Change log for DELL_SWITCH

Date Changes
2024-10-09 Enhancement:
- Added a Grok pattern to parse a new type of logs.
- Mapped "Eventid" to "metadata.product_log_id".
- Mapped "Eventseverity" to "security_result.severity".
- Mapped "Computer" to "principal.hostname" and "principal.asset.hostname".
- Mapped "Program" to "principal.application".
- Mapped "Description" to "security_result.description".
2024-08-20 Enhancement:
- Added support to handle unparsed SYSLOG logs.
2024-04-25 Enhancement:
- Added Grok patterns to parse a new log type.
- Mapped "op" to "metadata.product_event_type".
- Mapped "mac" to "principal.mac".
- Mapped "addr" to "principal.ip".
- Mapped "hostname" to "principal.ip".
- Mapped "server_ip" to "principal.ip".
- Mapped "server_port" to "principal.port".
- Mapped "acct" to "principal.user.userid".
- Mapped "target_ip" to "target.ip".
- Mapped "local_ip" to "target.ip".
- Mapped "local_port" to "target.port".
- Mapped "File" to "target.file.full_path".
- Mapped "target_host" to "target.hostname".
- Mapped "target_user_id" to "target.user.userid".
- Mapped "Server_ID" to "target.resource.product_object_id".
- Mapped "tzknown", "is_synced" and "exe" to "security_result.detection_fields".
- Mapped "res" to "security_result.summary".
- If value of the field "res" is "", then mapped "status" to "security_result.summary".
- Mapped "uid", "enterpriseId", "auid", "terminal", "subj", "grantors", and "ID" to "principal.resource.attribute.labels".
2024-04-04 - Added Grok patterns to parse new log type.
- Mapped "prod_event_type" to "metadata.product_event_type".
- Mapped "ip" to "principal.ip".
- Mapped "dest_ip" to "target.ip".
- Mapped "target_url" to "target.url".
- Mapped "sec_description" to "security_result.description".
- Mapped "action_details" to "security_result.action_details".
2024-01-04 - Added Grok patterns for newly ingested logs.
- Added date block when "datetime" is in "SYSLOGTIMESTAMP" format.
- Mapped "softwareName" to "principal.asset.software.name".
- Mapped "swVersion" to "principal.asset.software.version".
- Mapped "port" to "principal_port".
- Mapped "user" to "principal.user.userid" and set "metadata.event_type" to "USER_UNCATEGORIZED" when "user" is present.
- Mapped "application" to "principal.application".
- Mapped "ip" to "principal.ip".
- Set "sec_result.severity" to "INFORMATIONAL" when "severity" is "IFMGR-5-OSTATE_DN".
- Mapped "msg" to "metadata.description".
2023-11-02 - Newly created parser.