Change log for ARUBA_SWITCH

Date	Changes
2025-08-21	Enhancement: - Added a Grok pattern to parse new pattern of logs. - event.idm.read_only_udm.principal.ip and event.idm.read_only_udm.principal.asset.ip: Newly mapped `hostname` raw log field with `event.idm.read_only_udm.principal.ip` and `event.idm.read_only_udm.principal.asset.ip` UDM fields. - event.idm.read_only_udm.additional.fields: Newly mapped `log_id`, `priority` and `facility` raw log fields with `event.idm.read_only_udm.additional.fields` UDM field. - Modified `sys_time` date pattern to support new pattern of timestamp.
2025-05-26	Enhancement: - Added grok patterns to support new pattern of SYSLOG logs. - event.idm.read_only_udm.security_result.action_details: Newly mapped `status` raw log field with `event.idm.read_only_udm.security_result.action_details` UDM field. - Changed `event_type` from `NETWORK_CONNECTION` to `STATUS_UPDATE` when target machine data is not available. - Added support for new pattern of timestamp. - Added a grok pattern to parse new pattern of description field. - Modified the `if` condition for `user_id` raw_field. - Removed the setting of `has_target` as `true`, if there is no target machine data.
2024-11-14	Enhancement: - Mapped "severity" to "security_result.severity".
2024-10-29	Enhancement: - Modified grok pattern to parse "severity" and "amm" fields.
2024-10-16	Enhancement: - Added support for new format of SYSLOG logs. - Changed mapping of "userid" from "principal.user.userid" to "target.user.userid". - Based on the log description, set "metadata.event_type" as "USER_LOGIN" or "USER_LOGOUT" or "NETWORK_CONNECTION". - Based on the log description, set "security_result.action" as "ALLOW" or "BLOCK".
2024-09-17	Enhancement: - Added support for a new pattern of SYSLOG logs.
2024-04-18	- Newly created parser.