UX: Open button to read zeek logs

[siskojr]

Provide button to read/ingest Zeek logs.

1. We will not ask the user to specify the type of logs when opening log files. We discussed we would use auto-detect logic from zq. Indicate the list of supported log formats.
2. Call out ZNG format as one of the supported ones (no need to use the red color as in the wireframe, but putting it as first in list helps highlighting the best format, ZNG ).
3. Ideally design a folder icon with zeek logo as a visual hint of the most common option.

Wireframe Open button: Showing Open button. The usage of Fin icon and Zeek folder icon will serve as a visual clue for the Wireshark persona and the Zeek persona.

Defaults: User can chose to accept our defaults for naming convention and .brim location. Our defaults today save the Brim folder in the same location of the selected file. If users un-select the defaults checkbox, they can choose:

1. name: the Name of the brim folder, which will still have .brim extension
2. location: the location for the saving of the brim folder.

Drag operations

1. PCAP: we will support dragging a Single PCAP file only. Supporting more is future functionality. Today users can use the mergecap command available from Wireshark installation.
2. LOGS: we will support dragging a single log file, dragging a Folder that contains log files or multiple file selections. In order to process logs we assume they will be in one of our supported formats, using our auto-detection logic.

[siskojr]

Closing feature as we have implemented. We will consider the defaults/preferences parts with more feedback from users to avoid over-engineering.