add categories to data_stream

[trisch-me]

What does this PR do?

Over the past few months we have been discussed discrepancies between in telemetry due to non sufficient granularity for categorisation. We declare categories on integration level, but every data_stream should have it’s own category for correct telemetry

see more in https://github.com/elastic/security-team/issues/15583

Why is it important?

There have been couple of proposals on how to achieve needed level of granularity. The easiest and clearer way is to put category where it belongs - to its data_stream.
This change is backward compatible because new field is optional. It means we shouldn’t now redefine all the data_streams, but only those with mismatch between integration’s categories and particular data_stream

Checklist

• I have added test packages to test/packages that prove my change is effective.
• I have added an entry in spec/changelog.yml.

Related issues

• Relates https://github.com/elastic/security-team/issues/15583

[elasticmachine]

💚 Build Succeeded

• Buildkite Build
• Commit: 0483d62

[trisch-me]

@jsoriano can I get review for this PR? thanks

[jsoriano]

Commented in the internal issue about some open questions related to the implications of this change, please wait before going on with it. Thanks!