Change log for ARCSIGHT_CEF

Date	Changes
2024-07-30	Enhancement: - Mapped "app" to "target.application". - Mapped "flexString2", "PanOSFileHash", and "filePath" to "additional.fields". - Mapped "threat_name" to "security_result.threat_name". - Mapped "threat_id" to "security_result.threat_id". - When "device_event_class_id" is not "THREAT", then mapped "cat" to "additional.fields".
2024-06-18	Enhancement: - Added support to parse unparsed logs failing due to validation error.
2024-04-03	Enhancement: - Mapped "principal_ip1" to "principal.ip" and "principal.asset.ip". - Mapped "deviceExternalId" to "about.asset.hardware.serial_number". - When principal data and target data is present, then set "metadata.event_type" to "NETWORK_CONNECTION". - When principal data and target resource data is present, then set "metadata.event_type" to "USER_RESOURCE_ACCESS". - When principal data is present, then set "metadata.event_type" to "STATUS_UPDATE".
2024-02-18	Enhancement - - Added support to parse "PAN_FIREWALL" logs. - Mapped "metadata.event_type" to "NETWORK_CONNECTION" if "device_event_class_id" is in "TRAFFIC", "THREAT", "URL", "WILDFIRE", "DATA", "TUNNEL". - Mapped "PanOSConfigVersion" to "security_result.detection_fields". - Mapped "deviceOutboundInterface", "deviceInboundInterface" to "additional.fields".
2024-02-12	Enhancement - - Mapped "query" to "additional fields". - Added a Grok pattern to parse logs with query value "json_data".
2023-04-27	Enhancement - - Mapped "proto" to "network.ip_protocol".
2022-11-15	Enhancement - - Mapped "PanOSThreatCategory" to "security_result.category_details". - Mapped "PanOSThreatID" to "security_result.threat_id", - Mapped "PanOSContentVersion" to "security_result.detection_fields". - Mapped "PanOSRuleUUID" to "metadata.product_log_id". - Mapped "PanOSDestinationLocation" to "target.location.country_or_region". - Mapped "PanOSDGHierarchyLevel1" to "security_result.detection_fields".
2022-08-26	Enhancement - Migrated the custom parsers into default parser.