Add back custom.yml files to LotL, DGA packages

[jmcarlock]

Proposed commit message

Adds fields/custom.yml files back to the DGA and Living off the Land (ProblemChild) integration packages. These files are used for integration testing done upstream.

Checklist

• I have reviewed tips for building integrations and this pull request is aligned with them.
• I have verified that all data streams collect metrics or logs. Not needed
• I have added an entry to my package's changelog.yml file.
• I have verified that Kibana version constraints are current according to guidelines.

Author's Checklist

• Test with elastic-package

How to test this PR locally

Build with elastic-package.

Related issues

• https://github.com/elastic/security-ml/issues/474

[susan-shu-c]

Thanks Gus! In this PR description, can you also link the PRs where the files were previously removed, for documentation purposes?

[elasticmachine]

💚 Build Succeeded

• Buildkite Build
• Commit: d9a9f34

History

• 💔 Build #14784 failed 3271ca8

cc @jmcarlock

[elastic-sonarqube]

Quality Gate failed

Failed conditions
0.0% Coverage on New Code (required ≥ 80%)

See analysis details on SonarQube

[jmcarlock]

@susan-shu-c here's the original PR

• Improve DGA/LotL doc's Installation Procedures #10476

[jmcarlock]

• Low coverage on SonarQube is a known issue for these packages, e.g. from this previous PR.
• The yaml files in the fields directories are only used for integration package testing and not for actually providing mappings for these fields. This was not clear with the previous PR, thank you @shashank-elastic !

[jmcarlock]

Thank you @susan-shu-c @sodhikirti07 @qn895 for the quick review!

[elasticmachine]

Package dga - 2.0.4 containing this change is available at https://epr.elastic.co/search?package=dga

[elasticmachine]

Package problemchild - 2.1.5 containing this change is available at https://epr.elastic.co/search?package=problemchild