Add support into the httpjson input to collect values of maps in different events

[jsoriano]

Describe the enhancement:

httpjson input currently supports collecting a different event for each object contained in a JSON array. There are two options for that: json_objects_array, that collects the objects in an array directly as separate documents, and split_events_by, that does something similar, but adding the fields of the parent JSON object.

There are cases where multiple events are sent in a hash instead of a list. Something like this:

{
  "events": {
    "someid01": {
      "time": "2020-09-29 11:54:27",
      "action": "log in"
    },
    "someid02": {
      "time": "2020-09-29 12:43:27",
      "action": "create user"
    }
  }
}

There could be something like a json_objects_map, so with the following configuration it is able to collect events from a response like the previous one:

- type: httpjson
  json_objects_map:
    map: events
    key_field: id

Previous configuration, would collect something like these two events for the previous example:

{
  "id": "someid01",
  "time": "2020-09-29 11:54:27",
  "action": "log in"
}

{
  "id": "someid02",
  "time": "2020-09-29 12:43:27",
  "action": "create user"
}

Describe a specific use case for the enhancement or feature:

• Seen something like this in discuss: https://discuss.elastic.co/t/filebeat-7-9-1-parsing-http-json-data/250314/4

[elasticmachine]

Pinging @elastic/siem (Team:SIEM)

[jsoriano]

Thanks @marc-gr! #22320 looks great!