okta: make extra efforts to extract risk information from debug_data

[efd6]

What does this PR do?

The format used by Okta in the debug data fields are not generally parsable with a kv processor, but the risk level and reason fields in are of enough value to make some extra effort to recover if the kv processor failed. In this case also retain the original object in case there were other fields in the object.

Checklist

• I have reviewed tips for building integrations and this pull request is aligned with them.
• I have verified that all data streams collect metrics or logs.
• I have added an entry to my package's changelog.yml file.
• I have verified that Kibana version constraints are current according to guidelines.

Author's Checklist

• [ ]

How to test this PR locally

Related issues

• Fixes [Okta] Integration can create error field [okta.debug_context.debug_data.flattened.risk] does not contain value_split [=] #4783

Screenshots

[elasticmachine]

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS

Expand to view the summary

Build stats

• Start Time: 2022-12-14T09:43:38.351+0000

• Duration: 14 min 29 sec

Test stats 🧪

Test	Results
Failed	0
Passed	7
Skipped	0
Total	7

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

• /test : Re-trigger the build.

[elasticmachine]

🌐 Coverage report

Name	Metrics % (covered/total)	Diff
Packages	100.0% (1/1)	💚
Files	100.0% (1/1)	💚
Classes	100.0% (1/1)	💚
Methods	100.0% (18/18)	💚 14.286
Lines	86.689% (521/601)	👎 -12.116
Conditionals	100.0% (0/0)	💚

[elasticmachine]

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

[kcreddy]

Minor clarification and need to fix merge conflicts. LGTM 👍🏼

[elasticmachine]

Package okta - 1.12.1 containing this change is available at https://epr.elastic.co/search?package=okta