Vale locally or report issues, refer to Elastic style guide for Vale.

[elastic-vault-github-plugin-prod]

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

[elasticmachine]

💚 Build Succeeded

• Buildkite Build
• Commit: cd3d839

History

• 💔 Build #41525 failed 6938ae5
• 💔 Build #41515 failed cb6b0fc

cc @chemamartinez