Filebeat tests: Restore @timestamp field validation (#29772)

This restores the `@timestamp` field in Filebeat's module tests, so that
it is properly validated.

Temporarily disable timestamp validation in ibmmq module

Author: adriansr

filebeat/module/apache/error/test/sublevel.log-expected.json

@@ -18,4 +18,4 @@
         "process.thread.id": 140413273032448,
         "service.type": "apache"
     }
-]
+]

filebeat/module/auditd/log/test/audit-cent7-node.log-expected.json

@@ -1,5 +1,6 @@
 [
     {
+        "@timestamp": "2020-07-06T16:38:34.588Z",
         "auditd.log.format": "raw",
         "auditd.log.kernel": "3.10.0-1062.9.1.el7.x86_64",
         "auditd.log.node": "localhost.localdomain",
@@ -32,6 +33,7 @@
         "user.id": "0"
     },
     {
+        "@timestamp": "2020-07-06T16:38:34.707Z",
         "auditd.log.audit_backlog_limit": "8192",
         "auditd.log.node": "localhost.localdomain",
         "auditd.log.old": "64",
@@ -61,6 +63,7 @@
         "user.audit.id": "4294967295"
     },
     {
+        "@timestamp": "2020-07-06T16:38:34.707Z",
         "auditd.log.audit_failure": "1",
         "auditd.log.node": "localhost.localdomain",
         "auditd.log.old": "1",
@@ -90,6 +93,7 @@
         "user.audit.id": "4294967295"
     },
     {
+        "@timestamp": "2020-07-06T16:38:34.709Z",
         "auditd.log.node": "localhost.localdomain",
         "auditd.log.record_type": "SERVICE_START",
         "auditd.log.sequence": 6,
@@ -121,6 +125,7 @@
         "user.id": "0"
     },
     {
+        "@timestamp": "2020-07-06T16:38:34.725Z",
         "auditd.log.node": "localhost.localdomain",
         "auditd.log.record_type": "SYSTEM_BOOT",
         "auditd.log.sequence": 7,
@@ -147,6 +152,7 @@
         "user.id": "0"
     },
     {
+        "@timestamp": "2020-07-06T16:38:34.739Z",
         "auditd.log.node": "localhost.localdomain",
         "auditd.log.record_type": "SERVICE_START",
         "auditd.log.sequence": 8,
@@ -178,6 +184,7 @@
         "user.id": "0"
     },
     {
+        "@timestamp": "2020-07-06T16:38:34.807Z",
         "auditd.log.node": "localhost.localdomain",
         "auditd.log.record_type": "SERVICE_START",
         "auditd.log.sequence": 9,
@@ -209,6 +216,7 @@
         "user.id": "0"
     },
     {
+        "@timestamp": "2020-07-06T16:38:34.843Z",
         "auditd.log.node": "localhost.localdomain",
         "auditd.log.record_type": "SERVICE_START",
         "auditd.log.sequence": 10,
@@ -240,6 +248,7 @@
         "user.id": "0"
     },
     {
+        "@timestamp": "2020-07-06T16:38:34.850Z",
         "auditd.log.node": "localhost.localdomain",
         "auditd.log.record_type": "SERVICE_START",
         "auditd.log.sequence": 11,
@@ -271,6 +280,7 @@
         "user.id": "0"
     },
     {
+        "@timestamp": "2020-07-06T16:38:34.857Z",
         "auditd.log.node": "localhost.localdomain",
         "auditd.log.record_type": "SERVICE_START",
         "auditd.log.sequence": 12,

filebeat/module/auditd/log/test/audit-rhel6.log-expected.json

@@ -1,5 +1,6 @@
 [
     {
+        "@timestamp": "2017-03-14T19:20:30.178Z",
         "auditd.log.op": "PAM:session_close",
         "auditd.log.record_type": "USER_END",
         "auditd.log.sequence": 19600327,
@@ -31,6 +32,7 @@
         "user.name": "root"
     },
     {
+        "@timestamp": "2017-03-14T19:20:30.178Z",
         "auditd.log.op": "PAM:setcred",
         "auditd.log.record_type": "CRED_DISP",
         "auditd.log.sequence": 19600328,
@@ -62,6 +64,7 @@
         "user.name": "root"
     },
     {
+        "@timestamp": "2017-03-14T19:20:56.192Z",
         "auditd.log.record_type": "USER_CMD",
         "auditd.log.sequence": 19600329,
         "auditd.log.ses": "11988",
@@ -95,6 +98,7 @@
         "user.id": "497"
     },
     {
+        "@timestamp": "2017-03-14T19:20:56.193Z",
         "auditd.log.op": "PAM:setcred",
         "auditd.log.record_type": "CRED_ACQ",
         "auditd.log.sequence": 19600330,
@@ -126,6 +130,7 @@
         "user.name": "root"
     },
     {
+        "@timestamp": "2017-03-14T19:20:56.193Z",
         "auditd.log.op": "PAM:session_open",
         "auditd.log.record_type": "USER_START",
         "auditd.log.sequence": 19600331,
@@ -157,6 +162,7 @@
         "user.name": "root"
     },
     {
+        "@timestamp": "2017-03-14T19:23:02.529Z",
         "auditd.log.dst_prefixlen": 22,
         "auditd.log.op": "SPD-add",
         "auditd.log.sequence": 19600354,
@@ -178,6 +184,7 @@
         "user.audit.id": "4294967295"
     },
     {
+        "@timestamp": "2017-03-14T19:23:02.529Z",
         "auditd.log.a0": "9",
         "auditd.log.a1": "7f564ee6d2a0",
         "auditd.log.a2": "b8",
@@ -221,6 +228,7 @@
         "user.saved.id": "0"
     },
     {
+        "@timestamp": "2017-03-16T04:02:40.072Z",
         "auditd.log.new_auid": "700",
         "auditd.log.new_ses": "12286",
         "auditd.log.old_auid": "700",
@@ -250,6 +258,7 @@
         "user.id": "700"
     },
     {
+        "@timestamp": "2017-03-16T04:02:40.070Z",
         "auditd.log.direction": "both",
         "auditd.log.kind": "session",
         "auditd.log.laddr": "107.170.139.210",
@@ -296,6 +305,7 @@
         "user.saved.id": "74"
     },
     {
+        "@timestamp": "2017-03-16T04:02:40.072Z",
         "auditd.log.op": "success",
         "auditd.log.record_type": "USER_AUTH",
         "auditd.log.sequence": 19623789,
@@ -339,6 +349,7 @@
         "user.terminal": "ssh"
     },
     {
+        "@timestamp": "2017-03-16T04:02:57.804Z",
         "auditd.log.op": "PAM:authentication",
         "auditd.log.record_type": "USER_AUTH",
         "auditd.log.sequence": 19623807,
@@ -371,6 +382,7 @@
         "user.terminal": "pts/0"
     },
     {
+        "@timestamp": "2017-03-16T04:02:57.805Z",
         "auditd.log.op": "PAM:accounting",
         "auditd.log.record_type": "USER_ACCT",
         "auditd.log.sequence": 19623808,