Change log for SAP_SM20

Date Changes
2025-07-07 - Added support for new pattern of SYSLOG logs.
- `event.idm.read_only_udm.network.session_id`: Newly mapped `session_id` raw log field with `event.idm.read_only_udm.network.session_id` UDM field.
- `event.idm.read_only_udm.target.application`: Newly mapped `application` raw log field with `event.idm.read_only_udm.target.application` UDM field.
- `event.idm.read_only_udm.target.resource.product_object_id`: Newly mapped `resource_id` raw log field with `event.idm.read_only_udm.target.resource.product_object_id` UDM field.
- `event.idm.read_only_udm.principal.hostname`: Newly mapped `hostname` raw log field with `event.idm.read_only_udm.principal.hostname` UDM field.
- `event.idm.read_only_udm.principal.asset.hostname`: Newly mapped `hostname` raw log field with `event.idm.read_only_udm.principal.asset.hostname` UDM field.
- `event.idm.read_only_udm.principal.ip`: Newly mapped `ip` raw log field with `event.idm.read_only_udm.principal.ip` UDM field.
- `event.idm.read_only_udm.principal.asset.ip`: Newly mapped `ip` raw log field with `event.idm.read_only_udm.principal.asset.ip` UDM field.
- `event.idm.read_only_udm.metadata.event_timestamp`: Newly mapped `date` raw log field with `event.idm.read_only_udm.metadata.event_timestamp` UDM field.
2024-04-16 - Mapped "ALGSYSTEM" to "principal.hostname" and "principal.asset.hostname".
2024-01-29 - Added support for newly ingested logs.
- Mapped "WP_PID" to "target.process.pid".
- Mapped "WP_SERVER" to "intermediary.hostname".
- Mapped "WP_STATUS" to "security_result.summary".
- Mapped "INSTANCE_NAME" to "principal.hostname" and "principal.asset.hostname".
- Mapped "TXSEVERITY" to "security_result.severity".
- Mapped "TXSUBCLSID" to "security_result.description".
- Mapped "ALGSYSTEM" to "principal.hostname" and "principal.asset.hostname".
- If "ALGLTERM" is an IP address, then mapped it to "target.ip" and "target.asset.ip", else mapped it to "target.hostname" and "target.asset.hostname".
- Mapped "ALGCLIENT" and "ALGINST" to "target.resource.attribute.labels".
- Mapped "ALGUSER" to "target.user.userid".
- Mapped "ALGTEXT" to "metadata.description".
- If "ALGTEXT" is nearly equals to "logon successful" and "has_principal" and "has_target" is equals to "true" then "metadata.event_type" is set to "USER_LOGIN".
- Mapped "WP_TYP", "ALGREPNA", "ALGAREA", "ALGFILENO", "ALGFILEPOS", "ALGSUBID", "UTCDIFF", "ALGTASKNO", "ALGTASKTYPE", "ALGTCODE" to "additional.fields".
2023-12-07 - Newly created parser.