## Summary
Adds e2e tests for the `constant_keyword` regular `keyword` to compare between the two. Bugs found with these is one where we do not copy `constant_keyword` fields into signals which I added `.skip` to the tests now.
Tested these rule types:
* KQL
* EQL
* Threshold
For the mappings of the `constant_keyword` I use both the `constant_keyword` and the field `alias` like so:
```json
{
"properties": {
"@timestamp": {
"type": "date"
},
"data_stream": {
"properties": {
"dataset": {
"type": "constant_keyword",
"value": "dataset_name_1"
},
"module": {
"type": "constant_keyword",
"value": "module_name_1"
}
}
},
"event": {
"properties": {
"category": {
"type": "keyword"
},
"dataset": {
"type": "alias",
"path": "data_stream.dataset"
},
"module": {
"type": "alias",
"path": "data_stream.module"
}
}
}
}
}
```
To ensure we can detect against fields. I also mix them with regular const keyword fields in another index to ensure they work also in mixed use cases.
### Checklist
- [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios
598e63b532