Suricata

Goal is to provide the user with more insight into the various detection stages, how they are ordered and how rule priorities work.

• document these things in the user documentation
• document these in app parser dev docs for how it works with the "app progress"
• add engine-analysis outputs to show a JSON representation of the way various rules are assigned to the detection stages

Currently this is all mostly implicit, so it will be good to make sure it is explicitly "knowable" w/o looking at code.