Make Syslog parser/processor handle errors more gracefully

[taylor-swanson]

The new Syslog parser and processor added in 8.2 is too strict and ends up throwing away any parsed data if an error occurs. The original assumption was that if an error occurred, it meant that the message was unusable. While this may be true if the error was an early EOF (message was truncated), a lot of other errors tend to occur due to subtle variations in adherence to RFCs. There is still a lot of value in providing the data parsed, even if it's incomplete.

The behavior should be changed so that if an error is encountered, parsing continues as best it can and whatever data is extracted is still passed on to the user. This will require some changes to the parsing logic in the Ragel files to ensure that best effort parsing is being done, rather than exiting early if an error is encountered. The decode_cef processor from x-pack/filebeat uses a similar mechanism and could be used a as a guide for this change.

[elasticmachine]

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)