[7.17](backport #34295) Validate Source IP "LOCAL" or "Unknown" in Windows Security Logs

[mergify]

This is an automatic backport of pull request #34295 done by Mergify.
Cherry-pick of 4a1e56f has failed:

On branch mergify/bp/7.17/pr-34295
Your branch is up to date with 'origin/7.17'.

You are currently cherry-picking commit 4a1e56f295.
  (fix conflicts and run "git cherry-pick --continue")
  (use "git cherry-pick --skip" to skip this patch)
  (use "git cherry-pick --abort" to cancel the cherry-pick operation)

Changes to be committed:
	modified:   CHANGELOG.next.asciidoc

Unmerged paths:
  (use "git add/rm <file>..." as appropriate to mark resolution)
	deleted by us:   x-pack/winlogbeat/module/security/ingest/security.yml
	added by them:   x-pack/winlogbeat/module/security/test/testdata/4778.evtx.golden.json
	added by them:   x-pack/winlogbeat/module/security/test/testdata/4778.golden.json
	added by them:   x-pack/winlogbeat/module/security/test/testdata/4779.evtx.golden.json
	added by them:   x-pack/winlogbeat/module/security/test/testdata/4779.golden.json

To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/github/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally

---

Mergify commands and options

More conditions and actions can be found in the documentation.

You can also trigger Mergify actions by commenting on this pull request:

• @Mergifyio refresh will re-evaluate the rules
• @Mergifyio rebase will rebase this PR on its base branch
• @Mergifyio update will merge the base branch into this PR
• @Mergifyio backport <destination> will backport this PR on <destination> branch

Additionally, on Mergify dashboard you can:

• look at your merge queues
• generate the Mergify configuration with the config editor.

Finally, you can contact us on https://mergify.com

[botelastic]

This pull request doesn't have a Team:<team> label.

[efd6]

Does not apply due to changes in processing model between 7.x and 8.x.

[elasticmachine]

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS

Expand to view the summary

Build stats

• Start Time: 2023-01-19T02:01:39.145+0000

• Duration: 34 min 16 sec

Test stats 🧪

Test	Results
Failed	0
Passed	223
Skipped	0
Total	223

💚 Flaky test report

Tests succeeded.

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

• /test : Re-trigger the build.

• /package : Generate the packages and run the E2E tests.

• /beats-tester : Run the installation tests with beats-tester.

• run elasticsearch-ci/docs : Re-trigger the docs validation. (use unformatted text in the comment!)