Adding dynamic information to static rba messages

[DipsyTipsy]

Details

Some detections are currently without dynamic rba messages, this is leaves a bit of unused potential. Adding suggestions for detections in cloud/ and endpoint/.

There is still a few in web/ and network/ without field refs in the messages, however a few of the ones I looked at were experimental with little data in the resulting events. The ones I'm aware of are:

web/detect_f5_tmui_rce_cve_2020_5902.yml:    message: Potential F5 TMUI RCE traffic
web/detect_malicious_requests_to_exploit_jboss_servers.yml:    message: Potentially malicious traffic exploiting JBoss servers
web/detect_attackers_scanning_for_vulnerable_jboss_servers.yml:    message: Potential Scanning for Vulnerable JBoss Servers
web/monitor_web_traffic_for_brand_abuse.yml:    message: Potential Brand Abus discovered in web logs
network/dns_query_length_outliers___mltk.yml:    message: DNS Query Length Outliers
network/detect_zerologon_via_zeek.yml:    message: Potential Zerologon activity detected
network/protocol_or_port_mismatch.yml:    message: Port or Protocol Traffic Mismatch
network/detect_windows_dns_sigred_via_zeek.yml:    message: Potential SIGRed activity detected
network/detect_unauthorized_assets_by_mac_address.yml:    message: Potentially Unauthorized Device observed
network/prohibited_network_traffic_allowed.yml:    message: Potentially Prohibited Network Traffic allowed
network/detect_windows_dns_sigred_via_splunk_stream.yml:    message: Potential SIGRed activity detected

Checklist

• Validate name matches <platform>_<mitre att&ck technique>_<short description> nomenclature
• CI/CD jobs passed ✔️
• Validated SPL logic.
• Validated tags, description, and how to implement.
• Verified references match analytic.
• Confirm updates to lookups are handled properly.

[nasbench]

Overall LGTM. Can you please update the date/versions of the content.