Ensure all audit events are using Auditor

Problem to solve

Following the incident on 2025-07-11 where users experienced 500 errors during SAML authentication, we discovered that the root cause was an audit event using the deprecated AuditEventService that didn't include required fields, specifically event_name. This caused failures in the compliance violation scheduler when it attempted to process these events.

As evidenced by the logs, we're seeing thousands of "Audit event without event_name encountered in compliance scheduler" warnings, primarily from SessionsController#create using AuditEvents::UserAuditEvent. Source https://log.gprd.gitlab.net/app/r/s/6boiX

Proposal

Audit and identify all usage of deprecated AuditEventService:

• Search codebase for all instances of AuditEventService usage
• Create a comprehensive list of audit events that need migration
• Prioritize based on criticality of the flow

Migrate to Auditor service:

• Replace AuditEventService calls with the newer Auditor service
• Ensure all required fields are properly set during migration