Change log for AWS_RDS

Date Changes
2025-07-09 Enhancement:
- `substatementId`: Converted `substatementId` to string before mapping to `event.idm.read_only_udm.additional.fields`UDM field.
- `event.idm.read_only_udm.target.application`: Newly mapped `clientApplication` raw log field with `event.idm.read_only_udm.target.application` UDM field.
- `event.idm.read_only_udm.principal.ip` and `event.idm.read_only_udm.principal.asset.ip`: Removed mapping of `serverHost` raw log field from `event.idm.read_only_udm.principal.ip` and `event.idm.read_only_udm.principal.asset.ip` UDM fields in order to introduce more accurate mappings for the raw log field.
- `event.idm.read_only_udm.target.ip` and `event.idm.read_only_udm.target.asset.ip`: Mapped `serverHost` raw log field with `event.idm.read_only_udm.target.ip` and `event.idm.read_only_udm.target.asset.ip` UDM fields.
- `has_target`: Set `has_target` to `true` if `target.ip` and `target.asset.ip` is not empty.
- `event.idm.read_only_udm.additional.fields`: Removed mapping of `commandText` and `command` raw log fields from `event.idm.read_only_udm.additional.fields` UDM field. These changes were made to introduce more accurate mappings for the raw log fields.
- `event.idm.read_only_udm.target.process.command_line`: Mapped `commandText` raw log field with `event.idm.read_only_udm.target.process.command_line` UDM field.
- `event.idm.read_only_udm.target.resource.attribute.labels`: Newly mapped `objectType` and `objectName` raw log fields with `event.idm.read_only_udm.target.resource.attribute.labels` UDM field.
- Added support for new format of logs.
- `event.idm.read_only_udm.additional.fields`: Newly mapped `rowCount` raw log fields with `event.idm.read_only_udm.additional.fields` UDM field.
- `event.idm.read_only_udm.security_result.summary`: Newly mapped `errorMessage` raw log field with `event.idm.read_only_udm.security_result.summary` UDM field.
- `event.idm.read_only_udm.security_result.description`: Newly mapped `command` raw log field with `event.idm.read_only_udm.security_result.description` UDM field.
- `event.idm.read_only_udm.additional.fields`: Newly Mapped `rawData`,`attemptsMade` and `attemptEndingTimestamp` raw log field with `event.idm.read_only_udm.additional.fields` UDM field.
- `event.idm.read_only_udm.security_result.summary`: Newly mapped `errorCode` raw log field with `event.idm.read_only_udm.security_result.summary` UDM field.
- `event.idm.read_only_udm.security_result.description`: Newly mapped `errorMessage` raw log field with `event.idm.read_only_udm.security_result.description` UDM field.
- `event.idm.read_only_udm.principal.resource.name`: Newly mapped `lambdaARN` raw log field with `event.idm.read_only_udm.principal.resource.name` UDM field.
- `event.idm.read_only_udm.metadata.event_timestamp`: Newly mapped `arrivalTimestamp` raw log field with `event.idm.read_only_udm.metadata.event_timestamp` UDM field.
- `event.idm.read_only_udm.security_result.detection_fields`: Newly mapped `exitCode` raw log field with `event.idm.read_only_udm.security_result.detection_fields` UDM field.
2025-03-28 Enhancement:
- Added grok patterns inorder to parse the logs with new syslog format.
- event.idm.read_only_udm.metadata.product_event_type: Newly mapped `prod_event_type` raw log field with `event.idm.read_only_udm.metadata.product_event_type` UDM field.
- event.idm.read_only_udm.target.resource.name: Newly mapped `arn` raw log field with `event.idm.read_only_udm.target.resource.name` UDM field.
- event.idm.read_only_udm.network.ip_protocol: Newly mapped `PROTOCOL` raw log field with `event.idm.read_only_udm.network.ip_protocol` UDM field.
- event.idm.read_only_udm.principal.ip: Newly mapped `address_data.HOST` raw log field with `event.idm.read_only_udm.principal.ip` UDM field.
- event.idm.read_only_udm.principal.asset.ip: Newly mapped `address_data.HOST` raw log field with `event.idm.read_only_udm.principal.asset.ip` UDM field.
- event.idm.read_only_udm.principal.port: Newly mapped `PORT` to `event.idm.read_only_udm.principal.port`.
- event.idm.read_only_udm.target.resource.attribute.labels: Newly mapped `SID` raw log field with `event.idm.read_only_udm.target.resource.attribute.labels` UDM field.
- event.idm.read_only_udm.target.user.userid: Newly mapped `USER` raw log field with `event.idm.read_only_udm.target.user.userid` UDM field.
- event.idm.read_only_udm.target.hostname: Newly mapped `connect_data.HOST` raw log field with `event.idm.read_only_udm.target.hostname` UDM field.
- event.idm.read_only_udm.target.asset.hostname: Newly mapped `connect_data.HOST` raw log field with `event.idm.read_only_udm.target.asset.hostname` UDM field.
- event.idm.read_only_udm.target.resource.name: Newly mapped `PROGRAM` raw log field with `event.idm.read_only_udm.target.resource.name` UDM field.
- event.idm.read_only_udm.security_result.action_details: Newly mapped `action_details` raw log field with `event.idm.read_only_udm.security_result.action_details` UDM field.
2025-03-13 Enhancement:
- Added support for a new syslog log format.
- Added support to parse the new format of "timestamp".
2025-02-20 Enhancement:
- Added support for a new syslog log format.
2025-02-18 Enhancement:
- Mapped "src_port" to "principal.port".
- Mapped "user_name" to "principal.user.user_display_name".
- Mapped "database_name" to "target.resource.name" and set "target.resource.type" to "DATABASE".
- Mapped "description" to "metadata.description".
2025-01-30 Enhancement:
- Added support for new syslog log format.
2024-12-20 Enhancement:
- Added support for new log format.
- Mapped "owner" to "principal.user.userid".
- Mapped "logGroup" to "security_result.about.resource.name".
- Mapped "logStream" to "security_result.about.resource.attribute.labels".
- Mapped "logevent.id" to "metadata.product_log_id".
- Mapped "logevent.message" to "security_result.description".
- Mapped "resource_name" to "target.resource.name".
- Mapped "src_ip" to "principal.ip".
- Mapped "tar_ip" to "target.ip".
- Mapped "tar_host" to "target.hostname".
- Mapped "subscriptionFilters" to "security_result.about.resource.attribute.labels".
2024-10-30 Enhancement:
- Added support for new log format.
- Mapped "type" to "additional.fields".
2024-10-03 Enhancement:
- Added support for new log format.
2023-04-24 - Newly created parser.