[checkpoint] Fix checkpoint.source_object mapping

[andrewkroh]

What does this PR do?

According to https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk144192, Check Point module field checkpoint.source_object should be mapped as a string type instead of integer.

Syncs change from: elastic/beats@a5e6e5b

Relates: elastic/beats#25124

Other changes:

• use ECS log.file.path
• add event.original mapping
• sort fields.yml

This was observed while preparing elastic/beats#31076.

Checklist

• I have reviewed tips for building integrations and this pull request is aligned with them.
• I have verified that all data streams collect metrics or logs.
• I have added an entry to my package's changelog.yml file.
• I have verified that Kibana version constraints are current according to guidelines.

Related issues

• Relates: [Check Point] Field checkpoint.source_object mapped incorrectly as long beats#25124

[elasticmachine]

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

[elasticmachine]

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS

Expand to view the summary

Build stats

• Start Time: 2022-03-31T14:23:15.182+0000

• Duration: 15 min 30 sec

Test stats 🧪

Test	Results
Failed	0
Passed	8
Skipped	0
Total	8

🤖 GitHub comments

To re-run your PR in the CI, just comment with:

• /test : Re-trigger the build.

[efd6]

Out of curiosity, what did you use to do the sorting?

[andrewkroh]

I had sorted the fields.yml so I could compare it to the one in beats using yq -i -P 'sort_keys(..)' fields.yml (ref https://mikefarah.gitbook.io/yq/operators/sort-keys). But that's not what I wanted to commit because the order isn't all that friendly to humans. What I wanted to commit was sorting the checkpoint.* fields by their name (e.g. yq '.[0].fields | sort_by(.name)'). That's what is there now.