Change log for BLOXONE

Date Changes
2024-12-02 Enhancement:
- If "raw.app" is a valid application_protocol value, it is mapped to "network.application_protocol".
2024-06-18 Enhancement:
- Added support to handle CEF logs.
2024-01-18 Enhancement:
- Added a Grok pattern to parse unparsed logs.
- Mapped "network" to "principal.hostname", and "principal.asset.hostname".
- Mapped "device" to "principal.ip", and "principal.asset.ip".
- Mapped "rip" to "target.ip", and "target.asset.ip".
- Mapped "mac_address" to "principal.mac".
- Mapped "country" to "principal.location.name".
- Mapped "os_version" to "principal.platform_version".
- Mapped "app_name" to "principal.application".
- Mapped "user" to "principal.user.user_display_name".
- Mapped "feed_type" to "principal.resource.attribute.labels".
- Mapped "feed_name" to "principal.resource.name", and "principal.resource.resource_subtype".
- Mapped "policy_action" to "security_result.action_details".
- Mapped "endpoint_groups", "user_groups", "dns_view", "dhcp_fingerprint", "policy_name", "tclass", "tproperty", "threat_indicator", "category", and "rcode" to "security_result.detection_fields".
- Mapped "app_category" to "security_result.category_details".
- Mapped "confidence" to "security_result.confidence".
- Mapped "severity" to "security_result.severity".
- Mapped "qname" to "questions.name".
- Mapped "rdata" to "dns.answers".
2023-03-07 Newly created parser.