[microsoft_intune][managed_device] Add microsoft_intune managed_device datastream

[janvi-elastic]

Proposed commit message

The initial release includes managed_device data stream, associated dashboards 
and visualizations.

Microsoft Intune fields are mapped to their corresponding ECS fields where possible.

Test samples were derived from documentation and live data samples, 
which were subsequently sanitized.

Checklist

• I have reviewed tips for building integrations and this pull request is aligned with them.
• I have verified that all data streams collect metrics or logs.
• I have added an entry to my package's changelog.yml file.
• I have verified that Kibana version constraints are current according to guidelines.

How to test this PR locally

• Clone integrations repo.
• Install elastic package locally.
• Start elastic stack using elastic-package.
• Move to integrations/packages/microsoft_intune directory.
• Run the following command to run tests.

elastic-package test

Run asset tests for the package
--- Test results for package: microsoft_intune - START ---
╭──────────────────┬────────────────┬───────────┬───────────────────────────────────────────────────────────────────────────┬────────┬──────────────╮
│ PACKAGE          │ DATA STREAM    │ TEST TYPE │ TEST NAME                                                                 │ RESULT │ TIME ELAPSED │
├──────────────────┼────────────────┼───────────┼───────────────────────────────────────────────────────────────────────────┼────────┼──────────────┤
│ microsoft_intune │                │ asset     │ dashboard microsoft_intune-adaf931d-1be6-4394-a046-35e1d1010f9e is loaded │ PASS   │       2.03µs │
│ microsoft_intune │                │ asset     │ search microsoft_intune-5c69302a-2d0c-45c0-b4b5-2fe864383b99 is loaded    │ PASS   │        626ns │
│ microsoft_intune │                │ asset     │ search microsoft_intune-75100327-86d0-44e5-adfb-52ad2c59dec7 is loaded    │ PASS   │        616ns │
│ microsoft_intune │                │ asset     │ search microsoft_intune-c91d6412-560c-49a5-80c8-eca25bc242dc is loaded    │ PASS   │        640ns │
│ microsoft_intune │ managed_device │ asset     │ index_template logs-microsoft_intune.managed_device is loaded             │ PASS   │        500ns │
│ microsoft_intune │ managed_device │ asset     │ ingest_pipeline logs-microsoft_intune.managed_device-0.1.0 is loaded      │ PASS   │        564ns │
╰──────────────────┴────────────────┴───────────┴───────────────────────────────────────────────────────────────────────────┴────────┴──────────────╯
--- Test results for package: microsoft_intune - END   ---
Done
Run pipeline tests for the package
--- Test results for package: microsoft_intune - START ---
╭──────────────────┬────────────────┬───────────┬────────────────────────────────────────────────────┬────────┬──────────────╮
│ PACKAGE          │ DATA STREAM    │ TEST TYPE │ TEST NAME                                          │ RESULT │ TIME ELAPSED │
├──────────────────┼────────────────┼───────────┼────────────────────────────────────────────────────┼────────┼──────────────┤
│ microsoft_intune │ managed_device │ pipeline  │ (ingest pipeline warnings test-managed-device.log) │ PASS   │ 374.578263ms │
│ microsoft_intune │ managed_device │ pipeline  │ test-managed-device.log                            │ PASS   │ 198.349246ms │
╰──────────────────┴────────────────┴───────────┴────────────────────────────────────────────────────┴────────┴──────────────╯
--- Test results for package: microsoft_intune - END   ---
Done
Run policy tests for the package
--- Test results for package: microsoft_intune - START ---
No test results
--- Test results for package: microsoft_intune - END   ---
Done
Run script tests for the package
--- Test results for package: microsoft_intune - START ---
PKG microsoft_intune
[no test files]
--- Test results for package: microsoft_intune - END ---
Done
Run static tests for the package
--- Test results for package: microsoft_intune - START ---
No test results
--- Test results for package: microsoft_intune - END   ---
Done
Run system tests for the package
--- Test results for package: microsoft_intune - START ---
No test results
--- Test results for package: microsoft_intune - END   ---
Done

Screenshot

Implementation Details

Docs Referred

https://learn.microsoft.com/en-us/intune/intune-service/fundamentals/review-logs-using-azure-monitor

[github-actions]

Vale Linting Results

Summary: 2 warnings found

⚠️ Warnings (2)

File	Line	Rule	Message
packages/microsoft_intune/_dev/build/docs/README.md	23	Elastic.Latinisms	Latin terms and abbreviations are a common source of confusion. Use 'versus' instead of 'vs'.
packages/microsoft_intune/docs/README.md	23	Elastic.Latinisms	Latin terms and abbreviations are a common source of confusion. Use 'versus' instead of 'vs'.

---

The Vale linter checks documentation changes against the Elastic Docs style guide.

To use Vale locally or report issues, refer to Elastic style guide for Vale.

[efd6]

This is not being merged into main, so the version will still be 0.1.1, just adding a changes list element.

[efd6]

Suggested change

	version: 0.2.0
	version: 0.1.0

[elasticmachine]

💚 Build Succeeded

• Buildkite Build
• Commit: 8edc1ed

[efd6]

Thanks

[elastic-vault-github-plugin-prod]

Package microsoft_intune - 0.1.0 containing this change is available at https://epr.elastic.co/package/microsoft_intune/0.1.0/