* only create necessary output files in directory output mode
* delete empty detections and empty detection sections
* Merge equal documents
* Merge reduced collections into one YAML document in common case
Some Sigma rule collections contain YAML documents that reduce to almost
nothing because they only contain EventID definitions. Previous behavior
would filter the part with the remaining selection.
Thomas Patzke