S1 - Fixed operator logic to perform "contains" searches

[xC0uNt3r7hr34t]

This is limited to SentinelOne Product. The logic for S1 powerquery queries being built was using the "in" operator which would not perform a full contains match on fields. The code was updated to use the "contains" operator instead which works with the rest of the logic and can still support searching multiple values. After testing all queries work as expected and expected results are now properly returned.

Example:

src.process.name contains ('megasync', 'rclone')
src.process.name in ('megasync', 'rclone')

"in" logic does not match a src.process.name of "rclone.exe", but using contains it now will match this event.

[TreWilkinsRC]

Hey @xC0uNt3r7hr34t ,

Would you be able to update the test_nested_process_search_pq_over_max_char_limit and test_nested_process_search_pq pytests to match the changes made?

'in' -> 'contains'

[xC0uNt3r7hr34t]

@TreWilkinsRC changes applied, should be good to merge.