Watch the ETW kernel logger session

We should supervise the status of the `NT Kernel Logger` ETW session periodically. Some threat actors might sweep and end all running ETW sessions on the machine. If the NT kernel session is terminated, we'll try to start a new one and possibly send an alert indicating that the ETW session was stopped.