feat: remove values that are not generated by the parser

[jorgehermo9]

at https://github.com/vectordotdev/vrl/blob/5dd835138e94fc45316834ac8391558de6f0b8fe/src/stdlib/parse_auditd.rs#L97 we found that the variants that are not generated by the parser does not make sense for us, so we included a wildcard branch to catch those cases as a workaround. I assume that those variants are useful for Laurel, but as the parser was split off from Laurel, maybe it makes sense to also split those values and move the removed logic of this PR to laurel and convert from this parser Value to a extended Value in Laurel's internals. This way we don't have to take into account Value variants that are not generated by the parser.

What do you think of this change? It would help us a lot and this way we can "make illegal states unrepresentable"

[hillu]

I agree in principle on making illegal states unrepresentable, but I'll need to figure out how to deal with some of those types. This may take a while.
I had been thinking about adding code for combining multiple EXECVE messages to the parser. For this, the Value::Segments type would still make sense.

[jorgehermo9]

Okay, no problem!

I'm not familiar with auditd and I think I can't be of much help there, but I'll do what I can to give you a hand