cowrie/wardenfiler: Store credentials for both successful and unsuccessful attempts

First implementation, which uses the aggregation ID (AID) "src_ip,dst_ip" to watch all credentials used during the time window.

If the login fails, the credentials are stored under the AID.
The credentials are flushed from the AID cache either when the aggregation window expires, or when the login is successful - the unsuccessful credentials from the cache are then sent with the successful ones appended.