fix(filters): adjust auditd event severity handling in linux filter

Author: yllada

filters/linux/linux.yml

@@ -467,13 +467,4 @@ pipeline:
       - cast:
           fields: [statusCode]
           to: int
-          where: 'equals("log.type", "auditd") && exists("statusCode")'
-
-      # Set default severity for auditd events (info level)
-      # Auditd logs don't have syslog priority, so default to info
-      - add:
-          function: string
-          params:
-            key: severity
-            value: "info"
-          where: 'equals("log.type", "auditd") && !exists("severity")'
+          where: 'equals("log.type", "auditd") && exists("statusCode")'