[Filebeat][google_workspace] Support additional applications from reports API

[ynirk]

Describe the enhancement:

Filebeat google_workspace module only supports a subset of applications from Google Reports API.
In order to gain visibility and have more detection capabilities, it would be nice to have the other applications available for ingestion:

• access_transparency
• calendar
• chat
• gcp
• gplus
• groups_enterprise
• jamboard
• meet
• mobile
• rules
• token

Elastic Agent has a similar enhancement issue in elastic/integrations#4722

Describe a specific use case for the enhancement or feature:

As a security analyst we like to have a full visibility on logs in case we need them for investigation. Also we can create new detection based on these new sources.

[elasticmachine]

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)

[ghost]

I would like that highlight that token is closely tied to the existing google_workspace audit sources and has security use cases on par with login type events.

[jamiehynds]

@sf-sharris we recently added some additional sources to our Workspace integration (via Elastic Agent). Additional sources included Access Transparency, Groups Enterprise, Mobile/Device, Oauth/Token and Context Aware Access.

elastic/integrations#4722

[elasticmachine]

Pinging @elastic/security-service-integrations (Team:Security-Service Integrations)