crowdstrike: improve windows events mappings

Author: navnit-elastic

packages/crowdstrike/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "2.3.0"
+  changes:
+    - description: Enhance the field mappings for Windows events in the FDR data stream.
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/15342
 - version: "2.2.1"
   changes:
     - description: Fix processing of `crowdstrike.User.Name` field.

packages/crowdstrike/data_stream/fdr/_dev/test/pipeline/test-data.log-expected.json

@@ -278,6 +278,7 @@
             },
             "host": {
                 "hostname": "example-XXXXXXXXX",
+                "id": "11111111111111111111111111111111",
                 "name": "example-XXXXXXXXX",
                 "os": {
                     "type": "macos"

packages/crowdstrike/data_stream/fdr/_dev/test/pipeline/test-fdr-lengthy-field-delete.log-expected.json

@@ -58,6 +58,7 @@
             },
             "host": {
                 "hostname": "example-XXXXXXXXX",
+                "id": "1111",
                 "name": "example-XXXXXXXXX",
                 "os": {
                     "type": "macos"

packages/crowdstrike/data_stream/fdr/_dev/test/pipeline/test-fdr-lengthy-field-index.log-expected.json

@@ -59,6 +59,7 @@
             },
             "host": {
                 "hostname": "example-XXXXXXXXX",
+                "id": "1111",
                 "name": "example-XXXXXXXXX",
                 "os": {
                     "type": "macos"