Upgrade Winlogbeat to v8.x

[caffeinatedpixel]

Closes #67
Somewhat depends on activecm/BeaKer#75

Agent Changes:

• Changes the install directory from C:\Program Files\winlogbeat-* to C:\Program Files\Winlogbeat-Espy in order to be able to install newer versions of winlogbeat and more easily detect the currently installed version
• Adds a parameter, BeatsVersion, that allows the desired version of winlogbeat to be installed to be overridden
• Updates the winlogbeat.yml config as needed for 7.17 and 8.x
  • When upgrading to v8.x, the - script entry within processors that refers to winlogbeat-sysmon.js is removed because it will cause winlogbeat to not run if it still exists

Server Changes:

• Changes data parsed as integers to json.Number, as newer versions of Winlogbeat use strings to represent numbers. This data type makes it easy to parse both integers and strings using the same struct field and not requiring a custom unmarshaller
• Creates a new data type for Winlogbeat v8.x logs, as the sysmon processor for v8.x no longer exists on the agent system and is handled exclusively by Elasticsearch. Since espy does not require the use of Elasticsearch, the data is manually parsed by hand and converted to the standard ECSRecord type.
• Sends the ECS data to Elasticsearch using different URLs depending on the version of Winlogbeat the log came from

[Zalgo2462]

I noticed the same bug in the agent installer from activecm/BeaKer#75 where we need to pass through the BeatsVersion. Other than that, all of the code looks good to me.

I plan on testing the following agents with the new version of the Espy server code:
-7.5 (from a previous install)
-7.17
-8.7

[Zalgo2462]

We need to add BeatsVersion to the argument list here.

[Zalgo2462]

I started by installing winlogbeat 7.5, the current version of espy, and the current version of beaker. (7.5 agent -> current espy -> 7.5 es).

Then, I upgraded the Espy server to the version here in this PR. This update worked well and continued to send data from the agent to elastic. (7.5 agent -> espy pr -> 7.5 es).

I upgraded beaker to ES 7.17 using the PR at activecm/BeaKer#75 next. Data continued to flow correctly. (7.5 agent -> espy pr -> 7.17 es).

Afterwards, I upgraded the winlogbeat agent to 7.17 using the new agent installer in this PR. Everything went well. I double checked that both the zeek logs and elastic were being updated. (7.17 agent -> espy pr -> 7.17 es).

Next, I upgraded beaker to ES 8.7. Things continued to work well. (7.17 agent -> espy pr -> 8.7 es).

Finally, I upgraded the winlogbeat agent to 8.7 using the installer in this PR, and everything continued to work corretly. (8.7 agent -> espy pr -> 8.7 es).

Once we fix the BeatsVersion bug above, this PR should be good to go. 👍

[Zalgo2462]

LGTM. Great work!