[DOCS] Add new EQL search configuration options

## Description 

When creating a new event correlation detection rule, there are three new configuration options for EQL queries (per https://github.com/elastic/kibana/pull/132247):
- Event category field - Allows user to modify the categorization field to classify different types of events
- Tiebreaker field - Used to sort hits with the same timestamp in ascending order
- Timestamp field - Controls how documents are sorted within the result set

## Checklist
- [x] Update procedure to include new options: https://www.elastic.co/guide/en/security/master/rules-ui-create.html#create-eql-rule
   - [x] Links to Elasticsearch/EQL docs on [timestamp and event category field](https://www.elastic.co/guide/en/elasticsearch/reference/current/eql.html#specify-a-timestamp-or-event-category-field) and [tiebreaker field](https://www.elastic.co/guide/en/elasticsearch/reference/master/eql.html#eql-search-specify-a-sort-tiebreaker) 
- [x] Update screenshot to include new icon: https://www.elastic.co/guide/en/security/master/images/eql-rule-query-example.png
- [x] Update API topics, including new settings as optional fields:
   - [x] https://www.elastic.co/guide/en/security/master/rules-api-create.html
   - [x] https://www.elastic.co/guide/en/security/current/rules-api-update.html

## Screenshot
![Screenshot 2022-05-16 at 15 40 12](https://user-images.githubusercontent.com/2700761/168611737-48cbf9cf-1936-4346-9873-fcd938bd70fa.png)


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[DOCS] Add new EQL search configuration options #2018

Description

Checklist

Screenshot

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[DOCS] Add new EQL search configuration options #2018

Description

Description

Checklist

Screenshot

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions