snyk: fix audit_logs event type filter being silently ignored

[kcreddy]

Proposed commit message

snyk: fix audit_logs event type filter being silently ignored

The CEL program reads state.events_filter (plural) but the state
template stores the configured event types under event_filter
(singular). The key mismatch means the filter is never applied and
all event types are collected regardless of user configuration.
The problem was introduced in elastic/integrations#10073.

Fix the CEL query parameter reference to use the correct key.

Fixes elastic/integrations#18653

Checklist

• I have reviewed tips for building integrations and this pull request is aligned with them.
• I have verified that all data streams collect metrics or logs.
• I have added an entry to my package's changelog.yml file.
• I have verified that Kibana version constraints are current according to guidelines.
• I have verified that any added dashboard complies with Kibana's Dashboard good practices

How to test this PR locally

Newly added system tests (with event option) passes:

--- Test results for package: snyk - START ---
╭─────────┬─────────────┬───────────┬──────────────┬────────┬───────────────╮
│ PACKAGE │ DATA STREAM │ TEST TYPE │ TEST NAME    │ RESULT │  TIME ELAPSED │
├─────────┼─────────────┼───────────┼──────────────┼────────┼───────────────┤
│ snyk    │ audit_logs  │ system    │ event-filter │ PASS   │ 46.624782375s │
╰─────────┴─────────────┴───────────┴──────────────┴────────┴───────────────╯
--- Test results for package: snyk - END   ---
Done

Related issues

• Closes [bug-hunter] Snyk audit_logs event filter is ignored due to state key mismatch #18653

[infra-vault-gh-plugin-prod]

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)

[elastic-vault-github-plugin-prod]

🚀 Benchmarks report

To see the full report comment with /test benchmark fullreport

[elasticmachine]

💚 Build Succeeded

• Buildkite Build
• Commit: 83a1fdf

cc @kcreddy