Change log for CYBEREASON_EDR

Date Changes
2025-01-23 Enhancement:
- Changed "metadata.event_type" from "NETWORK_CONNECTION" to "SCAN_FILE".
- Changed mapping for externalIP from target.ip to principal.ip.
- Mapped security_result.category to "SOFTWARE_MALICIOUS" if type is "knownMalware" and elementType is "File", else if type is "knownMalware" and elementType is not "File" then mapped it to "NETWORK_MALICIOUS".
- Changed mapping for "name" from "principal.process.file.full_path" to "target.file.names".
- Changed mapping for "malwareDataModel" from "principal.process.command_line" to "target.file.full_path".
- Mapped type to security_result.summary.
- Mapped status to security_result.action.
2024-11-29 Enhancement:
- Added support to parse logs when the LogType is "Malware" and "Malop".
2024-01-25 Enhancement:
- Mapped "cs3Label", "cs4Label", "cs5Label", "deviceCustomDate1Label", "deviceCustomDate2Label" and "deviceCustomDate3Label" to "security_result.detection_fields".
- Aligned "principal.hostname", "target.hostname", "principal.asset.hostname", and "target.asset.hostname" mappings.
- Aligned "principal.ip", "target.ip", "principal.asset.ip", and "target.asset.ip" mappings.
2023-02-23 Enhancement
- Mapped "malop_data.elementValues.affectedUsers.elementValues.0.guid" to "principal.user.userid".
- Mapped "malop_data.elementValues.affectedUsers.elementValues.0.name" to "principal.user.user_display_name".
- Mapped "malop_data.elementValues.affectedMachines.elementValues.0.guid" to "principal.asset.asset_id".
- Mapped "malop_data.elementValues.affectedMachines.elementValues.0.name" to "principal.hostname".
- Mapped "malop_data.simpleValues.malopActivityTypes.values.0", "malop_data.isMalicious" to "security_result.detection_fields".
- Mapped "security_result.alert_state" to "ALERTING" if "is_alert" is "true".
2023-02-06 Enhancement
- Parsed logs ingested in CEF format.