Move rules to config directory from classpath resources

[cwperks]

Description

Companion core PR: opensearch-project/OpenSearch#19343

This PR moves all sigma rules (yaml files) from classpath resources to the config directory. These yaml files do not need to be bundled in the SAP jar itself, they just need to be readable at runtime. Files within a plugin's config folder are readable at runtime.

Check List

• New functionality includes testing.
• New functionality has been documented.
• API changes companion pull request created.
• Commits are signed per the DCO using --signoff.
• Public documentation issue/PR created.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[opensearch-trigger-bot]

The backport to 2.19 failed:

The process '/usr/bin/git' failed with exit code 128

To backport manually, run these commands in your terminal:

# Navigate to the root of your repository
cd $(git rev-parse --show-toplevel)
# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add ../.worktrees/security-analytics/backport-2.19 2.19
# Navigate to the new working tree
pushd ../.worktrees/security-analytics/backport-2.19
# Create a new branch
git switch --create backport-1580-to-2.19
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 95dd12316a7e5c93bf1498a6c4960668342c3bed
# Push it to GitHub
git push --set-upstream origin backport-1580-to-2.19
# Go back to the original working tree
popd
# Delete the working tree
git worktree remove ../.worktrees/security-analytics/backport-2.19

Then, create a pull request where the base branch is 2.19 and the compare/head branch is backport-1580-to-2.19.