New network fields

[MikePaquette]

Added total.packets and total.bytes per discussion in PR #2
Added session_id and virtual_ip per discussion in Issue #37
Total of 4 new fields added.

[ruflin]

I would prefer to have this in multiple PR's so we can get the changes we agree on in quickly. Can you split it up?

Can you add CHANGELOG entries?

[ruflin]

Reading in this field and the next one about connection, I wonder if we should introduce `connection.* as mentioned in an other thread instead of uptting it under network.

[MikePaquette]

Sorry @ruflin I forgot to reply before closing this PR out for splitting. Are you just talking about a name change i.e. s/network/connection? The network.* field set is intended to pick up flow and connection-based fields, and also network events that are not flow/connection related. I think this requires a bit more thought before making a decision.

[ruflin]

I'm actually thinking if we could use a network and a connection prefix. I think a big chunk of the info we have right now in network is in the right place, but there a things like forwarded_ip which probably fit better into connection and also these fields here.

Definitively needs more discussions, just an idea.

[webmat]

Single small request from me.

Not familiar with the discussion around connection yet, but splitting PR in two would make sense to unblock the straightforward changes.

[webmat]

I would phrase both of these more directly, e.g. "The sum of inbound.packets + outbound.packets", same for bytes.

[MikePaquette]

Closing this out to split into two PR's as requested.