Implement coi monitor audit subcommand

## Summary

The `coi monitor audit` subcommand is referenced in documentation but is not implemented. The code in `internal/cli/monitor.go` has the command commented out with a `TODO: Implement or remove` note (lines 148-162).

Currently, users must manually read JSONL audit log files:
```bash
cat ~/.coi/audit/<container-name>.jsonl
cat ~/.coi/audit/<container-name>.jsonl | grep '"level":"high"'
```

## Proposed Feature

Implement `coi monitor audit` as a proper subcommand with:

- **Container filtering**: `coi monitor audit <container-name>` or `coi monitor audit --container <name>`
- **Severity filtering**: `--level critical,high` to filter by threat level
- **Export**: `--export report.json` to export filtered events to a file
- **Formatted output**: Human-readable table format by default, `--json` for raw output
- **Time filtering**: `--since 1h` or `--since 2026-03-01` to limit time range

## Context

- The function `monitorAuditCommand` exists but is unused (`//nolint:unused`)
- Audit logs are stored at `~/.coi/audit/<container-name>.jsonl` and `~/.coi/audit/<container-name>-nft.jsonl`
- README and wiki have been updated to use `cat` commands as a workaround until this is implemented

## References

- `internal/cli/monitor.go:148-196` - commented out command and basic implementation

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Implement coi monitor audit subcommand #185

Summary

Proposed Feature

Context

References

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Implement coi monitor audit subcommand #185

Description

Summary

Proposed Feature

Context

References

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions