Fixes the ML jobs query for the LotL Attack Detection Package

[ajosh0504]

What does this PR do?

While testing changes made in this PR in the snapshot environment, we found that the ML jobs module for the LotL Attack Detection package does not show up if no malicious events were seen by the ingest pipeline. This is not expected behavior. This PR fixes that.

Checklist

• I have reviewed tips for building integrations and this pull request is aligned with them.
• I have verified that all data streams collect metrics or logs.
• I have added an entry to my package's changelog.yml file.
• I have verified that Kibana version constraints are current according to guidelines.

How to test this PR locally

• Build the latest ProblemChild package from this branch
• Stand up a cluster using elastic-package
• Add the LotL Attack Detection integration
• Create a test index with the default index pipeline as the ProblemChild ingest pipeline and mappings for the problemchild prediction and blocklist fields
• Ingest a dummy Windows process event document in the test index which is known to produce a prediction of 0 from the ProblemChild supervised model
• Create a data view for the test index
• Select the test index at the Create Job stage in the Anomaly Detection UI
• Ensure that you see the ProblemChild module appear
• Enable the jobs and make sure they start without errors

Screenshots

• Test index with no malicious events

• Ensuring that the ProblemChild ML job module shows up for the data view corresponding to the test index

• Ensuring that all the jobs were enabled successfully

[elasticmachine]

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS

Expand to view the summary

Build stats

• Start Time: 2022-08-15T20:10:46.295+0000

• Duration: 15 min 16 sec

🤖 GitHub comments

To re-run your PR in the CI, just comment with:

• /test : Re-trigger the build.

[alvarezmelissa87]

Code LGTM ⚡