Change log for AIRWATCH

Date Changes
2024-11-15 Enhancement:
- Added Grok patterns for new types of logs.
2024-10-17 Enhancement:
- Added support for new types of logs.
2024-10-07 Enhancement:
- Added support for new type of logs.
2024-09-23 Enhancement:
- Added support to parse unparsed logs.
2024-06-25 Enhancement:
- Fixed the Grok pattern to map "username" to "principal.user.user_display_name".
- Mapped "device_type" to "additional.fields".
- Added the Grok patterns for new type of logs.
2023-09-05 Bug Fix:
- Added a Grok pattern to parse dropped logs.
2023-05-05 Bug Fix-
- Modified Grok pattern to parse dropped logs.
2023-04-26 Bug Fix-
- Added support for different type of syslog formatted logs.
2022-12-27 Bug Fix-
- Added support for different type of Syslog Format logs.
- Added specific conditional checks to handle multiple 'event_name'.
2022-09-02 Enhancement-
- Wrote grok to parse the unparsed ccf format logs.
2022-06-29 Enhancement- Parsed log with event_name as "MergeGroupCompletedEvent"
- mapped "GroupManagementData" to "security_result.description".
- mapped "EventSource", "EventModule" to "event.idm.read_only_udm.additional.fields".
- mapped "cat" to "security_result.category_details".
- modified "event.idm.read_only_udm.metadata.event_type" from "GENERIC_EVENT" to "USER_UNCATEGORIZED" in case either of "principal.user.userid" or "target.user.userid" is present.
2022-06-20 Enhancement- Event Category mapped to _udm.additional.fields(event_category)
Added event type GENERIC_EVENT for SecurityInformation, SecurityInformationConfirmed(event_name) to handle unparse log