Support audit ignore policy by request.name

[jguay]

Description

auditing filtering does not currently allow to filter by request.name, example here user wants to filter out request BulkItemRequest to reduce size of audit logs

{
  "type": "audit",
  "timestamp": "2025-01-01T01:23:45,678+0000",
  "node.id": "G7bXq2vL9pZmT4KdYwNr5C",
  "event.type": "transport",
  "event.action": "access_granted",
  "authentication.type": "REALM",
  "user.name": "user_name",
  "user.run_by.name": "user_name",
  "user.realm": "realm_name",
  "user.run_by.realm": "reserved",
  "user.roles": [
    "superuser"
  ],
  "origin.type": "rest",
  "origin.address": "1.2.3.4:12345",
  "request.id": "aP8XzY3kWmVqL7J9oT5Rb",
  "action": "indices:data/write/delete",
  "request.name": "BulkItemRequest",
  "indices": [
    "my-index"
  ],
  "x_forwarded_for": "127.0.0.1"
}

[elasticsearchmachine]

Pinging @elastic/es-security (Team:Security)

[tvernum]

I don't think we want to do this - request.name is a raw Java class name, and could be changed at any time. We try to avoid doing that, but I don't think we want to support filtering by request name.

We would expect admins to filter by action instead. Is there a reason we can't do that here?