modsecurity: make pipeline selection more robust when nginx is configured with server_tokens off

[efd6]

What does this PR do?

The transaction.response.headers.Server field may be absent when server_tokens is set to off, so also consider the transaction.producer.connector field when determining pipeline to run. Also protect dereferences.

Checklist

• I have reviewed tips for building integrations and this pull request is aligned with them.
• I have verified that all data streams collect metrics or logs.
• I have added an entry to my package's changelog.yml file.
• I have verified that Kibana version constraints are current according to guidelines.

Author's Checklist

• Ideally we would have a test for the case that is raised in the issue. I have asked for one from the reporter.

How to test this PR locally

Related issues

• Fixes [modsecurity] Pipeline error in case of nginx server_tokens off #7286

Screenshots

[elasticmachine]

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS

Expand to view the summary

Build stats

• Start Time: 2023-08-24T00:55:12.152+0000

• Duration: 16 min 6 sec

Test stats 🧪

Test	Results
Failed	0
Passed	7
Skipped	0
Total	7

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

• /test : Re-trigger the build.

[elasticmachine]

🌐 Coverage report

Name	Metrics % (covered/total)	Diff
Packages	100.0% (1/1)	💚
Files	100.0% (3/3)	💚 3.35
Classes	100.0% (3/3)	💚 3.35
Methods	100.0% (30/30)	💚 8.137
Lines	91.832% (371/404)	👍 3.513
Conditionals	100.0% (0/0)	💚

[elasticmachine]

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

[bhapas]

LGTM. But would be nice to add the specific test scenario from the issue mentioned

[bhapas]

LGTM

[elasticmachine]

Package modsecurity - 1.11.1 containing this change is available at https://epr.elastic.co/search?package=modsecurity