Introduce analyzer-failed.log, as a replacement for dpd.log

Analyzer-failed.log is, essentially, the replacement for dpd.log. The
name should make more sense, as it does now log analyzer failures. For
protocol analyzers specifically, these are failures that lead to the
analyzer being disabled.

scripts/policy/frameworks/analyzer/analyzer-debug-log.zeek

@@ -1,4 +1,4 @@
-##! Logging analyzer confirmations and violations into analyzer-debug.log
+#! Logging analyzer confirmations and violations into analyzer-debug.log
 
 @load base/frameworks/config
 @load base/frameworks/logging
@@ -117,19 +117,6 @@ event zeek_init() &priority=5
 
 	}
 
-function analyzer_kind(atype: AllAnalyzers::Tag): string
-	{
-	if ( is_protocol_analyzer(atype) )
-		return "protocol";
-	else if ( is_packet_analyzer(atype) )
-		return "packet";
-	else if ( is_file_analyzer(atype) )
-		return "file";
-
-	Reporter::warning(fmt("Unknown kind of analyzer %s", atype));
-	return "unknown";
-	}
-
 function populate_from_conn(rec: Info, c: connection)
 	{
 	rec$id = c$id;
@@ -159,7 +146,7 @@ event analyzer_confirmation_info(atype: AllAnalyzers::Tag, info: AnalyzerConfirm
 	local rec = Info(
 		$ts=network_time(),
 		$cause="confirmation",
-		$analyzer_kind=analyzer_kind(atype),
+		$analyzer_kind=Analyzer::kind(atype),
 		$analyzer_name=Analyzer::name(atype),
 	);
 
@@ -180,7 +167,7 @@ event analyzer_violation_info(atype: AllAnalyzers::Tag, info: AnalyzerViolationI
 	local rec = Info(
 		$ts=network_time(),
 		$cause="violation",
-		$analyzer_kind=analyzer_kind(atype),
+		$analyzer_kind=Analyzer::kind(atype),
 		$analyzer_name=Analyzer::name(atype),
 		$failure_reason=info$reason,
 	);
@@ -210,7 +197,7 @@ hook Analyzer::disabling_analyzer(c: connection, atype: AllAnalyzers::Tag, aid:
 	local rec = Info(
 		$ts=network_time(),
 		$cause="disabled",
-		$analyzer_kind=analyzer_kind(atype),
+		$analyzer_kind=Analyzer::kind(atype),
 		$analyzer_name=Analyzer::name(atype),
 	);