Add GC log level for Elasticsearch

[danielmitterdorfer]

Elasticsearch 8.7.0 will change the JVM log output format to include a level parameter (see elastic/elasticsearch#92382); the available log levels are described in the java man page. As there is an existing ingest pipeline to ingest GC logs, it needs to be adapted as well (only the JVM9HEADER will need to change).

Here are some example log lines:

Before this change:

[2022-12-15T06:19:16.936+0000][15181][gc,start    ] GC(0) Pause Young (Normal) (G1 Evacuation Pause)

After this change:

[2022-12-15T06:22:27.932+0000][16320][info][gc,start    ] GC(0) Pause Young (Normal) (G1 Evacuation Pause)
[2022-12-15T06:22:27.932+0000][16320][debug][gc,age      ] GC(0) Desired survivor size 14680064 bytes, new threshold 15 (max threshold 15)
[2022-12-15T06:22:27.935+0000][16320][info ][gc,phases   ] GC(0)   Pre Evacuate Collection Set: 0.1ms
[2022-12-15T06:22:27.935+0000][16320][trace][gc,age      ] GC(0) Age table with threshold 15 (max threshold 15)

Notice how the log level might have trailing spaces (third line in the example).

I'm not familiar enough with grok but I believe the grok pattern would need to change to something like:

 JVM9HEADER: \[%{TIMESTAMP_ISO8601:timestamp}\]\[%{DATA:elasticsearch.gc.level}%{SPACE}\]\[%{POSINT:process.pid}\]\[%{DATA:elasticsearch.gc.tags}%{SPACE}\]

where elasticsearch.gc.level needs to be optional to support also pre 8.7.0 clusters. It should also end up in log.level when present.

[botelastic]

This issue doesn't have a Team:<team> label.