feat[#266]: New Kits - auditd/cloudtrail/guardduty

[bronson-peto-gravwell]

This PR addresses creation of 3 new kits

• Auditd (New Kit: auditd #228)
• AWS CloudTrail (New Kits: AWS Cloudtrail & AWS Guardduty #270)
• AWS GuardDuty (New Kits: AWS Cloudtrail & AWS Guardduty #270)

[kyle-mallett-gravwell]

auditd/aws_cloudtrail/aws_guardduty

1. Please update auditd kitName/ID to match Gravwell format
   io.gravwell.auditd

2. Set MaxVersion to 5.99
   "MaxVersion": { "Major": 5, "Minor": 99, "Point": 0 },

3. Remove ConfigMacros in MANIFEST if no macros present in macros/.
   auditd/MANIFEST
   aws_cloudtrail/MANIFEST

4. Add macro/ back in since searchlibrary/ queries depend on the macro.

https://github.com/gravwell/kits/actions/runs/23268181682/job/67654280571

• not sure if you cancelled this manually, or we need to look into 'build kitctl' process...but it did build and load into my local instance of Gravwell

[kyle-mallett-gravwell]

lgtm; spoke with Bronson about ConfigMacros in MANIFEST, they were built regardless of being in macro/ since they were defined as a ConfigMacro.

[kyle-mallett-gravwell]

@mike-wade-gravwell when you get the chance

[mike-wade-gravwell]

LGTM