Change log for VARONIS

Date Changes
2025-02-06 - Added a new Grok pattern for "LEEF" log type.
- Mapped "description" to "metadata.description".
- Mapped "usrName" to "principal.user.userid".
- Mapped "Event_Type" to "metadata.product_event_type".
- Mapped "domain" to "prinicipal.administrative_domain".
- Mapped "proto", "cat", "Event_Additional_Data", "Event_Status", "Email_Attachment_Name", "Email_Date", "Account_of_Changed_Permissions", "Permissions_Changes", "Permissions_before_Change", and "Permissions_after_Change" to "additional.fields".
- Mapped "Affected_Object_Path" to "taregt.file.full_path".
- Mapped "Affected_Object" to "security_result.detection_fields".
- Mapped "src" to "principal.ip" and "principal.assest.ip".
- Mapped "Alert_ID" to "security_result.rule_id".
- Mapped "Email_Recipients" to "network.email.to".
- Mapped "Email_Item", "Mailbox_Access_by_Owner", "Threshold_Value", "Threshold_First_Timestamp", "Event_by_MailboxOwner", and "Email_Sender" to "additional.fields".
- Mapped "Email_Sender" to "network.email.from".
- Mapped "accountName" to "target.user.userid".
- Mapped "Device_Name" to "taregt.hostname" and taregt.asset.hostname".
- Mapped "Event_Type_ID" to "metadata.product_log_id".
- Mapped "Event_File_Server_Domain" to "target.administrative_domain".
- Mapped "Alert_Page_URL" to "taregt.url".
- Mapped "devTime" to "metadata.event_timestamp".
- Mapped "sev" to "security_result.severity".
2022-10-08 - Added grok pattern for "LEEF" log type.
- Mapped "severity" to "security_result.severity".
- Mapped "device_version" to "metadata.product_version".
- Mapped "administrative_domain" to "target.administrative_domain"
- Added conditional check for "intermediary_host".
2022-10-07 Bug-Fix:
- Mapped "rt" to "metadata.event_timestamp" if "rt" is not null.