[WithSecure Elements] Add missing fields and documentation improvements

[fspms]

Summary

This PR updates the WithSecure Elements integration to version 0.2.0 by adding missing fields from the API specifications and improving documentation.

Changes

Field Additions

• Security Events: Added 60+ missing fields from the API specifications covering all event types:
  • EDR/XDR events: readableIncidentId, mergedTo
  • File Scanning events: systemWide, readOnly, rebootRequiredToDelete, availableActions, recommendedAction, containerSize, containerMailbox, subItem, accessOperation, accessFlags, accessorHash, accessorPath
  • Application Control events: targetFileVersion, targetPrevalence, targetProductName, targetProductVersion, targetSignatureSignerName, targetVersionCompanyName, errorMessage
  • Server Share Protection/Rollback events: items, backupFolder, isQuarantineAllowed, processOperations, registryOperations
  • Web Traffic Scanning events: contentType, websiteUrl, computerName
  • Firewall events: ruleGroupName, layerName, ruleDirection, ipProtocol
  • DeepGuard events: rarity, exploit, commandLine
  • Device Control events: devicePath, deviceId, deviceName, initiator
  • Integrity Checker events: processId
  • Tamper Protection events: actionType, initiator_certificate_hash, initiator_signer_name, ipAddress, requestType
  • XFence events: operation, processHash, processPath, processTeamId
  • Collaboration Protection (ECP) events: serviceId, inboxRuleName, prevalenceScore, filename, and all ECP-specific fields
  • XM (Exposure Management) events: recommendationDetails, recommendationId, recommendationName, recommendationStatus, remediationEffort, remediationEffortString, remediationImpact, topAssets, totalAssets, topFindings, totalFindings
  • AMSI events: appName, contentName
  • Connector events: daysFromLastUpdate
• Root level fields: Added server_timestamp and xmRecommendationKey
• Device fields: Added winsAddress, winsName, clientType
• Incidents: Added description field

Configuration Updates

• Added ECP (Collaboration Protection) and XM (Exposure Management) to default engine groups configuration
• All four engine groups (EPP, EDR, ECP, XM) are now enabled by default

Documentation Improvements

• Updated README with comprehensive field listing (removed generic ECS fields, kept only WithSecure-specific fields)
• Added detailed setup instructions with screenshots for API client creation
• Improved field descriptions with event type context

Version Update

• Updated package version from 0.1.0 to 0.2.0
• Updated changelog with all changes following Elastic conventions

[elasticmachine]

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

[chemamartinez]

Add this link field to the other changes items.

[chemamartinez]

Suggested change

	type: documentation
	type: enhancement

Documentation is not a valid type.

[chemamartinez]

Documentation changes need to be added in _dev/build/docs/README.md, so this file docs/README.md is autogenerated when building the package with elastic-package build.

[chemamartinez]

We don't add these kind of screenshots into the package generally. The expected content of this img folder is dashboard screenshots.

Please remove all these screenshots, add them into the pull request description instead.

[chemamartinez]

It would be great to add some test cases where we can see how events with these new fields are processed and stored.