Change log for BARRACUDA_EMAIL

Date	Changes
2024-05-28	Enhancement- - Mapped "attachments" to "additional.fields".
2024-01-08	Enhancement- - Mapped "recipients.action" to "security_result.action_details". - Mapped "recipients.email" to "network.email.to". - Mapped "recipients.delivery_detail", "recipients.reason", "recipients.taxonomy", "recipients.reason_extra" and "recipient.delivered" to "security_result.detection_fields". - Mapped "dst_domain" to "target.hostname". - Mapped "geoip" to "target.location.country_or_region".
2023-01-19	Bug-Fix- - Modified grok pattern to extract "subject" and mapped to "network.subject".
2022-12-16	Enhancement- - Added grok pattern for new logs. - Mapped "host" to "principal.hostname". - Mapped "product_log_id" to "metadata.product_log_id". - Mapped "network.application_protoco" to "SMTP" where process includes "smtp". - Mapped "sender_email" to "network.email.from". - Mapped "recipient_email" to "network.email.to". - Mapped "network.direction" to "INBOUND" where process includes "inbound". - Mapped "network.direction" to "OUTBOUND" where process includes "outbound". - Mapped "target_ip" to "target.ip". - Mapped "queue_id" to "security_result.detection_fields". - Mapped "security_result.action" to "ALLOW" where "action_code" are "0" or "7" and "service" are "RECV" or "SCAN". - Mapped "security_result.action" to "BLOCK" where "action_code" is "2" and "service" are "RECV" or "SCAN". - Mapped "security_result.action" to "QUARANTINE" where "action_code" is "3" and "service" are "RECV" or "SCAN".
2022-05-19	Enhancement-modified data extraction for email and hdr_from to improve parsing.