auditbeat/module/file_integrity: improve documentation and ensure paths are absolute

[efd6]

What does this PR do?

This clarifies the behaviour of the auditbeat file integrity module in its handling of symlinks and ensures that the current documented behaviour of resolving path to their absolute path where possible is honored.

Why is it important?

The current documentation has been confusing for some users because is does not specify the behaviour wrt the handling of symlinks, and the current documented behaviour is not honored wrt absolute path resolution.

Checklist

• My code follows the style guidelines of this project
• I have commented my code, particularly in hard-to-understand areas
• I have made corresponding changes to the documentation
• I have made corresponding change to the default configuration files
• I have added tests that prove my fix is effective or that my feature works
• I have added an entry in CHANGELOG.next.asciidoc or CHANGELOG-developer.next.asciidoc.

Author's Checklist

• [ ]

How to test this PR locally

Related issues

Use cases

Screenshots

Logs

[elasticmachine]

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS

Expand to view the summary

Build stats

• Start Time: 2022-10-24T22:51:57.173+0000

• Duration: 42 min 37 sec

Test stats 🧪

Test	Results
Failed	0
Passed	573
Skipped	81
Total	654

💚 Flaky test report

Tests succeeded.

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

• /test : Re-trigger the build.

• /package : Generate the packages and run the E2E tests.

• /beats-tester : Run the installation tests with beats-tester.

• run elasticsearch-ci/docs : Re-trigger the docs validation. (use unformatted text in the comment!)

[elasticmachine]

Pinging @elastic/security-external-integrations (Team:Security-External Integrations)