Change log for GUARDICORE_CENTRA

Date	Changes
2025-03-28	Enhancement: - Added Grok patterns to extract KV data from the logs. - Added "else if" conditional check for "cs1" and "cs1Label". - event.idm.read_only_udm.additional.fields: Newly mapped `cs1` and `cs1Label` raw log field with `event.idm.read_only_udm.additional.fields` UDM field. - event.idm.read_only_udm.security_result.action_details: Newly mapped `act` raw log field with `event.idm.read_only_udm.security_result.action_details` UDM field. - event.idm.read_only_udm.principal.ip,event.idm.read_only_udm.principal.asset.ip: Newly mapped `src` raw log field with `event.idm.read_only_udm.principal.ip` and `event.idm.read_only_udm.principal.asset.ip` UDM field. - event.idm.read_only_udm.target.ip,event.idm.read_only_udm.target.asset.ip: Newly mapped `dst` raw log field with `event.idm.read_only_udm.target.ip` and `event.idm.read_only_udm.target.asset.ip` UDM field. - event.idm.read_only_udm.target.port: Newly mapped `dpt` raw log field with `event.idm.read_only_udm.target.port` UDM field. - event.idm.read_only_udm.target.host,event.idm.read_only_udm.target.asset.hostname: Newly mapped `dhost` raw log field with `event.idm.read_only_udm.target.host` and `event.idm.read_only_udm.target.asset.hostname` UDM field. - event.idm.read_only_udm.network.ip_protocol: Newly mapped `proto` raw log field with `event.idm.read_only_udm.network.ip_protocol` UDM field. - event.idm.read_only_udm.target.asset.platform_software.platform: Newly mapped `os_type` raw log field with `event.idm.read_only_udm.target.asset.platform_software.platform` UDM field. - event.idm.read_only_udm.target.resource.attribute.labels: Newly mapped `cs4` and `cs4Label` raw log field with `event.idm.read_only_udm.target.resource.attribute.labels` UDM field. - event.idm.read_only_udm.target.application: Newly mapped `Aplicacion` raw log field with `event.idm.read_only_udm.target.application` UDM field. - event.idm.read_only_udm.target.resource.name: Newly mapped `ConexionServ_RedRespaldoicio` raw log field with `event.idm.read_only_udm.target.resource.name` UDM field. - event.idm.read_only_udm.target.resource.attribute.labels: Newly mapped `Ambiente` raw log field with `event.idm.read_only_udm.target.resource.attribute.labels` UDM field. - event.idm.read_only_udm.target.resource.resource_subtype: Newly mapped `Servicio` raw log field with `event.idm.read_only_udm.target.resource.resource_subtype` UDM field. - event.idm.read_only_udm.target.platform_version: Newly mapped `os_name` raw log field with `event.idm.read_only_udm.target.platform_version` UDM field. - event.idm.read_only_udm.target.process.command_line, event.idm.read_only_udm.target.resource.attribute.labels: Newly mapped `dproc` raw log field with `event.idm.read_only_udm.target.process.command_line` UDM field else mapped it to `event.idm.read_only_udm.target.resource.attribute.labels` UDM field. - event.idm.read_only_udm.target.url: Newly mapped `cs15Label` raw log field with `event.idm.read_only_udm.target.url` UDM field. - event.idm.read_only_udm.additional.fields: Newly mapped `cs6Label` and `cs6` raw log field with `event.idm.read_only_udm.additional.fields` UDM field. - event.idm.read_only_udm.security_result.rule_id: Newly mapped `cs7Label` raw log field with `event.idm.read_only_udm.security_result.rule_id` UDM field. - event.idm.read_only_udm.security_result.rule_id: Newly mapped `Entorno` raw log field with `event.idm.read_only_udm.target.resource.attribute.labels` UDM field. - event.idm.read_only_udm.target.resource.attribute.labels: Newly mapped `Gestion` raw log field with `event.idm.read_only_udm.target.resource.attribute.labels` UDM field. - event.idm.read_only_udm.target.resource.attribute.labels: Newly mapped `cs10` and `cs10Label` raw log field with `event.idm.read_only_udm.target.resource.attribute.labels` UDM field. - event.idm.read_only_udm.target.user.userid: Newly mapped `duser` raw log field with `event.idm.read_only_udm.target.user.userid` UDM field. - event.idm.read_only_udm.target.resource.attribute.labels: Newly mapped `cs16Label` and `cs16` raw log field with `event.idm.read_only_udm.target.resource.attribute.labels` UDM field.
2024-12-04	Enhancement: - Mapped start to "metadata.event_timestamp".
2024-11-05	Enhancement: - Added support for new pattern of CEF logs.
2024-10-09	Enhancement: - Added support to parse the unparsed logs. - Changed mapping of "os_name" , "enforcement" ,and "AssetType" from "additional.fields" to "security_result.detection_fields".
2024-08-30	Enhancement: - Modified the Grok pattern to parse new log types. - Mapped "source.vm.name" to "principal.hostname". - Mapped "bucket_id", "policy_verdict", "network_profile", "source_process_hash", and "display_provider" to "security_result.detection_fields". - Mapped "display_type" to "principal.platform".
2024-04-19	Enhancement: - Added support for CEF logs.
2023-09-08	- Newly created parser.