Add routing rules for WAF logs based on log format

[kaiyan-sheng]

What does this PR do?

This PR is to enhance routing rules for WAF logs based its log format instead of firehose stream name and cloudwatch log group name. This way when WAF logs are sent to S3 bucket -> lambda -> firehose, our awsfirehose integration will still be able to route it correctly.

This PR also removes all namespace in routing rules since we are using the default, no need to specify it. (will make this a separate change, this is causing error when running elastic-package test -v --report-format xUnit --report-output file --test-coverage command)

Checklist

• I have reviewed tips for building integrations and this pull request is aligned with them.
• I have verified that all data streams collect metrics or logs.
• I have added an entry to my package's changelog.yml file.
• I have verified that Kibana version constraints are current according to guidelines.

[elasticmachine]

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS

Expand to view the summary

Build stats

• Start Time: 2023-09-20T22:10:46.874+0000

• Duration: 15 min 39 sec

Test stats 🧪

Test	Results
Failed	0
Passed	9
Skipped	0
Total	9

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

• /test : Re-trigger the build.

[elasticmachine]

🌐 Coverage report

Name	Metrics % (covered/total)	Diff
Packages	100.0% (1/1)	💚
Files	100.0% (1/1)	💚 8.333
Classes	100.0% (1/1)	💚 8.333
Methods	60.0% (3/5)	👎 -25.156
Lines	100.0% (79/79)	💚 8.45
Conditionals	100.0% (0/0)	💚

[elasticmachine]

Package awsfirehose - 0.2.1 containing this change is available at https://epr.elastic.co/search?package=awsfirehose