Introduce new c$failed_analyzers field

This field is used internally to trace which analyzers already had a
violation. This is mostly used to prevent duplicate logging.

In the past, c$service_violation was used for a similar purpose -
however it has slightly different semantics. Where c$failed_analyzers
tracks analyzers that were removed due to a violation,
c$service_violation tracks violations - and doesn't care if an analyzer
was actually removed due to it.

testing/btest/Baseline/coverage.record-fields/out.bare

@@ -2,6 +2,7 @@
 [zeek, -b, <...>/record-fields.zeek]
 connection {
   * duration: interval, log=F, optional=F
+  * failed_analyzers: set[string], log=F, optional=T
   * history: string, log=F, optional=F
   * id: record conn_id, log=F, optional=F
       conn_id {

testing/btest/Baseline/coverage.record-fields/out.default

@@ -137,6 +137,7 @@ connection {
   * duration: interval, log=F, optional=F
   * extract_orig: bool, log=F, optional=T
   * extract_resp: bool, log=F, optional=T
+  * failed_analyzers: set[string], log=F, optional=T
   * ftp: record FTP::Info, log=F, optional=T
       FTP::Info {
         * arg: string, log=T, optional=T