Documentation for `flow.record` format

[janstarke]

I started working on this topic (#64) in https://github.com/janstarke/flow-record, which contains a Rust implementation of the format as well as a documentation.

Is there someone on your side who can review this?

At the moment, the support is partly, but works together with rdump. In the future, I'd like to replace bodyfile in the DFIR Toolkit as well as in ntdsextract2 by the record format, which in my eyes is much more better.

[janstarke]

I already added an implementation in ntdsextract2, which prints a timeline using flow-record. This can be parsed by rdump. Looks nice 😍

I think I implemented most atomic datatypes correctly. I still need to document stringlist, dictlist, dynamic and record