[Security Solution] Warning flashes when editing rule index patterns

[jkelas]

Follow-up to: #178908

Summary

When editing a rule which has a filter with AND or OR condition, and modifying the "Index patterns", the filter displayed in "Custom query" field flashes a Warning message for a fraction of a second. Please see the recordings.

Steps to reproduce

0. Launch a clean Kibana + ES environment.
1. Create some valid indices with source events. Locally, one easy way to do this would be using the resolver_generator script that generates fake endpoint events (events generated by Endpoint Security aka Elastic Defend): node x-pack/plugins/security_solution/scripts/endpoint/resolver_generator.js --node http://elastic:changeme@127.0.0.1:9200 --kibana http://elastic:changeme@0.0.0.0:5601/kbn --numHosts=5 --numDocs=2.
2. Create a new custom rule. Enter "logs*" and "abc*" as indices.
3. Enter * as the rule's query.
4. Add a rule filter, for example host.name: Host-avy6d0956e AND host.os.family: windows (use any values from your source data).
   Notice that the filter is displayed without any warnings, and the field values in the filter are clearly visible.
5. Save the rule.
6. Click "Edit rule settings" button.
7. In the "Index patterns" field remove the "abc*" pattern or add any other pattern, e.g. "bcd*".
8. Click anywhere else on the page to change the focus. Notice the flash of a Warning message for a fraction of a second in the "Custom query" field.

Expected behavior:

There should be no Warning flashing in the "Custom query" field.

Recordings

394328583-c6b76b3a-29a3-403d-a549-d994a3d1dc24.mov

394328628-17bb2d96-990c-4d11-b690-e134a261b0ff.mov

[elasticmachine]

Pinging @elastic/security-detections-response (Team:Detections and Resp)

[elasticmachine]

Pinging @elastic/security-detection-rule-management (Team:Detection Rule Management)

[elasticmachine]

Pinging @elastic/security-solution (Team: SecuritySolution)