[Cisco ASA] Fix timezone handling

[bhapas]

Summary

Fix timezone parsing in Cisco ASA and FTD ingest pipelines to support timezone abbreviations beyond US-centric 3-letter codes (e.g. WEST, CEST, BST, GMT, IST).

The TZ grok pattern was previously defined as (?:[APMCE][SD]T|UTC), which only matched EST, EDT, PST, PDT, MST, MDT, CST, CDT, AST, ADT, and UTC. Timezone abbreviations like WEST (Western European Summer Time) were silently dropped, causing timestamps to fall back to UTC and resulting in a 1-hour offset.

Changes:

• Widened the TZ grok pattern to [a-zA-Z]{1,7}([+-]\d{1,2}(:\d{2})?)? — matches 1–7 letter abbreviations with an optional numeric offset suffix (e.g. UTC+1, CET+02:00)

Test plan

• Verify existing test-asa-tz-mapping.log pipeline test still passes (EDT → America/New_York, PST → -08:00)
• Test with a log containing WEST timezone — confirm @timestamp reflects +01:00 offset instead of UTC

[elasticmachine]

💔 Build Failed

• Buildkite Build
• Commit: 2a061f8

Failed CI Steps

• Check integrations cisco_asa

History

• 💔 Build #43423 failed 3929add

cc @bhapas

[infra-vault-gh-plugin-prod]

Pinging @elastic/integration-experience (Team:Integration-Experience)