Add backend configuration key to fim integration (#8807)

* Added `force_backend` configuration key to fim integration

* Update packages/fim/manifest.yml

Use a select type instead of text

Co-authored-by: Dan Kortschak <[email protected]>

* Updated changelog and manifest

* feat(fim): update to latest multi-BE fim spec

---------

Co-authored-by: Dan Kortschak <[email protected]>
Co-authored-by: Panos Koutsovasilis <[email protected]>

packages/fim/changelog.yml

@@ -1,4 +1,9 @@
 # newer versions go on top
+- version: "1.15.0"
+  changes:
+    - description: New event sourcing backends added
+      type: enhancement
+      link: https://github.com/elastic/integrations/pull/8807
 - version: "1.14.2"
   changes:
     - description: capture root requirement

packages/fim/data_stream/event/agent/stream/file_integrity.yml.hbs

@@ -5,6 +5,7 @@ paths:
 {{/each}}
 recursive: {{recursive}}
 scan_at_start: {{scan_at_start}}
+backend: {{backend}}
 hash_types:
 {{#each hash_types as |hash i|}}
   - {{hash}}

packages/fim/manifest.yml

@@ -1,7 +1,7 @@
 format_version: "3.0.0"
 name: fim
 title: "File Integrity Monitoring"
-version: "1.14.2"
+version: "1.15.0"
 description: "The File Integrity Monitoring integration reports filesystem changes in real time."
 type: integration
 categories:
@@ -72,6 +72,22 @@ vars:
     required: false
     default:
       - sha1
+  - name: backend
+    type: select
+    title: File Event Source
+    description: |
+      Forces a particular event source for file events on Linux. `fsnotify` does not provide
+      user information.
+    options:
+     - text: ebpf
+       value: ebpf
+     - text: fsnotify
+       value: fsnotify
+     - text: kprobes
+       value: kprobes
+    show_user: true
+    required: false
+    default: fsnotify
   - name: max_file_size
     type: text
     title: File size limit