feat(splunk_hec source): Support custom extractors

[20agbekodo]

This PR is the complete version of this one which implements custom extractors for the SplunkHEC source.

Explanation

From the first PR

• a trait Extractor was created and added as a generic parameter to SplunkSource
• the array of DefaultExtractors used in the EventIterator were grouped under a single DefaultExtractor type implementing Extractor and provided as the default type for the splunk source generic (the original DefaultExtractor type was renamed MetaExtractor)
• this Extractor trait provides a constructor which is called when instantiating the EventIterator, passing a RequestMeta object containing information about the request being processed (splunk token, remote address)
• the splunk source initialization logic was put out of the SplunkConfig into a listen method so that the SplunkSource can be easily initialized in a different context
• some methods declared in the SplunkSource impl which did not depend on the SplunkSource struct (options, required_channel, lenient_json_content_type_check) were moved to plain functions to avoid the need for calling them with SplunkSource::<DefaultExtractor>::options()

Added on top of that

Add type Config: Send + Sync + Clone to the Extractor trait so that
wrapper implementations (e.g. OPW's splunk_hec_opw) can receive
per-source config data (such as a token-to-attribute mapping) at
extractor construction time without relying on global state.

Change Type

• Bug fix
• New feature
• Dependencies
• Non-functional (chore, refactoring, docs)
• Performance

Is this a breaking change?

• Yes
• No

Does this PR include user facing changes?

• Yes. Please add a changelog fragment based on our guidelines.
• No. A maintainer will apply the no-changelog label to this PR.

References

Notes

• Please read our Vector contributor resources.
• Do not hesitate to use @vectordotdev/vector to reach out to us regarding this PR.
• Some CI checks run only after we manually approve them.
  • We recommend adding a pre-push hook, please see this template.
  • Alternatively, we recommend running the following locally before pushing to the remote branch:
    • make fmt
    • make check-clippy (if there are failures it's possible some of them can be fixed with make clippy-fix)
    • make test
• After a review is requested, please avoid force pushes to help us review incrementally.
  • Feel free to push as many commits as you want. They will be squashed into one before merging.
  • For example, you can run git merge origin master and git push.
• If this PR introduces changes Vector dependencies (modifies Cargo.lock), please
  run make build-licenses to regenerate the license inventory and commit the changes (if any). More details on the dd-rust-license-tool.

[pront]

@codex review

[chatgpt-codex-connector]

Codex Review: Didn't find any major issues. Delightful!

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".