[FIX] 50k limit in UnifiedAuditLog. looping by days if limit is reached

[blade3]

Pull Request Template

Description

• Factorization code for Hawk/internal/functions/Get-AllUnifiedAuditLogEntry.ps1
• If $Output[-1].ResultCount equal or is greater than 50k, the command will be split by days.

Fixes #22 (issue)

Type of change

• [X] Breaking change (fix or feature that would cause existing functionality to not work as expected)

How Has This Been Tested?

• [X] Uses the Start-HawkUserInvestigation [email protected] which having more than 50 0000 Unified Audit Logs.
• [X] If it's not possible to trigger the first test, you can replace line 119 with a smaller value to trigger try/catch.

Checklist:

• [ ] My code follows the style guidelines of Hawk
• [X] I have performed a self-review of my own code
• [X] I have commented my code, particularly in hard-to-understand areas
• [ ] I have made corresponding changes to the documentation
• [X] My changes generate no new warnings
• [ ] I have added tests that prove my fix is effective or that my feature works
• [ ] New and existing unit tests pass locally with my changes
• [X] Any dependent changes have been merged and published in downstream modules
• [X] I have checked my code and corrected any misspellings

[T0pCyber]

Will add to DevBranch and test with other additional changes in development. Thanks for this. :-)