[cisco_aironet] Add support for logs with dual sequence numbers and timezone abbreviations

[kgeller]

Proposed commit message

Adds Grok pattern support for Cisco logs that include dual sequence numbers, explicit hostname fields, and timezone abbreviations, which were previously failing to parse.

Changes:

• New Grok pattern (default.yml line 20): Added pattern to match <priority>sequence: hostname: sequence: date: message format
• Updated AIRONET_DATE pattern (line 27):
  • Now captures timezone abbreviations using %{WORD:_temp_.raw_date_timezone} instead of %{TZ} for broader compatibility with non-standard abbreviations like SGT
  • Uses flexible whitespace matching (\\s+) for more robust date parsing
• Test configuration: Added tz_offset: Asia/Singapore to test config to properly handle timezone abbreviations during date parsing
• Test samples: Added two sanitized log samples demonstrating the new format

Checklist

• I have reviewed tips for building integrations and this pull request is aligned with them.
• I have verified that all data streams collect metrics or logs.
• I have added an entry to my package's changelog.yml file.
• I have verified that Kibana version constraints are current according to guidelines.
• I have verified that any added dashboard complies with Kibana's Dashboard good practices

[elastic-vault-github-plugin-prod]

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

[elasticmachine]

Pinging @elastic/integration-experience (Team:Integration-Experience)

[elasticmachine]

💚 Build Succeeded

• Buildkite Build
• Commit: f9b585c

History

• 💚 Build #37555 succeeded a8c30fc
• 💔 Build #37553 failed 62d6918

cc @kgeller