Add `correlation` (or similar) related type

[kelnage]

When creating a Sigma rule that is intended to be largely (but not always) used with a correlation rule or could be used with multiple different correlation rules, there does not seem to be a good way of indicating that in the Sigma rule metadata itself.

The related field allows us to associate Sigma rules together, but the types available do not seem (to me) to align with the above desired use-case - my suggestion is to introduce a type: correlation or type: recommended_correlation to the standard to enable it.

A simple example usage might look like the following Sigma rule:

title: Detect Failed Logins
id: 20e9c90b-dd09-468c-896e-572a26bf7941
related:
    - id: 9582bf37-ea9a-43cf-aa5f-4145e0868d2e
      type: correlation
detection:
    ...

With the associated Sigma correlation rule:

type: Detect Multiple Failed Logins (5 Minutes, 10 Attempts)
id: 9582bf37-ea9a-43cf-aa5f-4145e0868d2e
correlation:
    ...

[nasbench]

+1 for the type: correlation. I think it make sense and it'll encourage people to look at the related correlation rules.