Audit security configuration changes

[albertzaharovits]

Add audit event types that describe changes to the security configurations:

• Adding/Deleting/Changing users/roles/role mappings
• TLS certs reloaded
• Realms configuration changes

Related: #29766

[elasticmachine]

Pinging @elastic/es-security

[Jac2NL]

It's astonishing that these capabilities are currently missing!

Quoting the Elastic website: "Audit Logging: Have a Record of Who Did What and When. Perhaps the quiet hero of the security world, our audit log features let you easily maintain a complete record of all system and user activity."

What good is an auditing system which does not record the actual object that is changed? We know "Who" and "When" but not "What".