Remove missing fields in Windows Event Log Cleared detection

[AndreiBanaru]

As described in #4000, I believe these fields should be removed since the aggregation will miss results for EventCode=104.

[AndreiBanaru]

Bummer, I see the build failed since Windows Event Log Security 1102 data source expects these fields:

Value error, Data source 'Windows Event Log Security 1102' has output fields ['app', 'name', 'object_attrs', 'src_user', 'subject'] that are not present in the search for detection 'Windows Event Log Cleared'

[AndreiBanaru]

I could do a:

| fillnull app name object_attrs signature src_user subject value=unknown

right before the stats , but in my opinion maybe you guys would want to reconsider updating contentctl to just throw a warning if the output_fields aren't all present in the query.

[nasbench]

Bummer, I see the build failed since Windows Event Log Security 1102 data source expects these fields:

Value error, Data source 'Windows Event Log Security 1102' has output fields ['app', 'name', 'object_attrs', 'src_user', 'subject'] that are not present in the search for detection 'Windows Event Log Cleared'

This is not an issue, we could remove these from the required fields, if they are not filled. I will investigate and apply the changes accordingly.