"policy manager" for Malcolm and Hedgehog Linux (meta-issue)

[mmguero]

This is needs to be broken down into multiple sub-tasks, but we'll keep the high-level ideas here.

Users have requested a way to "manage sensors and rules" from Malcolm. What this has entailed in discussions is:

• Being able to enable/disable/add/remove "rules" for Malcolm. This might include
  • Suricata rules
  • YARA rules
  • Arkime rules
  • Custom Zeek intel files
  • configuration? or anything else listed here?
• There are other "subscriptions" that we can manage today (for example, external suricata rule sources, zeek intel feeds, etc.), do we want to have those lists be part of "policy" as well?
• management of "rule sets" for the above
• API calls to manage the above
• the ability for hedgehog linux sensors to use the rules/rulesets above
• a user interface for said policy (this is way further down the line, last priority after everything else is working)

I'm going to create a "policy" label to assign to issues associated with this one.

[mmguero]

see also #430 which may be related, as well as #221