Add Filebeat Top-N Flows dashboard (elastic#10180)

This is dashboard for investigating the Top-N network flows. The search pattern is set to
look at `event.action: network_flow` which is what the Filebeat netflow input uses. There
are controls for selecting the flow direction (if provided by the netflow exporter) and the
flow locality (public = at least one side is a public IP, or private = both sides are private IPs).

The domain column in the tables will only be populated if the data is enriched with
source.domain or destination.domain. Like if a reverse or passive DNS enrichment is
performed.