[SIEM] fix bug that fails to match index patterns with leading wildcard

[stephmilovic]

Summary

Resolves https://github.com/elastic/siem-team/issues/373
Fixes a bug that blew up the server when an index pattern with a leading wildcard was passed.

Checklist

Use strikethroughs to remove checklist items you don't feel are applicable to this PR.

• This was checked for cross-browser compatibility, including a check against IE11
• Any text added follows EUI's writing guidelines, uses sentence case text and includes i18n support
• Documentation was added for features that require explanation or tutorials
• Unit or functional tests were updated or added to match the most common scenarios
• This was checked for keyboard-only and screenreader accessibility

For maintainers

• This was checked for breaking API changes and was labeled appropriately
• This includes a feature addition or change that requires a release note and was labeled appropriately

[elasticmachine]

Pinging @elastic/siem (Team:SIEM)

[spong]

Testing on a Cloud CCS instance containing two clusters: Configuring siem:defaultIndex with *:metricbeat-* instead of monitoring-data:metricbeat-* & house-data:metricbeat-* has the SIEM app loading without error and displaying data from both clusters:

Only monitoring-data:metricbeat-*

Only house-data:metricbeat-*

All clusters (includes additional host):

[elasticmachine]

💚 Build Succeeded

• continuous-integration/kibana-ci/pull-request
• Commit: 7ad821d

[spong]

Checked out and tested against a CCS cloud deployment and all seems 👍

Tested with the following siem:defaultIndex values:

*beat* - only matches local indices ✅
* - only matches local indices ✅
*:*beat* - only matches cross cluster indices ✅

All these behaviors match that of the Kibana Index Pattern UI, which is what we're shooting for parity wise. LGTM! 👍