Change log for IBM_ZSECURE_ALERT

Date Changes
2025-03-14 Newly created parser.
Supported log format: SYSLOG.
Mapped the following fields:
- `priority` to `security_result.detection_fields`
- `timestamp` to `metadata.event_timestamp`
- `hostname` to `principal.hostname` and `principal.asset.hostname`
- `app_name` to `target.application`
- `parameter` to `target.resource.attribute.labels`
- `class` to `target.resource.attribute.labels`
- `profile` to `target.resource.attribute.labels`
- `uacc` to `target.resource.attribute.labels`
- `parm` to `target.resource.attribute.labels`
- `action` to `security_result.action_details`
- `racf_user` to `target.resource.attribute.labels`
- `racf_name` to `target.resource.attribute.labels`
- `racfcmd` to `target.resource.attribute.labels`
- `dnsname` to `target.resource.attribute.labels`
- `volume` to `target.resource.attribute.labels`
- `poe` to `target.resource.attribute.labels`
- `resource` to `target.resource.attribute.labels`
- `granted` to `additional.fields`
- `allowed` to `additional.fields`
- `intent` to `additional.fields`
- `userid` to `principal.user.userid`
- `name` to `principal.user.user_display_name`
- `jobname` to `additional.fields`
- `system` to `additional.fields`
- `attempts` to `additional.fields`
- `terminal` to `principal.asset.attribute.labels`
- `srcip` to `principal.ip` and `principal.asset.ip`
- `msg` to `security_result.description`
- `mesg` to `security_result.detection_fields`
- `wto_msg` to `security_result.detection_fields`
- `desc` to `security_result.detection_fields`
- `svcno` to `target.resource.attribute.labels`
- `esrno` to `target.resource.attribute.labels`
- `curr_address` to `target.resource.attribute.labels`
- `curr_apf` to `target.resource.attribute.labels`
- `unix_path` to `target.file.full_path`
- Set `event_type` to `USER_RESOURCE_ACCESS` if principal, target and action are present.
- Set `event_type` to `STATUS_UPDATE` if only principal is present.
- Set `event_type` to `GENERIC_EVENT` if none of the above conditions are met.